Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3138352e3231322e3131332e302f32342d3234203d3e203633303233.roa
File: 3138352e3231322e3131332e302f32342d3234203d3e203633303233.roa (raw, json)
Hash identifier: ILC3irRlE0jS2QKGQg09ZhaS+IuFm4Kk9BrsZJ/L5B0=
Subject key identifier: A8:41:7B:41:B1:E2:AC:39:80:A9:8F:E5:E7:0C:05:F7:E4:E6:D4:17
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 2A8C228B81EAE273176ED34D525CDF693815EEC6
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3138352e3231322e3131332e302f32342d3234203d3e203633303233.roa
Signing time: Thu 03 Jul 2025 11:22:50 +0000
ROA not before: Thu 03 Jul 2025 11:17:50 +0000
ROA not after: Thu 02 Jul 2026 11:22:50 +0000
asID: 63023
IP address blocks: 185.212.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Jul 2025 04:37:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:8c:22:8b:81:ea:e2:73:17:6e:d3:4d:52:5c:df:69:38:15:ee:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Jul 3 11:17:50 2025 GMT
Not After : Jul 2 11:22:50 2026 GMT
Subject: CN=A8417B41B1E2AC3980A98FE5E70C05F7E4E6D417
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:51:93:17:32:20:aa:5e:f2:c1:ad:ae:65:ad:
10:3c:e6:41:3b:bd:87:72:87:02:7c:42:13:7d:09:
36:99:2e:39:72:9d:be:e9:a6:4c:dc:6e:82:dc:e4:
7e:a5:b7:ea:bd:f0:a7:a9:69:1e:79:20:3c:7e:a9:
c4:0f:3b:b0:d2:41:6d:88:92:11:e7:38:e4:4f:4b:
b3:06:44:93:b2:80:48:21:14:38:79:dd:ec:ef:9d:
df:2c:36:4a:f7:e5:98:c3:ff:a8:27:e0:60:5e:b8:
6f:c8:34:81:83:5f:fe:c8:50:ac:f6:d4:96:d3:bc:
53:23:4e:8f:27:47:47:5b:d3:3c:dc:ed:b8:54:32:
06:bc:f1:59:07:e6:3e:0a:a0:69:09:97:fd:ea:4e:
de:e4:51:fd:8f:a3:d6:c7:bf:77:6f:de:64:08:ba:
07:9e:68:e8:aa:78:65:bc:49:3f:26:74:37:53:37:
b8:54:5e:d8:1a:3f:0a:2c:13:b1:b1:44:70:b7:e9:
48:12:2c:37:d8:9e:51:28:71:e1:90:a9:1e:1f:82:
da:63:e2:85:d5:cf:36:14:4c:e5:2a:2f:9d:8e:53:
30:f8:95:1a:95:45:c9:85:31:96:6d:f7:c5:fc:6b:
2d:19:d7:5e:4a:fd:e6:d6:f7:6a:5b:08:03:12:49:
34:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:41:7B:41:B1:E2:AC:39:80:A9:8F:E5:E7:0C:05:F7:E4:E6:D4:17
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3138352e3231322e3131332e302f32342d3234203d3e203633303233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.212.113.0/24
Signature Algorithm: sha256WithRSAEncryption
98:6a:3c:45:f3:58:9d:86:5e:33:8e:72:08:03:b0:c8:57:1d:
2b:40:12:de:7d:7f:da:4d:c1:40:2f:e9:ee:f8:13:f7:ae:26:
23:af:e4:d7:8d:94:28:33:73:71:61:89:86:a1:05:8f:2c:61:
f4:b7:94:77:63:c6:82:2c:f1:78:90:1e:b9:93:70:8e:b3:c4:
3f:de:04:92:f6:eb:23:4d:48:33:80:ef:bc:7f:77:32:36:e9:
0c:37:38:39:1d:3e:49:4d:ab:e4:a8:4e:82:8b:9f:45:94:2e:
c4:75:9c:a0:81:3b:71:d7:24:ff:ca:50:cb:34:56:43:a2:ec:
ce:41:ec:99:19:e6:55:ee:26:ec:f1:7b:94:68:98:15:fb:84:
06:be:12:35:2e:95:c6:d2:d3:cb:85:95:fc:7a:b5:c8:17:15:
3a:7e:ec:92:5c:30:df:94:64:a7:aa:c5:e3:77:8a:5f:c4:ab:
c2:39:1c:02:1c:68:87:bf:73:f4:db:fa:52:88:a1:14:44:76:
28:97:99:65:1e:06:3c:4b:88:8d:ab:3d:7f:97:b2:27:00:a1:
f1:e6:5a:43:76:13:8d:7f:17:6f:b4:f2:68:f1:03:9f:82:f3:
3f:cf:75:8c:be:78:b6:62:43:4d:eb:a3:ea:7e:09:af:0d:0b:
97:01:5d:eb
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUKowii4Hq4nMXbtNNUlzfaTgV7sYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNTA3MDMxMTE3NTBaFw0yNjA3MDIxMTIyNTBaMDMxMTAvBgNV
BAMTKEE4NDE3QjQxQjFFMkFDMzk4MEE5OEZFNUU3MEMwNUY3RTRFNkQ0MTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBUZMXMiCqXvLBra5lrRA85kE7
vYdyhwJ8QhN9CTaZLjlynb7ppkzcboLc5H6lt+q98KepaR55IDx+qcQPO7DSQW2I
khHnOORPS7MGRJOygEghFDh53ezvnd8sNkr35ZjD/6gn4GBeuG/INIGDX/7IUKz2
1JbTvFMjTo8nR0db0zzc7bhUMga88VkH5j4KoGkJl/3qTt7kUf2Po9bHv3dv3mQI
ugeeaOiqeGW8ST8mdDdTN7hUXtgaPwosE7GxRHC36UgSLDfYnlEoceGQqR4fgtpj
4oXVzzYUTOUqL52OUzD4lRqVRcmFMZZt98X8ay0Z115K/ebW92pbCAMSSTSdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUqEF7QbHirDmAqY/l5wwF9+Tm1BcwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzEzODM1MmUzMjMxMzIyZTMx
MzEzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzMzMDMyMzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC51HEwDQYJKoZIhvcNAQELBQADggEBAJhqPEXzWJ2GXjOOcggDsMhXHStAEt59
f9pNwUAv6e74E/euJiOv5NeNlCgzc3FhiYahBY8sYfS3lHdjxoIs8XiQHrmTcI6z
xD/eBJL26yNNSDOA77x/dzI26Qw3ODkdPklNq+SoToKLn0WULsR1nKCBO3HXJP/K
UMs0VkOi7M5B7JkZ5lXuJuzxe5RomBX7hAa+EjUulcbS08uFlfx6tcgXFTp+7JJc
MN+UZKeqxeN3il/Eq8I5HAIcaIe/c/Tb+lKIoRREdiiXmWUeBjxLiI2rPX+XsicA
ofHmWkN2E41/F2+08mjxA5+C8z/PdYy+eLZiQ03ro+p+Ca8NC5cBXes=
-----END CERTIFICATE-----
Generated at Sat Jul 5 20:37:51 2025 by rpki-client