Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233392e3134392e302f32342d3234203d3e20323132323338.roa
File: 3138352e3233392e3134392e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: b6c9Fcf4GPxtJkzDSCSw264Hq4gUdL89F6/yBmGymLw=
Subject key identifier: 33:DB:77:24:1B:03:F3:C2:E9:E0:2A:CC:19:AF:79:62:3C:22:F3:AA
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7BFE4919A670A0E0B6FCBC2AB40FE45DF79D243C
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233392e3134392e302f32342d3234203d3e20323132323338.roa
Signing time: Thu 28 Aug 2025 08:51:34 +0000
ROA not before: Thu 28 Aug 2025 08:46:34 +0000
ROA not after: Thu 27 Aug 2026 08:51:34 +0000
asID: 212238
IP address blocks: 185.239.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 01:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:fe:49:19:a6:70:a0:e0:b6:fc:bc:2a:b4:0f:e4:5d:f7:9d:24:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 28 08:46:34 2025 GMT
Not After : Aug 27 08:51:34 2026 GMT
Subject: CN=33DB77241B03F3C2E9E02ACC19AF79623C22F3AA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:9c:6c:6e:2d:4d:67:2c:15:55:71:98:79:93:
91:04:11:9a:ff:4e:93:42:39:26:33:a8:f0:85:25:
1f:b6:60:07:af:12:28:71:12:a9:42:73:b2:7f:b9:
f6:42:c1:d5:9e:8b:a4:db:c0:4d:09:19:87:f1:55:
71:72:ff:14:6f:9f:f3:d7:7c:24:8f:07:f3:31:27:
7c:d4:ce:65:dc:a3:f2:8e:82:04:b8:fe:e1:12:30:
be:8e:34:42:d4:f1:74:3a:92:49:61:5f:ff:da:91:
b5:ee:61:f0:1c:04:66:50:6d:55:40:53:ba:68:55:
68:38:90:96:89:55:8e:fc:3a:a8:a5:8d:2d:72:66:
63:42:99:20:60:82:03:6b:3f:c0:a1:c9:c2:a2:a5:
dc:e6:7e:9f:f8:83:0d:d9:c8:76:92:9c:8f:ac:6a:
2c:1e:92:f8:c0:73:c1:24:97:81:c0:54:ba:24:7c:
86:6d:81:98:70:e8:5e:21:97:15:26:12:89:31:18:
a1:f1:2f:f5:39:93:47:e6:01:87:4b:b1:90:69:fc:
70:bc:ef:ba:a6:92:25:e5:ac:66:13:bc:97:0c:92:
46:e5:39:36:43:e2:c7:c1:98:82:29:be:81:bc:32:
e8:c6:91:8d:e9:fb:13:9c:a3:59:8f:89:37:34:26:
15:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:DB:77:24:1B:03:F3:C2:E9:E0:2A:CC:19:AF:79:62:3C:22:F3:AA
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233392e3134392e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.149.0/24
Signature Algorithm: sha256WithRSAEncryption
37:95:4e:3d:94:ca:e9:38:38:25:23:55:94:f5:0e:47:06:b8:
59:f4:70:05:ae:3e:80:73:08:e0:c0:16:4f:3e:20:ab:09:81:
52:60:33:c2:34:37:1d:a1:b2:d1:92:e5:17:37:2e:c8:2d:5d:
09:ce:27:8d:1a:5e:5e:78:e8:09:77:ef:cd:76:89:4c:bb:2e:
e6:2f:b1:4d:1a:7f:ad:f6:6a:e9:39:f9:b6:af:79:3c:4d:0b:
fb:5c:4f:4c:70:16:81:b4:59:d1:df:ab:ac:f8:54:ea:7a:41:
2f:4a:11:3e:ee:89:3e:15:6b:98:a3:7f:9d:b3:76:75:e1:40:
d9:cd:a0:0a:a5:dc:8c:ea:3b:eb:3c:3f:f0:ae:41:0e:fa:0d:
35:8d:bf:dd:4d:14:72:ec:e1:ee:00:00:4f:dc:d1:c7:b8:72:
a5:ca:8c:49:78:2f:14:55:50:92:04:5b:e4:e7:d7:2c:e1:52:
59:57:c7:18:8c:ba:db:96:0f:c3:dc:35:4e:38:d0:ae:e3:9d:
41:e8:f2:41:5c:94:4a:6c:ff:18:78:95:24:70:5f:b4:ea:a1:
b7:89:a3:7e:21:a6:d2:23:f6:e2:fe:9b:eb:70:ce:a5:d5:44:
7f:91:e8:d6:49:cf:ba:00:90:66:22:4a:4a:16:43:d7:f8:db:
b0:e1:5f:a9
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUe/5JGaZwoOC2/LwqtA/kXfedJDwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjgwODQ2MzRaFw0yNjA4MjcwODUxMzRaMDMxMTAvBgNV
BAMTKDMzREI3NzI0MUIwM0YzQzJFOUUwMkFDQzE5QUY3OTYyM0MyMkYzQUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWnGxuLU1nLBVVcZh5k5EEEZr/
TpNCOSYzqPCFJR+2YAevEihxEqlCc7J/ufZCwdWei6TbwE0JGYfxVXFy/xRvn/PX
fCSPB/MxJ3zUzmXco/KOggS4/uESML6ONELU8XQ6kklhX//akbXuYfAcBGZQbVVA
U7poVWg4kJaJVY78OqiljS1yZmNCmSBgggNrP8ChycKipdzmfp/4gw3ZyHaSnI+s
aiwekvjAc8Ekl4HAVLokfIZtgZhw6F4hlxUmEokxGKHxL/U5k0fmAYdLsZBp/HC8
77qmkiXlrGYTvJcMkkblOTZD4sfBmIIpvoG8MujGkY3p+xOco1mPiTc0JhWRAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUM9t3JBsD88Lp4CrMGa95Yjwi86owHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMzMzkyZTMx
MzQzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMyMzMzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnvlTANBgkqhkiG9w0BAQsFAAOCAQEAN5VOPZTK6Tg4JSNVlPUORwa4WfRw
Ba4+gHMI4MAWTz4gqwmBUmAzwjQ3HaGy0ZLlFzcuyC1dCc4njRpeXnjoCXfvzXaJ
TLsu5i+xTRp/rfZq6Tn5tq95PE0L+1xPTHAWgbRZ0d+rrPhU6npBL0oRPu6JPhVr
mKN/nbN2deFA2c2gCqXcjOo76zw/8K5BDvoNNY2/3U0Ucuzh7gAAT9zRx7hypcqM
SXgvFFVQkgRb5OfXLOFSWVfHGIy625YPw9w1TjjQruOdQejyQVyUSmz/GHiVJHBf
tOqht4mjfiGm0iP24v6b63DOpdVEf5Ho1knPugCQZiJKShZD1/jbsOFfqQ==
-----END CERTIFICATE-----
Generated at Fri Sep 5 07:55:30 2025 by rpki-client