Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/3138352e3139302e3232382e302f32332d3234203d3e203332313332.roa
File: 3138352e3139302e3232382e302f32332d3234203d3e203332313332.roa (raw, json)
Hash identifier: jVr1HOM/vAQFN9/2YcEKEGs7D1zQDrdtbTvacM//wP0=
Subject key identifier: 35:BC:92:8E:F9:70:AC:A5:45:D7:4A:84:79:12:25:6A:0E:4E:FE:17
Certificate issuer: /CN=78d65d4a22df705beed7b3432fbe48a356597724
Certificate serial: 4644DD8BDAA8DD10980C1E07D96A21274128EC03
Authority key identifier: 78:D6:5D:4A:22:DF:70:5B:EE:D7:B3:43:2F:BE:48:A3:56:59:77:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eNZdSiLfcFvu17NDL75Io1ZZdyQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/3138352e3139302e3232382e302f32332d3234203d3e203332313332.roa
Signing time: Mon 10 Nov 2025 14:49:46 +0000
ROA not before: Mon 10 Nov 2025 14:44:46 +0000
ROA not after: Mon 09 Nov 2026 14:49:46 +0000
asID: 32132
IP address blocks: 185.190.228.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/78D65D4A22DF705BEED7B3432FBE48A356597724.crl
rsync://rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/78D65D4A22DF705BEED7B3432FBE48A356597724.mft
rsync://rpki.ripe.net/repository/DEFAULT/eNZdSiLfcFvu17NDL75Io1ZZdyQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Nov 2025 17:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:44:dd:8b:da:a8:dd:10:98:0c:1e:07:d9:6a:21:27:41:28:ec:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78d65d4a22df705beed7b3432fbe48a356597724
Validity
Not Before: Nov 10 14:44:46 2025 GMT
Not After : Nov 9 14:49:46 2026 GMT
Subject: CN=35BC928EF970ACA545D74A847912256A0E4EFE17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:7b:43:d8:4e:91:55:04:e6:cd:71:33:61:6c:
53:52:11:57:38:f5:49:8e:e4:f4:44:b5:18:07:60:
99:98:d9:d4:d5:a2:ed:92:76:c9:b0:36:e7:b9:e7:
5b:ed:02:1d:d3:b2:37:c4:61:66:87:55:ef:66:60:
45:8f:2d:a3:70:ea:c8:33:09:09:38:9a:52:a2:6d:
23:38:9a:97:71:80:03:2a:6f:41:e1:7e:ef:19:ff:
40:1a:05:ee:a0:4d:e6:75:0d:1c:96:02:12:8d:df:
62:6e:ba:b5:e5:4a:51:ca:8b:1b:f6:ef:0e:c8:8b:
3c:59:64:ee:bf:73:b1:41:25:18:4b:c5:eb:83:4c:
24:6e:d3:e4:ef:73:51:6c:24:08:d0:f7:9f:0f:e0:
77:5c:c1:1e:7a:58:c0:73:43:81:f1:36:b6:8c:c1:
c2:1e:d2:33:89:fa:f0:76:4f:1c:20:bd:07:c5:92:
30:24:14:89:55:46:3c:ba:d7:c1:74:bc:c2:3a:3c:
91:1c:00:60:ac:b5:15:48:1f:e4:34:70:4d:fd:76:
4d:65:d6:d5:74:d3:79:dd:43:5b:03:52:85:e6:42:
40:9b:06:12:22:c4:cb:22:07:cc:a4:d6:79:3a:53:
fc:ee:d6:33:14:54:54:c8:91:21:0c:ac:92:87:36:
ed:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:BC:92:8E:F9:70:AC:A5:45:D7:4A:84:79:12:25:6A:0E:4E:FE:17
X509v3 Authority Key Identifier:
keyid:78:D6:5D:4A:22:DF:70:5B:EE:D7:B3:43:2F:BE:48:A3:56:59:77:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/78D65D4A22DF705BEED7B3432FBE48A356597724.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eNZdSiLfcFvu17NDL75Io1ZZdyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/3138352e3139302e3232382e302f32332d3234203d3e203332313332.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.228.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:fb:cc:36:bc:0e:2f:11:6d:7a:bc:50:aa:12:98:51:33:a2:
a2:68:01:48:c8:6a:04:40:3d:8b:2e:6f:af:d4:8d:28:68:04:
fd:2f:02:00:84:41:4a:bf:6a:0a:2c:ca:5d:4b:11:56:26:a8:
d2:b6:49:52:e9:f4:f6:ca:04:e9:5c:f7:d2:4c:2e:f4:3f:60:
66:a3:52:72:ac:05:d4:57:1d:2e:15:94:ea:3c:4e:30:e7:9a:
ad:aa:c2:49:ed:46:f3:74:a7:b6:12:97:46:48:bf:27:25:14:
03:0b:20:a2:7f:33:9b:47:6e:23:a6:67:eb:3a:a3:1f:98:a3:
c7:bc:5d:95:6c:30:d8:39:0b:83:7e:59:23:ad:9b:09:b5:dd:
2f:a1:bc:e6:f9:d3:46:4a:e7:ff:bb:a7:4a:43:4b:3d:7e:7a:
8d:cc:c4:86:a2:02:bf:14:20:40:66:1f:70:c2:1f:be:99:2d:
8a:22:44:50:db:5b:ba:28:c7:dd:4f:d7:a0:43:17:85:d6:00:
30:52:79:74:5b:df:67:8a:a2:51:b9:72:77:c7:27:a3:77:3d:
15:05:75:b0:24:0a:04:66:78:8b:c3:84:bb:1c:89:ca:b1:f0:
4f:71:58:fd:9e:24:7c:8a:bf:06:c2:db:0a:51:9d:ef:69:54:
28:82:38:f4
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIURkTdi9qo3RCYDB4H2WohJ0Eo7AMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzhkNjVkNGEyMmRmNzA1YmVlZDdiMzQzMmZiZTQ4YTM1
NjU5NzcyNDAeFw0yNTExMTAxNDQ0NDZaFw0yNjExMDkxNDQ5NDZaMDMxMTAvBgNV
BAMTKDM1QkM5MjhFRjk3MEFDQTU0NUQ3NEE4NDc5MTIyNTZBMEU0RUZFMTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDde0PYTpFVBObNcTNhbFNSEVc4
9UmO5PREtRgHYJmY2dTVou2SdsmwNue551vtAh3TsjfEYWaHVe9mYEWPLaNw6sgz
CQk4mlKibSM4mpdxgAMqb0Hhfu8Z/0AaBe6gTeZ1DRyWAhKN32JuurXlSlHKixv2
7w7IizxZZO6/c7FBJRhLxeuDTCRu0+Tvc1FsJAjQ958P4HdcwR56WMBzQ4HxNraM
wcIe0jOJ+vB2TxwgvQfFkjAkFIlVRjy618F0vMI6PJEcAGCstRVIH+Q0cE39dk1l
1tV003ndQ1sDUoXmQkCbBhIixMsiB8yk1nk6U/zu1jMUVFTIkSEMrJKHNu3TAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUNbySjvlwrKVF10qEeRIlag5O/hcwHwYDVR0j
BBgwFoAUeNZdSiLfcFvu17NDL75Io1ZZdyQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNWFkMTUtYWYwYi00NWNkLWI4ODMtMWEwNThmYTBl
YmExLzAvNzhENjVENEEyMkRGNzA1QkVFRDdCMzQzMkZCRTQ4QTM1NjU5NzcyNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2VOWmRTaUxmY0Z2dTE3TkRMNzVJbzFa
WmR5US5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNWFkMTUt
YWYwYi00NWNkLWI4ODMtMWEwNThmYTBlYmExLzAvMzEzODM1MmUzMTM5MzAyZTMy
MzIzODJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDMzMzIzMTMzMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG5vuQwDQYJKoZIhvcNAQELBQADggEBAF37zDa8Di8RbXq8UKoSmFEzoqJoAUjI
agRAPYsub6/UjShoBP0vAgCEQUq/agosyl1LEVYmqNK2SVLp9PbKBOlc99JMLvQ/
YGajUnKsBdRXHS4VlOo8TjDnmq2qwkntRvN0p7YSl0ZIvyclFAMLIKJ/M5tHbiOm
Z+s6ox+Yo8e8XZVsMNg5C4N+WSOtmwm13S+hvOb500ZK5/+7p0pDSz1+eo3MxIai
Ar8UIEBmH3DCH76ZLYoiRFDbW7oox91P16BDF4XWADBSeXRb32eKolG5cnfHJ6N3
PRUFdbAkCgRmeIvDhLscicqx8E9xWP2eJHyKvwbC2wpRne9pVCiCOPQ=
-----END CERTIFICATE-----
Generated at Fri Nov 14 06:39:09 2025 by rpki-client