Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230352e302f32342d3234203d3e203432393632.roa
File: 38352e3233372e3230352e302f32342d3234203d3e203432393632.roa (raw, json)
Hash identifier: 4TBCLz3DXPGUvv6fmxL8mbhR9Fi3mS9UgBfOFkE5oes=
Subject key identifier: D0:48:78:F9:37:F0:CD:93:21:2C:29:C2:49:1B:9A:F4:5A:81:3F:A8
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 133C7BA613C8686BA0C8FEC4057723F588B4E8B6
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230352e302f32342d3234203d3e203432393632.roa
Signing time: Fri 01 Aug 2025 10:56:37 +0000
ROA not before: Fri 01 Aug 2025 10:51:37 +0000
ROA not after: Fri 31 Jul 2026 10:56:37 +0000
asID: 42962
IP address blocks: 85.237.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 03:42:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:3c:7b:a6:13:c8:68:6b:a0:c8:fe:c4:05:77:23:f5:88:b4:e8:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Aug 1 10:51:37 2025 GMT
Not After : Jul 31 10:56:37 2026 GMT
Subject: CN=D04878F937F0CD93212C29C2491B9AF45A813FA8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:05:0e:80:15:20:96:b6:5b:c7:22:11:b6:89:
69:13:7f:28:13:aa:a3:e1:09:2e:0e:31:9b:4d:6b:
1b:03:48:a8:b9:10:a6:26:ca:c9:74:1d:60:e6:9c:
eb:d0:2b:a5:50:7d:3f:d0:2e:fa:a6:ac:82:e0:68:
c5:6d:9d:b7:70:8c:a2:49:82:d1:8e:3c:5b:6c:35:
61:4d:bf:2c:6c:b6:2e:75:05:3e:2a:03:2b:81:d7:
ba:a1:46:31:ae:07:77:93:21:88:0e:01:6f:b3:3d:
af:d3:da:b9:3c:b3:75:c9:58:e4:99:5a:42:08:fb:
94:30:b5:d7:06:62:68:c0:59:e6:ed:bc:1a:58:1c:
ef:91:27:9d:3d:9e:57:80:38:8e:d4:17:1b:c1:b4:
bc:f4:ef:15:c6:96:85:5b:c5:6f:e7:8a:6f:4f:7b:
6f:6d:40:88:6e:b4:a5:a4:28:bd:e1:0c:fa:52:2e:
61:46:58:9b:35:c5:03:22:82:15:4d:72:08:f9:a3:
25:a4:76:90:8c:2b:4a:31:d3:ed:34:03:78:46:47:
69:2a:f7:87:cb:f9:58:67:7c:75:67:fa:b1:ee:31:
fc:aa:95:2e:da:ca:c8:64:58:de:f3:d8:48:af:07:
c4:3e:47:98:68:a8:1b:7e:f7:51:b0:02:ed:3f:d6:
39:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:48:78:F9:37:F0:CD:93:21:2C:29:C2:49:1B:9A:F4:5A:81:3F:A8
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230352e302f32342d3234203d3e203432393632.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.205.0/24
Signature Algorithm: sha256WithRSAEncryption
84:10:a4:fd:80:19:fb:6d:9b:44:92:d7:5c:62:31:65:92:7c:
3b:8d:03:cc:cf:69:6f:ee:76:a7:87:09:69:a7:99:eb:dc:a7:
87:28:7a:ca:3f:a4:bb:2f:7e:f1:04:de:9b:8e:3c:50:2e:45:
ae:35:1a:39:3c:c0:84:87:90:7e:58:a0:d6:58:55:74:bf:d0:
36:c3:a4:d7:d8:07:a5:4f:83:4d:67:3a:62:2c:40:16:0e:8c:
99:b3:2c:e0:30:54:17:f7:47:82:0c:53:08:f8:0f:13:f5:35:
00:21:39:04:36:b3:02:2a:0a:5d:97:73:67:43:9a:4f:57:fb:
ac:2a:c8:48:cd:c5:fd:db:27:59:79:bd:e0:2b:ed:75:50:5d:
5f:04:7b:fb:58:fd:05:24:70:1b:02:7a:d7:0c:3b:31:d7:80:
53:c2:17:94:21:82:65:d3:f0:77:6e:0d:e1:45:4a:b6:32:45:
b4:c6:f6:a2:ec:80:4e:e0:94:ef:be:57:c3:0c:7d:c1:8b:ef:
9f:27:11:e8:b4:64:d4:3b:c5:29:27:d1:5d:f3:6f:76:2b:51:
20:a4:ea:69:d4:b8:45:78:8a:a1:26:4c:6c:7d:29:df:7f:86:
7b:f6:09:be:e1:c7:e4:4c:8e:25:0d:42:24:0f:93:cc:52:ac:
b5:71:cb:9b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUEzx7phPIaGugyP7EBXcj9Yi06LYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTA4MDExMDUxMzdaFw0yNjA3MzExMDU2MzdaMDMxMTAvBgNV
BAMTKEQwNDg3OEY5MzdGMENEOTMyMTJDMjlDMjQ5MUI5QUY0NUE4MTNGQTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4BQ6AFSCWtlvHIhG2iWkTfygT
qqPhCS4OMZtNaxsDSKi5EKYmysl0HWDmnOvQK6VQfT/QLvqmrILgaMVtnbdwjKJJ
gtGOPFtsNWFNvyxsti51BT4qAyuB17qhRjGuB3eTIYgOAW+zPa/T2rk8s3XJWOSZ
WkII+5QwtdcGYmjAWebtvBpYHO+RJ509nleAOI7UFxvBtLz07xXGloVbxW/nim9P
e29tQIhutKWkKL3hDPpSLmFGWJs1xQMighVNcgj5oyWkdpCMK0ox0+00A3hGR2kq
94fL+VhnfHVn+rHuMfyqlS7ayshkWN7z2EivB8Q+R5hoqBt+91GwAu0/1jkpAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU0Eh4+TfwzZMhLCnCSRua9FqBP6gwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMw
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMyMzkzNjMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Ve3NMA0GCSqGSIb3DQEBCwUAA4IBAQCEEKT9gBn7bZtEktdcYjFlknw7jQPMz2lv
7nanhwlpp5nr3KeHKHrKP6S7L37xBN6bjjxQLkWuNRo5PMCEh5B+WKDWWFV0v9A2
w6TX2AelT4NNZzpiLEAWDoyZsyzgMFQX90eCDFMI+A8T9TUAITkENrMCKgpdl3Nn
Q5pPV/usKshIzcX92ydZeb3gK+11UF1fBHv7WP0FJHAbAnrXDDsx14BTwheUIYJl
0/B3bg3hRUq2MkW0xvai7IBO4JTvvlfDDH3Bi++fJxHotGTUO8UpJ9Fd8292K1Eg
pOpp1LhFeIqhJkxsfSnff4Z79gm+4cfkTI4lDUIkD5PMUqy1ccub
-----END CERTIFICATE-----
Generated at Fri Aug 8 20:48:43 2025 by rpki-client