Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3231322e3131382e302f32342d3234203d3e20313336373837.roa
File: 3138352e3231322e3131382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: WXdtn1vkkJ9BnPsffJ/Ql1UTlPix7Bg5QMNP2/JCUfs=
Subject key identifier: D8:A2:71:F9:B4:17:3B:55:FB:13:88:4D:B0:A4:9E:24:02:6B:82:B6
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 43750B4DC0CD5AD03CA66A929ADD267A9FA1052D
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3231322e3131382e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 27 Aug 2025 11:47:26 +0000
ROA not before: Wed 27 Aug 2025 11:42:26 +0000
ROA not after: Wed 26 Aug 2026 11:47:26 +0000
asID: 136787
IP address blocks: 185.212.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 06:10:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:75:0b:4d:c0:cd:5a:d0:3c:a6:6a:92:9a:dd:26:7a:9f:a1:05:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Aug 27 11:42:26 2025 GMT
Not After : Aug 26 11:47:26 2026 GMT
Subject: CN=D8A271F9B4173B55FB13884DB0A49E24026B82B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a4:49:31:00:c8:3f:68:92:0d:70:96:95:f9:
83:dd:f5:9e:fa:58:d6:07:82:b8:a5:e3:1c:ea:6b:
a6:11:e0:79:30:09:a2:03:4a:d5:2c:0d:09:95:94:
41:a8:71:ef:6f:b9:b6:24:3b:b3:69:b0:b0:4d:29:
8e:f7:72:f1:7b:3f:48:93:fe:9a:26:6d:d3:f0:a6:
7b:e6:95:35:e5:f3:17:95:36:fa:03:91:33:d6:1c:
59:bc:df:12:a6:c8:0a:8a:48:63:78:2a:97:db:3d:
14:ec:50:cb:57:db:57:fb:52:94:30:80:12:c7:e5:
e5:37:9c:1c:f5:71:ff:73:8e:c6:7b:95:a4:ff:46:
0a:91:80:32:ea:0b:29:e8:c7:da:09:01:ea:20:cb:
18:6b:b6:f3:a8:9e:34:51:c3:12:0f:25:05:8f:90:
3d:4f:7d:27:b7:58:59:8c:35:7b:93:f7:27:0e:89:
93:65:e8:c1:ed:d6:9c:6b:d4:b6:2d:64:7e:c8:04:
22:cf:d0:3c:00:41:65:44:c5:2e:41:7e:33:01:b7:
fa:eb:86:22:1c:9a:46:42:21:21:bc:62:31:1a:fd:
83:f5:0e:7d:86:30:5c:30:76:de:4f:88:e6:b0:10:
36:7d:af:f5:99:76:cc:80:df:72:00:c2:fc:aa:9c:
ab:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:A2:71:F9:B4:17:3B:55:FB:13:88:4D:B0:A4:9E:24:02:6B:82:B6
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3231322e3131382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.212.118.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:09:fe:7d:35:0c:e9:42:e0:69:85:2c:c0:ed:99:2d:9f:de:
09:65:72:20:94:41:88:ac:3f:aa:af:74:50:86:02:a5:67:6a:
b5:71:40:0c:0a:cb:f1:1f:70:72:d1:48:02:cc:19:89:a6:10:
a0:d9:51:8d:57:62:01:2b:ac:7a:34:7c:21:fa:35:60:78:0d:
36:84:fe:0f:96:cd:27:40:9f:c1:c3:ae:2f:96:de:c0:6a:2a:
86:9a:0b:88:0e:eb:72:62:b0:fc:c8:31:5c:5c:c2:b7:42:e7:
45:28:ee:a9:78:c4:09:9d:1c:32:cc:74:18:05:35:c7:06:5e:
34:95:79:7e:6c:7b:b4:c7:37:71:5c:85:a1:8e:20:62:06:b6:
16:6d:04:ac:cd:98:33:fb:92:22:e8:81:be:31:21:8c:b1:9e:
69:1c:92:74:af:7a:d3:87:91:77:f8:ee:8d:7c:b9:55:8d:0e:
eb:17:a8:31:89:15:a7:2f:61:04:9c:1e:32:c7:2f:54:cc:7c:
34:d0:a9:38:ab:2e:d7:75:04:c8:ad:34:62:0b:75:82:09:d0:
e1:36:94:77:b4:30:84:e5:27:cb:ea:ce:25:c6:72:66:bd:93:
a1:67:1b:2d:a0:7a:12:a6:0e:3e:fd:be:73:74:ca:48:4c:f2:
3b:05:55:c7
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUQ3ULTcDNWtA8pmqSmt0mep+hBS0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTA4MjcxMTQyMjZaFw0yNjA4MjYxMTQ3MjZaMDMxMTAvBgNV
BAMTKEQ4QTI3MUY5QjQxNzNCNTVGQjEzODg0REIwQTQ5RTI0MDI2QjgyQjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzpEkxAMg/aJINcJaV+YPd9Z76
WNYHgril4xzqa6YR4HkwCaIDStUsDQmVlEGoce9vubYkO7NpsLBNKY73cvF7P0iT
/pombdPwpnvmlTXl8xeVNvoDkTPWHFm83xKmyAqKSGN4KpfbPRTsUMtX21f7UpQw
gBLH5eU3nBz1cf9zjsZ7laT/RgqRgDLqCynox9oJAeogyxhrtvOonjRRwxIPJQWP
kD1PfSe3WFmMNXuT9ycOiZNl6MHt1pxr1LYtZH7IBCLP0DwAQWVExS5BfjMBt/rr
hiIcmkZCISG8YjEa/YP1Dn2GMFwwdt5PiOawEDZ9r/WZdsyA33IAwvyqnKsLAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQU2KJx+bQXO1X7E4hNsKSeJAJrgrYwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMyMzEz
MjJlMzEzMTM4MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAudR2MA0GCSqGSIb3DQEBCwUAA4IBAQC1Cf59NQzpQuBphSzA7Zkt
n94JZXIglEGIrD+qr3RQhgKlZ2q1cUAMCsvxH3By0UgCzBmJphCg2VGNV2IBK6x6
NHwh+jVgeA02hP4Pls0nQJ/Bw64vlt7AaiqGmguIDutyYrD8yDFcXMK3QudFKO6p
eMQJnRwyzHQYBTXHBl40lXl+bHu0xzdxXIWhjiBiBrYWbQSszZgz+5Ii6IG+MSGM
sZ5pHJJ0r3rTh5F3+O6NfLlVjQ7rF6gxiRWnL2EEnB4yxy9UzHw00Kk4qy7XdQTI
rTRiC3WCCdDhNpR3tDCE5SfL6s4lxnJmvZOhZxstoHoSpg4+/b5zdMpITPI7BVXH
-----END CERTIFICATE-----
Generated at Sun Sep 7 15:20:44 2025 by rpki-client