Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3137352e3230382e302f32342d3234203d3e20323033333830.roa
File: 3138352e3137352e3230382e302f32342d3234203d3e20323033333830.roa (raw, json)
Hash identifier: 4YW6VEtZlFRxtCaGUvKMHonRSZ9rHbsC7LENJ7pp2Ic=
Subject key identifier: 3B:57:05:5B:F0:D6:36:78:E8:0E:17:B3:34:BE:15:D8:85:E4:EF:34
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 255EA0F292C0031758EA8F778F25E183CBAC3906
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3137352e3230382e302f32342d3234203d3e20323033333830.roa
Signing time: Thu 29 May 2025 12:46:32 +0000
ROA not before: Thu 29 May 2025 12:41:32 +0000
ROA not after: Thu 28 May 2026 12:46:32 +0000
asID: 203380
IP address blocks: 185.175.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 17:19:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:5e:a0:f2:92:c0:03:17:58:ea:8f:77:8f:25:e1:83:cb:ac:39:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 29 12:41:32 2025 GMT
Not After : May 28 12:46:32 2026 GMT
Subject: CN=3B57055BF0D63678E80E17B334BE15D885E4EF34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:47:6c:30:64:8d:95:67:86:fc:37:41:a0:fa:
fe:cf:60:a1:90:e0:00:1f:96:2e:ad:ed:ff:60:08:
86:9b:1d:9e:84:6e:88:df:37:aa:a3:e8:13:85:74:
ba:bc:ce:78:ec:7c:36:67:27:fb:0d:c0:9a:bf:98:
fa:5f:b5:74:51:86:d9:a4:d8:9e:9d:e1:c4:11:67:
6d:c2:6a:ea:cd:a0:29:18:75:ab:6b:50:b6:19:28:
82:c7:da:82:4d:31:6e:f9:fa:24:0f:37:9d:58:62:
69:fe:23:df:2c:55:aa:7c:8b:d1:29:61:c4:29:07:
dc:45:2f:bb:2f:e1:ef:08:89:43:44:3b:73:0c:52:
a9:b0:cc:b8:83:d0:01:c5:72:7e:f8:82:40:83:f3:
7c:26:8e:bc:80:03:6f:67:82:24:6d:32:cc:32:26:
e2:69:6e:bf:d9:0c:c6:87:81:d4:23:e4:8e:bf:5a:
63:b2:2a:42:71:8d:3d:17:2e:b5:77:d6:6c:40:a2:
b1:05:81:4e:5d:d0:84:ab:de:eb:5c:62:8f:c2:54:
cd:38:71:f4:8f:17:1d:87:53:98:9b:b3:3a:c7:8d:
1f:39:a2:94:88:f6:b1:cc:ca:9d:00:38:1b:b8:ef:
d3:49:8e:c8:8e:d4:74:43:42:da:44:6c:a6:e8:f7:
f2:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:57:05:5B:F0:D6:36:78:E8:0E:17:B3:34:BE:15:D8:85:E4:EF:34
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3137352e3230382e302f32342d3234203d3e20323033333830.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.175.208.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:1a:8e:58:11:6c:0f:e0:87:08:84:3c:7c:27:b3:bd:72:c3:
65:a6:6b:bb:49:5f:09:f8:29:60:5a:9a:7e:bf:22:18:0c:c1:
15:7f:c2:7a:d3:ce:fd:d2:79:8b:bd:bb:3f:be:1d:7d:51:44:
41:82:1a:21:9b:7a:6e:75:b5:33:16:7c:86:4c:e2:c3:1c:95:
76:bc:57:85:2d:8d:5d:e3:4e:b3:9a:d3:38:54:a8:5f:68:72:
43:10:de:df:6f:a0:c6:22:dd:82:17:7a:0d:51:4e:37:83:a8:
58:1b:92:81:4f:42:1e:65:94:49:06:c9:c1:9f:83:8c:66:1c:
4f:97:27:d5:b8:e8:f7:9e:25:b0:6f:39:ab:ce:74:37:14:fd:
da:2d:81:19:11:85:ef:b2:9c:44:78:b3:21:12:95:b1:e9:5e:
28:a5:af:fa:d5:b4:6d:fb:2b:c0:82:f9:b5:f8:22:01:f4:04:
7a:6d:22:84:7a:7b:db:f6:f9:1d:11:04:23:b7:53:a7:4e:4f:
a0:f7:07:b9:3f:4d:50:45:43:d0:db:78:8c:37:52:ea:cd:09:
20:c6:7a:b0:9d:d4:0b:4a:8e:b8:11:de:c5:74:f1:16:b7:d1:
e6:ca:5d:c9:44:47:a5:bc:a7:b1:78:2f:af:80:b6:9d:1b:84:
89:70:2c:59
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUJV6g8pLAAxdY6o93jyXhg8usOQYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA1MjkxMjQxMzJaFw0yNjA1MjgxMjQ2MzJaMDMxMTAvBgNV
BAMTKDNCNTcwNTVCRjBENjM2NzhFODBFMTdCMzM0QkUxNUQ4ODVFNEVGMzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeR2wwZI2VZ4b8N0Gg+v7PYKGQ
4AAfli6t7f9gCIabHZ6EbojfN6qj6BOFdLq8znjsfDZnJ/sNwJq/mPpftXRRhtmk
2J6d4cQRZ23CaurNoCkYdatrULYZKILH2oJNMW75+iQPN51YYmn+I98sVap8i9Ep
YcQpB9xFL7sv4e8IiUNEO3MMUqmwzLiD0AHFcn74gkCD83wmjryAA29ngiRtMswy
JuJpbr/ZDMaHgdQj5I6/WmOyKkJxjT0XLrV31mxAorEFgU5d0ISr3utcYo/CVM04
cfSPFx2HU5ibszrHjR85opSI9rHMyp0AOBu479NJjsiO1HRDQtpEbKbo9/KpAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUO1cFW/DWNnjoDhezNL4V2IXk7zQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM3MzUyZTMy
MzAzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMzMzMzgzMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALmv0DANBgkqhkiG9w0BAQsFAAOCAQEAKhqOWBFsD+CHCIQ8fCezvXLDZaZr
u0lfCfgpYFqafr8iGAzBFX/CetPO/dJ5i727P74dfVFEQYIaIZt6bnW1MxZ8hkzi
wxyVdrxXhS2NXeNOs5rTOFSoX2hyQxDe32+gxiLdghd6DVFON4OoWBuSgU9CHmWU
SQbJwZ+DjGYcT5cn1bjo954lsG85q850NxT92i2BGRGF77KcRHizIRKVseleKKWv
+tW0bfsrwIL5tfgiAfQEem0ihHp72/b5HREEI7dTp05PoPcHuT9NUEVD0Nt4jDdS
6s0JIMZ6sJ3UC0qOuBHexXTxFrfR5spdyURHpbynsXgvr4C2nRuEiXAsWQ==
-----END CERTIFICATE-----
Generated at Fri Jun 6 06:39:54 2025 by rpki-client