Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3138352e3235312e32332e302f32342d3234203d3e20323030303137.roa
File: 3138352e3235312e32332e302f32342d3234203d3e20323030303137.roa (raw, json)
Hash identifier: 1nHeHr5ez78VSQCwBDXobb8Hijb3cSpgsJnQt2+b4+w=
Subject key identifier: D0:13:F5:40:DF:C8:BA:B2:A8:A3:5B:29:12:D5:FA:4B:5A:49:E6:40
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 7F55FCE74867CF4DF4347DF74C41973907766D17
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3138352e3235312e32332e302f32342d3234203d3e20323030303137.roa
Signing time: Thu 11 Sep 2025 07:55:02 +0000
ROA not before: Thu 11 Sep 2025 07:50:02 +0000
ROA not after: Thu 10 Sep 2026 07:55:02 +0000
asID: 200017
IP address blocks: 185.251.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Sep 2025 02:02:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:55:fc:e7:48:67:cf:4d:f4:34:7d:f7:4c:41:97:39:07:76:6d:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Sep 11 07:50:02 2025 GMT
Not After : Sep 10 07:55:02 2026 GMT
Subject: CN=D013F540DFC8BAB2A8A35B2912D5FA4B5A49E640
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ef:96:2b:b0:21:91:b3:f7:93:f6:50:c7:1a:
ee:b5:a2:84:83:77:cd:d0:1d:95:6a:4d:df:1b:8f:
be:34:75:f7:9f:b1:85:7a:48:26:6d:85:f2:3c:20:
12:c3:06:08:d1:85:e0:9a:49:e8:20:ce:4f:4f:70:
7b:a5:2a:db:44:a0:4d:31:2b:81:fd:be:24:8e:b8:
66:d9:82:cc:0b:2e:f7:ba:34:fd:e4:0c:6c:64:2d:
87:ab:72:72:0a:7a:69:eb:b2:1e:7a:ce:1b:e4:70:
c7:4c:07:f1:6c:e1:06:7a:d6:73:c4:2f:39:99:7d:
50:ea:13:bd:1d:4b:76:d1:0a:3f:a8:4b:d0:93:75:
df:7f:c1:92:82:10:f6:06:80:df:32:66:83:4e:f3:
81:e5:1a:ea:75:2e:1a:12:54:d9:81:b3:42:2e:36:
3e:37:b3:02:e0:c3:41:45:a2:16:21:ee:8f:c2:09:
e7:e4:1f:a1:17:95:a9:04:4c:52:23:67:c5:2a:33:
41:bf:b7:67:68:37:4f:56:96:95:1f:48:fe:81:77:
a1:f5:70:fa:d9:c3:47:ea:21:8c:61:0e:62:4b:06:
2e:1d:91:21:fe:ca:e3:69:f2:fe:4a:6f:d4:ac:06:
2f:06:91:0b:d7:d3:ce:65:cc:19:7a:4e:18:9d:d8:
3f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:13:F5:40:DF:C8:BA:B2:A8:A3:5B:29:12:D5:FA:4B:5A:49:E6:40
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3138352e3235312e32332e302f32342d3234203d3e20323030303137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.251.23.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:6b:8f:ea:a5:c5:ef:f4:e5:95:c6:78:97:77:b4:f2:60:4d:
41:40:28:c3:5f:93:4a:11:43:ca:3a:ce:a5:00:2e:f3:e2:ad:
1d:23:34:b3:c2:47:84:a1:29:c6:6a:c4:fa:ef:f0:e2:eb:43:
f1:25:c5:ba:74:9c:20:80:ea:da:cd:b7:cf:f8:53:29:3b:db:
da:6e:97:bb:aa:fa:31:89:8d:c3:e0:34:2e:60:b6:08:b4:ce:
58:a6:14:ac:44:f5:a4:59:c7:9a:81:79:29:94:eb:62:87:fc:
7a:3e:8c:37:48:ca:09:9d:5c:42:db:db:08:63:08:bf:72:29:
99:ee:e2:42:08:ff:de:f8:57:95:c4:fa:8a:68:4e:d3:3a:a8:
34:65:dd:fe:95:ef:f5:da:f0:f9:fa:02:08:16:c1:68:a7:51:
66:45:e4:7b:9c:3f:2a:01:bd:be:ad:e4:2d:f8:29:99:e1:4c:
27:97:a1:bb:a5:8d:28:fd:8a:3e:1b:73:31:d0:32:90:5b:a8:
80:f8:3d:bb:24:da:ad:55:0a:4a:a9:cc:5b:b5:85:82:3c:ba:
8d:f0:cd:07:cd:66:9a:64:43:08:ae:9a:e8:ec:46:b1:98:b9:
a8:b4:71:80:7e:40:ae:f4:7c:32:5b:1e:9d:c7:61:ea:93:29:
61:74:4d:88
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUf1X850hnz030NH33TEGXOQd2bRcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNTA5MTEwNzUwMDJaFw0yNjA5MTAwNzU1MDJaMDMxMTAvBgNV
BAMTKEQwMTNGNTQwREZDOEJBQjJBOEEzNUIyOTEyRDVGQTRCNUE0OUU2NDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDX75YrsCGRs/eT9lDHGu61ooSD
d83QHZVqTd8bj740dfefsYV6SCZthfI8IBLDBgjRheCaSeggzk9PcHulKttEoE0x
K4H9viSOuGbZgswLLve6NP3kDGxkLYercnIKemnrsh56zhvkcMdMB/Fs4QZ61nPE
LzmZfVDqE70dS3bRCj+oS9CTdd9/wZKCEPYGgN8yZoNO84HlGup1LhoSVNmBs0Iu
Nj43swLgw0FFohYh7o/CCefkH6EXlakETFIjZ8UqM0G/t2doN09WlpUfSP6Bd6H1
cPrZw0fqIYxhDmJLBi4dkSH+yuNp8v5Kb9SsBi8GkQvX085lzBl6Thid2D/HAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU0BP1QN/IurKoo1spEtX6S1pJ5kAwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzEzODM1MmUzMjM1MzEyZTMy
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzAzMDMxMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5+xcwDQYJKoZIhvcNAQELBQADggEBAGxrj+qlxe/05ZXGeJd3tPJgTUFAKMNf
k0oRQ8o6zqUALvPirR0jNLPCR4ShKcZqxPrv8OLrQ/Elxbp0nCCA6trNt8/4Uyk7
29pul7uq+jGJjcPgNC5gtgi0zlimFKxE9aRZx5qBeSmU62KH/Ho+jDdIygmdXELb
2whjCL9yKZnu4kII/974V5XE+opoTtM6qDRl3f6V7/Xa8Pn6AggWwWinUWZF5Huc
PyoBvb6t5C34KZnhTCeXobuljSj9ij4bczHQMpBbqID4Pbsk2q1VCkqpzFu1hYI8
uo3wzQfNZppkQwiumujsRrGYuai0cYB+QK70fDJbHp3HYeqTKWF0TYg=
-----END CERTIFICATE-----
Generated at Tue Sep 16 14:39:41 2025 by rpki-client