Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/3138352e322e3136322e302f32332d3234203d3e20323136303433.roa
File: 3138352e322e3136322e302f32332d3234203d3e20323136303433.roa (raw, json)
Hash identifier: GiYpmPsNeJIM+tOFpoqBAp0iPcUDNpER8nLACmla4d4=
Subject key identifier: AA:53:88:F6:14:05:AF:88:25:6F:09:D5:8B:71:54:08:90:06:F2:F8
Certificate issuer: /CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Certificate serial: 72EE969103588AD3E2A82ADEB546653B13B7A6F3
Authority key identifier: 9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/3138352e322e3136322e302f32332d3234203d3e20323136303433.roa
Signing time: Fri 07 Nov 2025 00:11:07 +0000
ROA not before: Fri 07 Nov 2025 00:06:07 +0000
ROA not after: Fri 06 Nov 2026 00:11:07 +0000
asID: 216043
IP address blocks: 185.2.162.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 10 Nov 2025 03:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:ee:96:91:03:58:8a:d3:e2:a8:2a:de:b5:46:65:3b:13:b7:a6:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Validity
Not Before: Nov 7 00:06:07 2025 GMT
Not After : Nov 6 00:11:07 2026 GMT
Subject: CN=AA5388F61405AF88256F09D58B7154089006F2F8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ef:1d:04:aa:34:a6:5a:e3:7e:de:e2:48:93:
cd:93:ee:10:83:ef:f2:95:4a:3d:87:8b:aa:43:26:
e6:1f:f0:d0:28:24:3a:6e:5a:63:be:74:08:31:bf:
51:ef:de:b8:80:40:8a:1d:5a:2b:d3:ae:e5:53:f8:
37:bf:67:70:c2:47:a5:fe:05:bd:da:8f:80:96:4f:
65:b3:34:8f:d1:bc:25:f8:b1:d6:0a:67:ac:bc:15:
09:b6:94:fb:5d:61:a4:03:fb:b6:3d:53:d7:ef:9b:
9e:7c:49:53:53:52:e3:d0:ac:6c:d3:ff:8d:87:e3:
f8:3c:4f:e6:d8:83:34:6f:4b:55:50:4a:0a:fa:1b:
65:1c:e0:bc:f9:57:22:24:08:c9:9b:36:98:c3:e5:
89:08:63:be:e6:b1:20:94:2e:95:9f:3f:58:bc:90:
ee:62:8f:c7:38:8e:7f:9a:88:e6:a8:7a:bb:cf:5d:
81:92:4a:ef:b9:8e:df:63:6a:3d:ac:d2:c7:9a:75:
b8:df:1d:74:a5:bb:6b:f2:de:ab:2c:6f:11:58:7d:
31:ec:f1:84:45:70:f5:c8:a1:d6:f6:d0:eb:99:9b:
1d:73:d6:59:8e:c0:5e:ab:e2:cc:43:08:64:90:6d:
1f:c3:71:76:d3:28:df:06:d5:58:bc:f6:ee:cd:61:
40:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:53:88:F6:14:05:AF:88:25:6F:09:D5:8B:71:54:08:90:06:F2:F8
X509v3 Authority Key Identifier:
keyid:9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/3138352e322e3136322e302f32332d3234203d3e20323136303433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.162.0/23
Signature Algorithm: sha256WithRSAEncryption
48:68:e4:ff:8a:f6:b7:1d:06:33:e6:75:58:6d:6b:b1:b7:95:
df:59:60:55:cd:8d:1d:86:46:98:0a:81:2b:a6:b9:73:cf:93:
c4:1e:2f:32:3f:93:13:98:bd:c6:18:13:4b:27:a5:47:5f:5c:
57:3f:ff:c2:32:3a:ea:c3:a0:33:52:8c:ec:75:ad:08:dd:a0:
e7:0d:b7:b9:a8:51:43:c1:46:1d:3d:af:36:09:a5:24:0b:4a:
a9:26:0b:8b:7f:bc:40:fb:20:c9:7c:b1:e3:af:1c:03:33:84:
d0:4d:80:d8:d4:2f:b0:e5:e8:a5:1f:27:0f:cc:b5:7a:f7:c9:
6b:54:72:b6:6b:81:30:35:b4:6a:39:aa:35:13:54:04:59:52:
6c:aa:7b:70:72:52:1e:01:15:33:b0:9e:fd:14:0e:75:32:45:
ad:09:de:0d:2f:db:3f:d8:78:7d:9a:8e:c1:b3:c9:94:32:e7:
62:d4:11:43:b7:7e:e5:57:9d:63:8c:38:66:f3:36:fd:72:5b:
3e:58:5f:54:72:0c:7d:8d:2e:87:cb:a3:27:c0:50:a4:50:0e:
f3:ae:c8:0d:68:03:4d:35:d5:f6:03:97:92:63:c1:1e:e6:21:
78:a7:f7:72:e3:93:77:cb:f7:ff:8d:56:ff:cc:7a:03:c5:b7:
43:96:b4:5a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUcu6WkQNYitPiqCretUZlOxO3pvMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWYwZDI0Yzg1NWVlZTAwZmU0YWJmMzkwM2M2ZThmY2M3
MDgzZWQ0ZDAeFw0yNTExMDcwMDA2MDdaFw0yNjExMDYwMDExMDdaMDMxMTAvBgNV
BAMTKEFBNTM4OEY2MTQwNUFGODgyNTZGMDlENThCNzE1NDA4OTAwNkYyRjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo7x0EqjSmWuN+3uJIk82T7hCD
7/KVSj2Hi6pDJuYf8NAoJDpuWmO+dAgxv1Hv3riAQIodWivTruVT+De/Z3DCR6X+
Bb3aj4CWT2WzNI/RvCX4sdYKZ6y8FQm2lPtdYaQD+7Y9U9fvm558SVNTUuPQrGzT
/42H4/g8T+bYgzRvS1VQSgr6G2Uc4Lz5VyIkCMmbNpjD5YkIY77msSCULpWfP1i8
kO5ij8c4jn+aiOaoervPXYGSSu+5jt9jaj2s0seadbjfHXSlu2vy3qssbxFYfTHs
8YRFcPXIodb20OuZmx1z1lmOwF6r4sxDCGSQbR/DcXbTKN8G1Vi89u7NYUBtAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUqlOI9hQFr4glbwnVi3FUCJAG8vgwHwYDVR0j
BBgwFoAUnw0kyFXu4A/kq/OQPG6PzHCD7U0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQtNDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3
ODEzLzAvOUYwRDI0Qzg1NUVFRTAwRkU0QUJGMzkwM0M2RThGQ0M3MDgzRUQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL253MGt5Rlh1NEFfa3FfT1FQRzZQekhD
RDdVMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQt
NDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3ODEzLzAvMzEzODM1MmUzMjJlMzEzNjMy
MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzIzMTM2MzAzNDMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
uQKiMA0GCSqGSIb3DQEBCwUAA4IBAQBIaOT/iva3HQYz5nVYbWuxt5XfWWBVzY0d
hkaYCoErprlzz5PEHi8yP5MTmL3GGBNLJ6VHX1xXP//CMjrqw6AzUozsda0I3aDn
Dbe5qFFDwUYdPa82CaUkC0qpJguLf7xA+yDJfLHjrxwDM4TQTYDY1C+w5eilHycP
zLV698lrVHK2a4EwNbRqOao1E1QEWVJsqntwclIeARUzsJ79FA51MkWtCd4NL9s/
2Hh9mo7Bs8mUMudi1BFDt37lV51jjDhm8zb9cls+WF9Ucgx9jS6Hy6MnwFCkUA7z
rsgNaANNNdX2A5eSY8Ee5iF4p/dy45N3y/f/jVb/zHoDxbdDlrRa
-----END CERTIFICATE-----
Generated at Sun Nov 9 10:12:30 2025 by rpki-client