Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/3138352e3139302e3233302e302f32332d3234203d3e203332313332.roa
File: 3138352e3139302e3233302e302f32332d3234203d3e203332313332.roa (raw, json)
Hash identifier: D/AQHHqsr3DH8BuA4T1f3ZqgZCllsj6qwwELBOIBAuw=
Subject key identifier: BE:51:9F:2C:9F:1B:B0:7F:4F:DF:41:CC:FC:B5:54:39:39:38:A3:DF
Certificate issuer: /CN=78d65d4a22df705beed7b3432fbe48a356597724
Certificate serial: 0D6A7C18020FB03DC2779366651C700E912029A6
Authority key identifier: 78:D6:5D:4A:22:DF:70:5B:EE:D7:B3:43:2F:BE:48:A3:56:59:77:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eNZdSiLfcFvu17NDL75Io1ZZdyQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/3138352e3139302e3233302e302f32332d3234203d3e203332313332.roa
Signing time: Thu 13 Nov 2025 13:22:16 +0000
ROA not before: Thu 13 Nov 2025 13:17:16 +0000
ROA not after: Thu 12 Nov 2026 13:22:16 +0000
asID: 32132
IP address blocks: 185.190.230.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/78D65D4A22DF705BEED7B3432FBE48A356597724.crl
rsync://rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/78D65D4A22DF705BEED7B3432FBE48A356597724.mft
rsync://rpki.ripe.net/repository/DEFAULT/eNZdSiLfcFvu17NDL75Io1ZZdyQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Nov 2025 17:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:6a:7c:18:02:0f:b0:3d:c2:77:93:66:65:1c:70:0e:91:20:29:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78d65d4a22df705beed7b3432fbe48a356597724
Validity
Not Before: Nov 13 13:17:16 2025 GMT
Not After : Nov 12 13:22:16 2026 GMT
Subject: CN=BE519F2C9F1BB07F4FDF41CCFCB554393938A3DF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:47:ab:21:e6:e9:ee:da:e4:24:98:43:23:4f:
4c:a1:99:33:9f:12:fa:a4:bc:aa:32:e3:27:73:8f:
4e:d9:94:70:6c:c3:ba:5d:94:b2:97:a9:13:3f:ac:
76:2d:61:e3:a0:54:10:fc:51:62:73:50:fa:86:ed:
8f:21:77:89:7c:f4:01:28:75:f1:2c:31:14:d6:2b:
58:8d:72:f6:f2:c0:d0:76:88:eb:90:19:fd:a5:f5:
f8:76:ed:ca:c3:d8:e8:6e:fa:a9:e5:04:28:87:e0:
1b:03:af:bd:2e:09:ce:43:4b:ab:30:f3:c1:15:4a:
0f:2f:bf:25:49:85:73:4e:3f:d3:d8:5d:a6:55:7e:
df:5c:60:b4:03:eb:0d:73:e9:43:99:3e:2b:55:17:
84:f2:72:e0:09:16:cd:70:73:fd:22:85:ad:1e:c9:
6d:99:01:f6:86:41:ef:9f:e6:8e:6e:06:28:d9:bb:
bb:3a:e4:a6:c7:1a:04:88:da:20:c3:d1:a5:36:30:
70:d9:85:22:8d:b7:50:48:7e:ec:be:ce:69:2d:96:
52:79:b3:2f:4d:67:a5:b9:81:45:d4:04:d5:da:fe:
0f:5a:da:5c:ba:b9:c7:45:1e:ee:bd:99:64:81:8d:
b8:04:da:a0:06:56:82:bb:a4:14:d5:51:b5:a9:f7:
f3:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:51:9F:2C:9F:1B:B0:7F:4F:DF:41:CC:FC:B5:54:39:39:38:A3:DF
X509v3 Authority Key Identifier:
keyid:78:D6:5D:4A:22:DF:70:5B:EE:D7:B3:43:2F:BE:48:A3:56:59:77:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/78D65D4A22DF705BEED7B3432FBE48A356597724.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eNZdSiLfcFvu17NDL75Io1ZZdyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/3138352e3139302e3233302e302f32332d3234203d3e203332313332.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.230.0/23
Signature Algorithm: sha256WithRSAEncryption
10:4b:b1:f1:ec:68:bb:a6:93:26:5e:0f:f0:20:e3:e1:01:de:
44:75:23:65:40:ba:93:22:60:b9:26:02:3e:46:d7:07:9c:c6:
18:75:71:ee:ac:ce:76:dd:13:c6:cd:1e:43:c0:86:49:9f:cc:
30:a3:d4:26:db:76:48:3e:df:a2:df:74:ec:38:20:4f:bb:90:
92:55:38:c3:7c:6b:c2:73:26:38:f0:45:ae:70:02:49:29:26:
aa:63:0a:a0:bc:c1:bf:b9:47:ee:53:a3:bd:12:93:f4:79:ed:
67:5d:e1:2c:32:ff:47:ba:e5:be:2f:e1:94:ff:49:69:14:3f:
37:bf:71:1d:0a:20:25:90:c4:b5:e1:cb:05:7b:41:f4:fa:36:
a5:64:c8:c5:35:14:c3:3d:be:ca:1c:48:c7:a7:ba:f8:fe:06:
a4:c7:fe:e6:47:f3:b2:1c:00:b4:b1:0a:ed:59:85:a3:bb:ea:
ac:37:8a:ab:b9:2c:e8:c1:f1:c6:91:89:c3:37:b2:21:fc:75:
3c:1a:d1:8f:59:91:8a:dc:51:06:75:6a:cf:49:ff:8c:78:4f:
7f:23:b3:fc:7c:e7:44:71:28:b5:54:6c:b8:56:45:04:73:56:
40:6b:89:2d:03:24:1e:62:68:a2:62:f5:65:8c:79:77:51:87:
7c:84:ee:89
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUDWp8GAIPsD3Cd5NmZRxwDpEgKaYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzhkNjVkNGEyMmRmNzA1YmVlZDdiMzQzMmZiZTQ4YTM1
NjU5NzcyNDAeFw0yNTExMTMxMzE3MTZaFw0yNjExMTIxMzIyMTZaMDMxMTAvBgNV
BAMTKEJFNTE5RjJDOUYxQkIwN0Y0RkRGNDFDQ0ZDQjU1NDM5MzkzOEEzREYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzR6sh5unu2uQkmEMjT0yhmTOf
EvqkvKoy4ydzj07ZlHBsw7pdlLKXqRM/rHYtYeOgVBD8UWJzUPqG7Y8hd4l89AEo
dfEsMRTWK1iNcvbywNB2iOuQGf2l9fh27crD2Ohu+qnlBCiH4BsDr70uCc5DS6sw
88EVSg8vvyVJhXNOP9PYXaZVft9cYLQD6w1z6UOZPitVF4TycuAJFs1wc/0iha0e
yW2ZAfaGQe+f5o5uBijZu7s65KbHGgSI2iDD0aU2MHDZhSKNt1BIfuy+zmktllJ5
sy9NZ6W5gUXUBNXa/g9a2ly6ucdFHu69mWSBjbgE2qAGVoK7pBTVUbWp9/PLAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUvlGfLJ8bsH9P30HM/LVUOTk4o98wHwYDVR0j
BBgwFoAUeNZdSiLfcFvu17NDL75Io1ZZdyQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNWFkMTUtYWYwYi00NWNkLWI4ODMtMWEwNThmYTBl
YmExLzAvNzhENjVENEEyMkRGNzA1QkVFRDdCMzQzMkZCRTQ4QTM1NjU5NzcyNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2VOWmRTaUxmY0Z2dTE3TkRMNzVJbzFa
WmR5US5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNWFkMTUt
YWYwYi00NWNkLWI4ODMtMWEwNThmYTBlYmExLzAvMzEzODM1MmUzMTM5MzAyZTMy
MzMzMDJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDMzMzIzMTMzMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG5vuYwDQYJKoZIhvcNAQELBQADggEBABBLsfHsaLumkyZeD/Ag4+EB3kR1I2VA
upMiYLkmAj5G1wecxhh1ce6sznbdE8bNHkPAhkmfzDCj1Cbbdkg+36LfdOw4IE+7
kJJVOMN8a8JzJjjwRa5wAkkpJqpjCqC8wb+5R+5To70Sk/R57Wdd4Swy/0e65b4v
4ZT/SWkUPze/cR0KICWQxLXhywV7QfT6NqVkyMU1FMM9vsocSMenuvj+BqTH/uZH
87IcALSxCu1ZhaO76qw3iqu5LOjB8caRicM3siH8dTwa0Y9ZkYrcUQZ1as9J/4x4
T38js/x850RxKLVUbLhWRQRzVkBriS0DJB5iaKJi9WWMeXdRh3yE7ok=
-----END CERTIFICATE-----
Generated at Fri Nov 14 06:40:04 2025 by rpki-client