
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/3138352e322e3230372e302f32342d3234203d3e203531303539.roa
File: 3138352e322e3230372e302f32342d3234203d3e203531303539.roa (raw, json)
Hash identifier: qJwnVkbZQ0t6fnGyKN6cNCMCxJQWbGimR0QoYNVRTio=
Subject key identifier: 43:6C:91:11:F7:29:72:D2:7B:B3:3F:D7:52:AE:21:DA:53:3C:3A:36
Certificate issuer: /CN=4502e63ce01cad239ac397bc2bb5e6c347dceeea
Certificate serial: 7BB9C2740E4FF31DD147EFBECD42E8BA44134BCA
Authority key identifier: 45:02:E6:3C:E0:1C:AD:23:9A:C3:97:BC:2B:B5:E6:C3:47:DC:EE:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RQLmPOAcrSOaw5e8K7Xmw0fc7uo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/3138352e322e3230372e302f32342d3234203d3e203531303539.roa
Signing time: Tue 09 Sep 2025 10:51:11 +0000
ROA not before: Tue 09 Sep 2025 10:46:11 +0000
ROA not after: Tue 08 Sep 2026 10:51:11 +0000
asID: 51059
IP address blocks: 185.2.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.crl
rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.mft
rsync://rpki.ripe.net/repository/DEFAULT/RQLmPOAcrSOaw5e8K7Xmw0fc7uo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Oct 2025 18:23:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:b9:c2:74:0e:4f:f3:1d:d1:47:ef:be:cd:42:e8:ba:44:13:4b:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4502e63ce01cad239ac397bc2bb5e6c347dceeea
Validity
Not Before: Sep 9 10:46:11 2025 GMT
Not After : Sep 8 10:51:11 2026 GMT
Subject: CN=436C9111F72972D27BB33FD752AE21DA533C3A36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c5:fe:70:dc:60:9d:b6:bd:02:03:9c:bc:24:
c5:02:b6:d7:e7:26:67:5c:59:9e:b2:20:05:ee:a5:
18:92:8e:6e:fd:87:cb:1d:8d:86:60:0c:19:73:ac:
ae:ed:ab:d6:be:18:33:04:f5:82:0f:51:96:fe:e9:
77:19:56:b0:e0:87:04:81:9f:fd:98:b4:04:4d:b0:
89:81:b0:99:72:a3:65:79:8f:b9:1f:99:f9:71:2f:
78:e2:b4:c4:8f:5f:af:b8:4d:39:20:a8:d6:91:30:
18:24:d8:20:3b:5f:9d:e2:e2:c4:27:58:ed:be:cc:
51:21:99:bd:10:dd:0e:d3:ea:1f:40:d9:93:6b:8f:
f8:a5:87:2e:6f:97:05:55:ee:cd:ff:4c:a2:41:a5:
c8:d6:d7:35:f2:37:f9:2d:05:ee:5f:44:f8:a0:2e:
0d:42:1d:9f:43:05:1a:9a:f1:0f:8b:cb:b7:1b:07:
9b:22:33:12:9e:0d:12:b8:7e:4d:50:74:c8:ef:1e:
3e:bf:63:53:80:e9:de:b6:96:90:66:b4:5f:fa:ad:
5f:f8:58:e3:21:00:01:32:21:3e:2d:72:9c:08:64:
64:97:b3:5b:e0:e0:80:ea:9a:d9:87:ed:34:75:b2:
9a:8d:0d:1e:76:59:d2:1b:f5:cc:f6:73:1c:d6:0d:
56:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:6C:91:11:F7:29:72:D2:7B:B3:3F:D7:52:AE:21:DA:53:3C:3A:36
X509v3 Authority Key Identifier:
keyid:45:02:E6:3C:E0:1C:AD:23:9A:C3:97:BC:2B:B5:E6:C3:47:DC:EE:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RQLmPOAcrSOaw5e8K7Xmw0fc7uo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/3138352e322e3230372e302f32342d3234203d3e203531303539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.207.0/24
Signature Algorithm: sha256WithRSAEncryption
90:9d:74:f8:7c:46:b6:7b:58:b6:56:c1:71:c1:46:36:7f:df:
b1:a9:c1:e6:c3:79:ff:9b:f8:4c:4d:4b:55:09:a4:cf:58:2b:
cb:76:b2:fb:6c:3e:48:ac:ab:0d:7a:69:0c:8f:3e:0a:93:5d:
92:e5:ee:b4:55:38:3f:69:02:32:57:c9:cc:42:61:51:5b:4c:
80:3f:ca:f6:26:02:8a:ca:17:7c:e7:3e:21:07:6a:9b:43:77:
3b:c2:86:3b:a0:a0:e9:fb:c9:87:84:b5:f5:4a:43:68:77:c2:
1f:de:4b:2f:a6:06:0e:9e:07:c8:62:29:93:d4:3b:58:98:ad:
ff:71:3c:14:0a:d1:9d:e5:f5:ec:e6:f4:5f:0d:87:4e:25:36:
08:16:e2:6f:d2:f4:50:7f:f8:ce:76:ce:08:bc:18:49:05:58:
43:00:07:ac:fa:70:c7:3a:15:31:ae:ba:02:29:3e:74:cf:d3:
90:4b:f6:28:f1:fd:77:5c:32:14:3b:8a:8c:6d:57:2e:24:57:
6b:5a:50:7f:7c:5c:09:83:5a:6d:64:ae:fa:aa:5c:25:ab:09:
8c:62:1b:28:7b:b4:e5:ec:33:92:d1:f3:61:bd:39:15:08:ba:
b1:7b:e6:26:aa:3b:a8:3c:b4:b8:7f:2a:3a:23:77:a2:7a:db:
ea:5f:da:6f
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUe7nCdA5P8x3RR+++zULoukQTS8owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUwMmU2M2NlMDFjYWQyMzlhYzM5N2JjMmJiNWU2YzM0
N2RjZWVlYTAeFw0yNTA5MDkxMDQ2MTFaFw0yNjA5MDgxMDUxMTFaMDMxMTAvBgNV
BAMTKDQzNkM5MTExRjcyOTcyRDI3QkIzM0ZENzUyQUUyMURBNTMzQzNBMzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCixf5w3GCdtr0CA5y8JMUCttfn
JmdcWZ6yIAXupRiSjm79h8sdjYZgDBlzrK7tq9a+GDME9YIPUZb+6XcZVrDghwSB
n/2YtARNsImBsJlyo2V5j7kfmflxL3jitMSPX6+4TTkgqNaRMBgk2CA7X53i4sQn
WO2+zFEhmb0Q3Q7T6h9A2ZNrj/ilhy5vlwVV7s3/TKJBpcjW1zXyN/ktBe5fRPig
Lg1CHZ9DBRqa8Q+Ly7cbB5siMxKeDRK4fk1QdMjvHj6/Y1OA6d62lpBmtF/6rV/4
WOMhAAEyIT4tcpwIZGSXs1vg4IDqmtmH7TR1spqNDR52WdIb9cz2cxzWDVZ1AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUQ2yREfcpctJ7sz/XUq4h2lM8OjYwHwYDVR0j
BBgwFoAURQLmPOAcrSOaw5e8K7Xmw0fc7uowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWRmMzNhNTctN2U0Zi00ODQ0LTg0ZTItYjcxNTNiNTUx
MWI0LzAvNDUwMkU2M0NFMDFDQUQyMzlBQzM5N0JDMkJCNUU2QzM0N0RDRUVFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JRTG1QT0FjclNPYXc1ZThLN1htdzBm
Yzd1by5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOWRmMzNhNTct
N2U0Zi00ODQ0LTg0ZTItYjcxNTNiNTUxMWI0LzAvMzEzODM1MmUzMjJlMzIzMDM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzMTMwMzUzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkC
zzANBgkqhkiG9w0BAQsFAAOCAQEAkJ10+HxGtntYtlbBccFGNn/fsanB5sN5/5v4
TE1LVQmkz1gry3ay+2w+SKyrDXppDI8+CpNdkuXutFU4P2kCMlfJzEJhUVtMgD/K
9iYCisoXfOc+IQdqm0N3O8KGO6Cg6fvJh4S19UpDaHfCH95LL6YGDp4HyGIpk9Q7
WJit/3E8FArRneX17Ob0Xw2HTiU2CBbib9L0UH/4znbOCLwYSQVYQwAHrPpwxzoV
Ma66Aik+dM/TkEv2KPH9d1wyFDuKjG1XLiRXa1pQf3xcCYNabWSu+qpcJasJjGIb
KHu05ewzktHzYb05FQi6sXvmJqo7qDy0uH8qOiN3onrb6l/abw==
-----END CERTIFICATE-----
Generated at Sat Oct 18 05:53:11 2025 by rpki-client