Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232372e3133332e302f32342d3234203d3e20323132323338.roa
File: 3138352e3232372e3133332e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: zqIw6Q2NZfafB5KWYY5TMjWWZxhrcLDzwKFKIqwyLik=
Subject key identifier: 60:54:E9:37:4D:01:16:95:EA:D2:7F:9E:54:E2:6D:CF:1E:E2:E0:A8
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 472E65BECB0889C205453C10C9ECBDBD82FCCA20
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232372e3133332e302f32342d3234203d3e20323132323338.roa
Signing time: Thu 28 Aug 2025 20:49:52 +0000
ROA not before: Thu 28 Aug 2025 20:44:52 +0000
ROA not after: Thu 27 Aug 2026 20:49:52 +0000
asID: 212238
IP address blocks: 185.227.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 01:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:2e:65:be:cb:08:89:c2:05:45:3c:10:c9:ec:bd:bd:82:fc:ca:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 28 20:44:52 2025 GMT
Not After : Aug 27 20:49:52 2026 GMT
Subject: CN=6054E9374D011695EAD27F9E54E26DCF1EE2E0A8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:c0:7b:91:7a:9d:e8:45:7a:62:3f:fe:8c:91:
dc:96:79:87:70:a6:76:eb:79:57:36:24:f9:01:67:
59:23:4a:df:d4:fd:2b:6c:99:45:ea:5c:9b:06:48:
45:eb:b1:32:9a:01:8c:19:12:2d:29:52:ac:f3:fe:
96:bc:8a:40:a8:19:0f:c6:e2:37:7d:85:38:eb:89:
23:5f:43:58:f3:91:b5:2b:ef:34:26:57:41:79:8f:
26:6b:f9:ae:63:93:c5:7b:13:bd:e3:ab:4a:a2:a9:
7f:d1:be:e6:38:ea:4e:9e:14:27:14:8f:39:94:35:
cf:31:b0:03:e6:de:a2:14:f3:e0:e4:5b:bb:04:91:
f2:e1:64:51:95:9f:57:5a:a2:3b:b1:aa:19:25:93:
7c:90:40:4e:f4:68:66:86:53:f2:0c:db:e2:f9:5b:
32:4c:a0:1c:a1:b4:56:1e:a4:25:d4:a8:da:34:f6:
0d:41:3b:85:3b:61:3b:c9:39:07:ad:bb:09:55:ff:
de:ec:0e:6d:64:1e:8d:0a:84:dd:99:5b:bb:c6:05:
04:1a:ae:5c:4a:31:86:d0:f0:33:05:04:f9:91:23:
99:33:54:04:2a:f8:92:11:17:00:03:0c:f6:37:c6:
03:80:31:42:ec:58:74:70:16:9e:e6:83:b6:c4:d6:
f2:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:54:E9:37:4D:01:16:95:EA:D2:7F:9E:54:E2:6D:CF:1E:E2:E0:A8
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232372e3133332e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.227.133.0/24
Signature Algorithm: sha256WithRSAEncryption
93:7d:85:04:ec:c5:bb:b6:aa:33:00:dc:4f:b8:ff:25:5a:ee:
ee:af:58:8e:3c:c7:cd:65:1b:24:71:52:db:3b:5c:c5:35:a5:
ab:c7:b7:c8:cf:48:13:2c:9d:33:38:aa:94:e8:a1:7e:ae:45:
8f:a2:d2:3b:11:0c:85:2c:dd:31:47:11:97:a8:54:a3:f8:77:
c8:32:d9:96:9e:fe:60:a7:73:56:95:e0:a6:87:4d:32:9e:e0:
ac:15:7e:b6:44:57:e0:80:38:98:b7:44:e0:3e:98:f1:d1:04:
4d:0b:fc:5d:24:79:50:49:08:e1:49:67:06:4f:07:62:91:cd:
82:f9:ad:18:f9:ae:1e:50:8e:69:32:78:41:f2:c2:68:76:1b:
fd:81:df:e2:ff:47:8b:4b:be:85:38:10:8c:b2:45:32:03:10:
a2:cb:02:73:a3:53:1e:b1:27:e8:e1:5d:5e:af:5a:71:38:8c:
8c:1b:60:4d:b2:cb:b8:37:a0:32:3f:08:2f:c8:ef:71:26:78:
2a:c6:89:db:9c:58:f2:99:1f:9f:91:f4:fb:b6:66:0c:04:31:
16:d8:ff:70:7e:cf:15:0c:07:7a:fb:aa:7a:67:b8:cd:81:15:
cb:40:2c:e3:5e:28:b1:2a:36:aa:b5:e0:0e:d0:21:51:75:b5:
50:a1:36:a0
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIURy5lvssIicIFRTwQyey9vYL8yiAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjgyMDQ0NTJaFw0yNjA4MjcyMDQ5NTJaMDMxMTAvBgNV
BAMTKDYwNTRFOTM3NEQwMTE2OTVFQUQyN0Y5RTU0RTI2RENGMUVFMkUwQTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZwHuRep3oRXpiP/6MkdyWeYdw
pnbreVc2JPkBZ1kjSt/U/StsmUXqXJsGSEXrsTKaAYwZEi0pUqzz/pa8ikCoGQ/G
4jd9hTjriSNfQ1jzkbUr7zQmV0F5jyZr+a5jk8V7E73jq0qiqX/RvuY46k6eFCcU
jzmUNc8xsAPm3qIU8+DkW7sEkfLhZFGVn1daojuxqhklk3yQQE70aGaGU/IM2+L5
WzJMoByhtFYepCXUqNo09g1BO4U7YTvJOQetuwlV/97sDm1kHo0KhN2ZW7vGBQQa
rlxKMYbQ8DMFBPmRI5kzVAQq+JIRFwADDPY3xgOAMULsWHRwFp7mg7bE1vLBAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUYFTpN00BFpXq0n+eVOJtzx7i4KgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzcyZTMx
MzMzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMyMzMzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnjhTANBgkqhkiG9w0BAQsFAAOCAQEAk32FBOzFu7aqMwDcT7j/JVru7q9Y
jjzHzWUbJHFS2ztcxTWlq8e3yM9IEyydMziqlOihfq5Fj6LSOxEMhSzdMUcRl6hU
o/h3yDLZlp7+YKdzVpXgpodNMp7grBV+tkRX4IA4mLdE4D6Y8dEETQv8XSR5UEkI
4UlnBk8HYpHNgvmtGPmuHlCOaTJ4QfLCaHYb/YHf4v9Hi0u+hTgQjLJFMgMQossC
c6NTHrEn6OFdXq9acTiMjBtgTbLLuDegMj8IL8jvcSZ4KsaJ25xY8pkfn5H0+7Zm
DAQxFtj/cH7PFQwHevuqeme4zYEVy0As414osSo2qrXgDtAhUXW1UKE2oA==
-----END CERTIFICATE-----
Generated at Fri Sep 5 07:54:19 2025 by rpki-client