Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3138352e32392e3136342e302f32342d3234203d3e20343031313633.roa
File: 3138352e32392e3136342e302f32342d3234203d3e20343031313633.roa (raw, json)
Hash identifier: YKazVUncXhU+rhAky5HNB58JEjbYGPWp2M77cxMkEiA=
Subject key identifier: 22:AC:1E:C1:89:68:9E:D5:B2:B8:89:3F:D1:53:9D:76:B3:03:1C:24
Certificate issuer: /CN=048af665bf8b186b70220759d26c578f40b5f3e3
Certificate serial: 82A3478FE6134D0CF9A0812826A9A904B21E4D
Authority key identifier: 04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3138352e32392e3136342e302f32342d3234203d3e20343031313633.roa
Signing time: Mon 18 Aug 2025 18:42:34 +0000
ROA not before: Mon 18 Aug 2025 18:37:34 +0000
ROA not after: Mon 17 Aug 2026 18:42:34 +0000
asID: 401163
IP address blocks: 185.29.164.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.mft
rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 13:57:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
82:a3:47:8f:e6:13:4d:0c:f9:a0:81:28:26:a9:a9:04:b2:1e:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048af665bf8b186b70220759d26c578f40b5f3e3
Validity
Not Before: Aug 18 18:37:34 2025 GMT
Not After : Aug 17 18:42:34 2026 GMT
Subject: CN=22AC1EC189689ED5B2B8893FD1539D76B3031C24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:53:b7:2f:e2:1a:f1:9b:39:34:b9:19:50:d2:
16:04:fe:ff:50:ba:d5:4f:1f:9c:ad:15:c3:7a:24:
92:65:cd:0c:f7:e6:a1:71:c6:80:83:28:86:b7:67:
ba:3e:f3:f4:0b:54:cb:6e:20:4f:1a:94:62:52:ba:
de:c6:b8:10:22:7a:4d:6d:e7:02:e3:f0:ce:79:fb:
e7:de:b9:91:a9:79:49:e4:21:f9:05:2f:7c:b4:69:
64:cf:d5:bd:ed:c7:6f:f6:3f:4a:9e:6f:57:ca:71:
fa:33:e7:33:76:cf:02:ac:7d:f7:d6:2b:9c:5e:c9:
4d:da:60:a4:68:ca:d8:c1:da:86:5f:2e:e8:14:fe:
a5:21:56:df:c3:16:81:20:13:bc:b0:22:8c:1b:1e:
f3:fc:92:4a:17:fa:9d:11:70:e0:69:53:78:06:91:
9d:c5:e0:e0:94:b6:4d:9c:b9:2b:d5:87:bf:a2:6a:
41:b3:80:b8:ca:03:5e:b1:91:b8:5a:0f:3a:8e:65:
93:df:e5:12:47:e1:e5:a2:5e:97:52:9c:46:29:16:
a8:8f:6a:8d:61:8f:44:91:df:e0:f2:e6:f8:b0:eb:
55:89:ab:ef:ec:fd:94:c8:49:14:3b:b2:1c:52:e6:
c3:29:77:4f:f9:41:e4:01:11:39:0c:69:04:4f:45:
08:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:AC:1E:C1:89:68:9E:D5:B2:B8:89:3F:D1:53:9D:76:B3:03:1C:24
X509v3 Authority Key Identifier:
keyid:04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3138352e32392e3136342e302f32342d3234203d3e20343031313633.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.29.164.0/24
Signature Algorithm: sha256WithRSAEncryption
54:db:ec:d2:2c:f4:da:a6:38:de:5f:b8:e5:51:fc:7e:2d:9b:
63:3c:3b:78:91:bf:0d:03:a6:65:ac:3d:9f:0e:06:15:97:c9:
75:be:a8:81:02:be:d3:5a:e9:ac:f4:9f:b7:a4:f5:13:13:19:
d8:84:84:c1:8c:b1:50:1a:93:1e:1c:09:28:2c:48:f0:fe:b0:
d9:2a:dd:71:6a:30:24:5b:35:b7:dc:90:36:79:e5:e9:f1:6b:
a2:e2:e8:39:a8:ce:0b:82:9e:71:04:27:62:ac:d2:46:7f:66:
5b:53:be:e2:01:12:c1:63:17:ef:7d:72:11:1c:e8:71:9d:b8:
5d:5f:20:ff:b0:4b:25:ca:02:8a:97:be:db:23:89:59:48:88:
8d:3c:4f:af:89:8a:fd:b2:83:ea:d0:fd:0d:35:0e:44:70:16:
44:b2:7f:b7:c0:0a:9c:0e:da:8b:d2:64:ff:3d:a1:29:ba:10:
18:f4:97:70:08:95:f1:c2:58:80:c5:10:20:2d:5e:5e:e8:b9:
51:69:d4:5b:b4:37:39:ee:14:db:69:ce:eb:03:d6:9a:54:fb:
7c:a6:8d:10:ec:50:7d:55:1c:a0:07:ee:f8:b1:22:c9:d5:70:
13:30:2e:42:b6:92:b0:1f:42:95:33:d6:7b:04:a5:1d:ff:be:
48:73:ac:13
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUAIKjR4/mE00M+aCBKCapqQSyHk0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDQ4YWY2NjViZjhiMTg2YjcwMjIwNzU5ZDI2YzU3OGY0
MGI1ZjNlMzAeFw0yNTA4MTgxODM3MzRaFw0yNjA4MTcxODQyMzRaMDMxMTAvBgNV
BAMTKDIyQUMxRUMxODk2ODlFRDVCMkI4ODkzRkQxNTM5RDc2QjMwMzFDMjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwU7cv4hrxmzk0uRlQ0hYE/v9Q
utVPH5ytFcN6JJJlzQz35qFxxoCDKIa3Z7o+8/QLVMtuIE8alGJSut7GuBAiek1t
5wLj8M55++feuZGpeUnkIfkFL3y0aWTP1b3tx2/2P0qeb1fKcfoz5zN2zwKsfffW
K5xeyU3aYKRoytjB2oZfLugU/qUhVt/DFoEgE7ywIowbHvP8kkoX+p0RcOBpU3gG
kZ3F4OCUtk2cuSvVh7+iakGzgLjKA16xkbhaDzqOZZPf5RJH4eWiXpdSnEYpFqiP
ao1hj0SR3+Dy5viw61WJq+/s/ZTISRQ7shxS5sMpd0/5QeQBETkMaQRPRQjPAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUIqwewYlontWyuIk/0VOddrMDHCQwHwYDVR0j
BBgwFoAUBIr2Zb+LGGtwIgdZ0mxXj0C18+MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODJhOWJmNWItMzljMS00MDUwLWIwNzMtNDgwNzViODYx
ZDg3LzAvMDQ4QUY2NjVCRjhCMTg2QjcwMjIwNzU5RDI2QzU3OEY0MEI1RjNFMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0JJcjJaYi1MR0d0d0lnZFowbXhYajBD
MTgtTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODJhOWJmNWIt
MzljMS00MDUwLWIwNzMtNDgwNzViODYxZDg3LzAvMzEzODM1MmUzMjM5MmUzMTM2
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMwMzEzMTM2MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5HaQwDQYJKoZIhvcNAQELBQADggEBAFTb7NIs9NqmON5fuOVR/H4tm2M8O3iR
vw0DpmWsPZ8OBhWXyXW+qIECvtNa6az0n7ek9RMTGdiEhMGMsVAakx4cCSgsSPD+
sNkq3XFqMCRbNbfckDZ55enxa6Li6DmozguCnnEEJ2Ks0kZ/ZltTvuIBEsFjF+99
chEc6HGduF1fIP+wSyXKAoqXvtsjiVlIiI08T6+Jiv2yg+rQ/Q01DkRwFkSyf7fA
CpwO2ovSZP89oSm6EBj0l3AIlfHCWIDFECAtXl7ouVFp1Fu0NznuFNtpzusD1ppU
+3ymjRDsUH1VHKAH7vixIsnVcBMwLkK2krAfQpUz1nsEpR3/vkhzrBM=
-----END CERTIFICATE-----
Generated at Thu Aug 21 05:02:00 2025 by rpki-client