Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3235312e302f32342d3234203d3e20313338383838.roa
File: 3138352e3231332e3235312e302f32342d3234203d3e20313338383838.roa (raw, json)
Hash identifier: u9k1CEDVyAGe8je2Y99pF+EO5LdgGSTfU7yFr7GEyGA=
Subject key identifier: 20:EE:FA:C1:D6:FE:FB:2C:9F:53:D3:7A:EB:A3:F5:B0:0E:B0:5B:62
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 4BEEA167DEAFE92375D75C040678CA3858CE076C
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3235312e302f32342d3234203d3e20313338383838.roa
Signing time: Wed 27 Aug 2025 09:58:57 +0000
ROA not before: Wed 27 Aug 2025 09:53:57 +0000
ROA not after: Wed 26 Aug 2026 09:58:57 +0000
asID: 138888
IP address blocks: 185.213.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Sep 2025 21:57:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:ee:a1:67:de:af:e9:23:75:d7:5c:04:06:78:ca:38:58:ce:07:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Aug 27 09:53:57 2025 GMT
Not After : Aug 26 09:58:57 2026 GMT
Subject: CN=20EEFAC1D6FEFB2C9F53D37AEBA3F5B00EB05B62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f4:29:67:3e:cd:d3:6d:d9:7a:7d:6b:77:25:
08:a6:e5:d8:f0:f7:a9:e7:10:20:ce:f5:84:d9:3a:
de:05:a0:b0:32:50:6e:c7:5f:89:2e:c9:1e:66:f1:
0e:79:33:b0:d4:83:df:47:85:fe:c9:e2:cd:56:57:
b6:b0:04:cf:f9:5e:90:52:01:8c:59:78:73:25:c3:
a9:1a:16:73:08:3c:ca:f0:09:fd:d8:e6:7a:a3:ea:
0a:7d:a9:58:b5:fa:83:b5:15:29:37:64:cf:bc:b5:
2f:1a:32:81:84:f2:97:41:1d:8f:99:f6:67:d1:ee:
96:16:23:b0:ee:83:9b:7d:03:a5:1e:87:a6:c2:bd:
72:ea:db:31:62:42:8f:de:3f:9c:8a:c8:c9:8a:c4:
0d:cf:72:40:38:ad:20:51:07:19:33:9b:4d:cf:66:
df:69:aa:5f:1d:29:e3:80:89:60:98:b4:cf:fe:f1:
a2:84:f4:c4:c1:90:41:fc:19:a2:3e:0b:42:da:9f:
d2:c9:2e:35:4d:16:ca:5a:a1:89:ab:85:7b:b6:47:
c4:9d:a5:c3:a9:46:0a:0a:04:b4:05:7c:06:3c:bb:
a8:57:c6:97:11:18:ed:83:6a:18:6d:4a:47:3b:5f:
73:bc:ed:06:3a:92:01:83:50:99:ad:2f:1f:4e:09:
de:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:EE:FA:C1:D6:FE:FB:2C:9F:53:D3:7A:EB:A3:F5:B0:0E:B0:5B:62
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3235312e302f32342d3234203d3e20313338383838.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.251.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:8e:22:5a:8c:e9:07:44:f9:06:f4:4c:0c:da:7c:61:c9:94:
cd:c3:85:ba:7c:9d:36:8e:14:cf:95:e7:6a:02:0c:93:8b:07:
48:0c:3e:64:56:ef:b5:4e:08:7b:78:bb:dd:98:d6:0f:95:04:
ef:fc:9c:dd:86:ed:d2:20:fb:0a:2c:1e:47:86:0d:36:10:a8:
69:55:ed:bb:74:cc:12:eb:72:6d:3f:01:6e:74:fa:fd:0a:07:
c3:7d:b3:ab:20:c7:0f:b0:2e:68:91:84:81:4e:f8:87:34:22:
9d:6b:a4:18:59:35:fb:89:5b:c9:96:f0:d0:5e:aa:28:31:da:
e0:bb:d3:86:22:42:35:08:e6:3f:9a:2c:36:9f:84:d5:35:0c:
f3:87:e6:38:20:36:95:88:25:63:23:50:b1:58:27:98:f3:d9:
d0:51:80:01:e8:c6:bd:a2:8f:a3:f1:40:79:19:54:ba:f7:aa:
d8:ac:8b:0b:ff:0f:e0:4b:a9:35:3a:83:4d:c5:14:8d:ae:3f:
87:b3:52:6c:63:c8:c0:9a:93:e0:54:63:87:c2:b9:0b:34:f0:
66:9f:28:f9:29:c0:25:66:1e:50:bc:23:31:fe:47:95:1d:a8:
e9:be:dc:09:30:f7:c1:0c:72:c0:e1:49:6a:38:20:32:25:a9:
bd:84:e5:8c
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUS+6hZ96v6SN111wEBnjKOFjOB2wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNTA4MjcwOTUzNTdaFw0yNjA4MjYwOTU4NTdaMDMxMTAvBgNV
BAMTKDIwRUVGQUMxRDZGRUZCMkM5RjUzRDM3QUVCQTNGNUIwMEVCMDVCNjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCF9ClnPs3Tbdl6fWt3JQim5djw
96nnECDO9YTZOt4FoLAyUG7HX4kuyR5m8Q55M7DUg99Hhf7J4s1WV7awBM/5XpBS
AYxZeHMlw6kaFnMIPMrwCf3Y5nqj6gp9qVi1+oO1FSk3ZM+8tS8aMoGE8pdBHY+Z
9mfR7pYWI7Dug5t9A6Ueh6bCvXLq2zFiQo/eP5yKyMmKxA3PckA4rSBRBxkzm03P
Zt9pql8dKeOAiWCYtM/+8aKE9MTBkEH8GaI+C0Lan9LJLjVNFspaoYmrhXu2R8Sd
pcOpRgoKBLQFfAY8u6hXxpcRGO2DahhtSkc7X3O87QY6kgGDUJmtLx9OCd7PAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUIO76wdb++yyfU9N666P1sA6wW2IwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzODM1MmUzMjMxMzMyZTMy
MzUzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzODM4MzgzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnV+zANBgkqhkiG9w0BAQsFAAOCAQEAfo4iWozpB0T5BvRMDNp8YcmUzcOF
unydNo4Uz5XnagIMk4sHSAw+ZFbvtU4Ie3i73ZjWD5UE7/yc3Ybt0iD7CiweR4YN
NhCoaVXtu3TMEutybT8BbnT6/QoHw32zqyDHD7AuaJGEgU74hzQinWukGFk1+4lb
yZbw0F6qKDHa4LvThiJCNQjmP5osNp+E1TUM84fmOCA2lYglYyNQsVgnmPPZ0FGA
AejGvaKPo/FAeRlUuveq2KyLC/8P4EupNTqDTcUUja4/h7NSbGPIwJqT4FRjh8K5
CzTwZp8o+SnAJWYeULwjMf5HlR2o6b7cCTD3wQxywOFJajggMiWpvYTljA==
-----END CERTIFICATE-----
Generated at Tue Sep 16 07:57:01 2025 by rpki-client