Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230312e302f32342d3234203d3e20313335333931.roa
File: 38352e3233372e3230312e302f32342d3234203d3e20313335333931.roa (raw, json)
Hash identifier: OmfD8IpEyZ4eK4niHKpQNwd1tLSU6yQE2+IzcX+nR0s=
Subject key identifier: 66:D8:27:4B:07:57:69:1B:01:28:5B:93:49:72:6F:4B:1F:1E:A9:99
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 3235F0A299396064B8717E0DD423B8EFEA2A0173
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230312e302f32342d3234203d3e20313335333931.roa
Signing time: Wed 28 May 2025 06:54:08 +0000
ROA not before: Wed 28 May 2025 06:49:08 +0000
ROA not after: Wed 27 May 2026 06:54:08 +0000
asID: 135391
IP address blocks: 85.237.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Jun 2025 10:03:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:35:f0:a2:99:39:60:64:b8:71:7e:0d:d4:23:b8:ef:ea:2a:01:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: May 28 06:49:08 2025 GMT
Not After : May 27 06:54:08 2026 GMT
Subject: CN=66D8274B0757691B01285B9349726F4B1F1EA999
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8f:48:6d:e6:9a:b2:f1:6b:a8:22:82:36:3c:
25:66:81:64:fe:db:97:f9:84:89:58:24:0a:33:0e:
21:65:47:eb:34:83:c8:d3:93:bf:d0:77:bc:85:20:
c7:60:92:26:d1:da:f1:f8:af:97:a4:98:a3:f3:84:
1a:c0:fd:5f:4f:ac:67:34:e8:a2:da:73:42:8c:36:
c2:02:7c:49:fc:05:a9:b8:70:cf:f7:12:84:3c:42:
b9:8f:c5:2c:dd:7a:6f:53:ab:5e:db:01:97:d4:60:
dc:f1:f5:a5:fc:c7:29:95:e7:d6:c6:8b:34:6b:de:
48:bd:c6:be:46:09:8f:a7:cd:49:3a:76:ca:ee:2c:
6b:8d:db:c0:9b:a2:3e:dd:9c:2a:ca:70:a1:08:78:
1a:6c:3f:28:1b:2b:1c:d4:53:0e:87:3d:e2:0e:8c:
47:3c:c7:9c:62:b9:99:4d:c1:17:47:48:60:e3:54:
c9:f7:99:5f:38:b6:eb:14:9b:2b:c5:5f:95:de:9a:
22:e4:66:8b:9c:4f:cf:77:cf:82:91:2d:7c:15:cd:
45:e3:98:f3:b6:31:66:6c:30:24:48:3c:a1:4e:32:
b8:64:c2:87:f8:f8:81:c8:b4:ea:eb:ef:8e:ff:82:
b6:47:21:f6:d5:71:05:b6:54:a4:40:d4:0b:88:cc:
ae:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:D8:27:4B:07:57:69:1B:01:28:5B:93:49:72:6F:4B:1F:1E:A9:99
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230312e302f32342d3234203d3e20313335333931.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.201.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:8f:01:dc:99:dc:c9:ed:2c:a4:29:a0:57:93:09:3e:3e:54:
05:df:27:9f:96:2f:9b:9e:1a:da:71:b2:39:9d:34:d2:23:f7:
9d:12:ee:5b:72:8f:0d:12:0e:63:16:e8:08:d0:1a:f8:0d:09:
23:7f:18:c3:84:e0:3c:0d:ce:39:87:d1:d2:0a:31:42:a1:66:
42:b4:54:ba:7c:7a:a9:53:96:8f:5b:27:20:7f:66:c0:e5:a2:
37:01:94:5b:f0:6f:e5:09:c2:38:4b:fd:bf:20:60:e7:c1:1a:
5a:11:7d:ff:4b:e1:42:a9:4e:25:18:34:55:3e:59:7e:b7:6c:
19:73:2b:36:81:dc:3a:4e:61:ba:4a:6f:1d:7b:9a:1f:d9:f1:
0f:f7:35:64:47:ce:43:24:71:0d:4b:27:c6:ce:02:0c:a8:91:
78:e0:0e:df:f8:99:c6:7e:d9:9e:84:b7:2a:c7:65:9e:46:ca:
e9:d5:cc:e9:1e:42:01:19:0d:8c:24:52:d4:1f:27:5a:27:23:
80:21:b4:ad:c3:28:ee:28:ef:c8:e1:97:41:36:3e:cc:72:44:
50:85:0d:4d:86:35:30:8e:d7:fe:53:ac:af:ee:fc:6a:30:9c:
3e:f3:55:76:ca:fc:3d:73:78:b7:b8:02:94:8a:ff:3d:63:c8:
7e:78:75:19
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMjXwopk5YGS4cX4N1CO47+oqAXMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTA1MjgwNjQ5MDhaFw0yNjA1MjcwNjU0MDhaMDMxMTAvBgNV
BAMTKDY2RDgyNzRCMDc1NzY5MUIwMTI4NUI5MzQ5NzI2RjRCMUYxRUE5OTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzj0ht5pqy8WuoIoI2PCVmgWT+
25f5hIlYJAozDiFlR+s0g8jTk7/Qd7yFIMdgkibR2vH4r5ekmKPzhBrA/V9PrGc0
6KLac0KMNsICfEn8Bam4cM/3EoQ8QrmPxSzdem9Tq17bAZfUYNzx9aX8xymV59bG
izRr3ki9xr5GCY+nzUk6dsruLGuN28Cboj7dnCrKcKEIeBpsPygbKxzUUw6HPeIO
jEc8x5xiuZlNwRdHSGDjVMn3mV84tusUmyvFX5XemiLkZoucT893z4KRLXwVzUXj
mPO2MWZsMCRIPKFOMrhkwof4+IHItOrr747/grZHIfbVcQW2VKRA1AuIzK5dAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUZtgnSwdXaRsBKFuTSXJvSx8eqZkwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMw
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzUzMzM5MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7ckwDQYJKoZIhvcNAQELBQADggEBAG+PAdyZ3MntLKQpoFeTCT4+VAXfJ5+W
L5ueGtpxsjmdNNIj950S7ltyjw0SDmMW6AjQGvgNCSN/GMOE4DwNzjmH0dIKMUKh
ZkK0VLp8eqlTlo9bJyB/ZsDlojcBlFvwb+UJwjhL/b8gYOfBGloRff9L4UKpTiUY
NFU+WX63bBlzKzaB3DpOYbpKbx17mh/Z8Q/3NWRHzkMkcQ1LJ8bOAgyokXjgDt/4
mcZ+2Z6EtyrHZZ5GyunVzOkeQgEZDYwkUtQfJ1onI4AhtK3DKO4o78jhl0E2Psxy
RFCFDU2GNTCO1/5TrK/u/GownD7zVXbK/D1zeLe4ApSK/z1jyH54dRk=
-----END CERTIFICATE-----
Generated at Thu Jun 19 05:57:23 2025 by rpki-client