Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230382e302f32342d3234203d3e203538303631.roa
File: 38352e3233372e3230382e302f32342d3234203d3e203538303631.roa (raw, json)
Hash identifier: 45dYZ753D7vJ0EKymAAepOq8ZxENEl3NNl0MgNI/PXA=
Subject key identifier: FB:1E:EC:B2:70:D0:66:63:D1:C5:73:04:94:E5:86:7C:80:AF:9D:D5
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 7AE71B940F2A63B3BF031B3976099FE5353B6261
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230382e302f32342d3234203d3e203538303631.roa
Signing time: Wed 22 Oct 2025 16:55:09 +0000
ROA not before: Wed 22 Oct 2025 16:50:09 +0000
ROA not after: Wed 21 Oct 2026 16:55:09 +0000
asID: 58061
IP address blocks: 85.237.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 21:09:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:e7:1b:94:0f:2a:63:b3:bf:03:1b:39:76:09:9f:e5:35:3b:62:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Oct 22 16:50:09 2025 GMT
Not After : Oct 21 16:55:09 2026 GMT
Subject: CN=FB1EECB270D06663D1C5730494E5867C80AF9DD5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:d1:84:0a:8c:d5:dd:6d:e9:1b:ea:a9:1e:2b:
b7:02:94:be:47:7a:e2:6f:94:37:3e:96:41:cc:24:
95:b1:c7:7f:98:84:4b:40:35:4e:4d:06:80:7b:db:
bd:58:63:94:49:f2:90:33:b9:f9:00:c4:4c:9c:66:
0e:eb:2c:85:05:71:f5:72:7a:10:b6:28:55:7f:15:
cf:cc:2e:3f:2f:8b:fd:4b:0f:f5:54:a1:2b:2c:1d:
c8:44:09:1a:2c:d5:16:c0:c7:c4:16:d2:5f:f3:8a:
b1:df:1d:9e:f3:4d:b8:a4:04:47:1a:e1:f6:df:ca:
08:22:1d:8d:a9:f9:91:e2:60:84:9e:63:07:30:cb:
82:0d:ee:ee:f1:6a:c8:d2:32:25:7b:2c:da:b5:4d:
c5:ef:17:39:6c:a0:66:3d:32:0b:63:ef:54:8f:12:
d5:2e:71:74:69:91:1e:fd:99:5a:8c:33:0f:1b:66:
cc:6c:1f:ca:a2:84:7c:7d:dd:ce:3f:34:07:b1:95:
ce:69:a2:ee:a5:10:d6:e2:91:5e:e1:50:03:62:d0:
72:a8:e5:7e:a0:d1:64:11:30:b6:1c:a7:5e:cc:da:
2b:97:05:26:2a:fe:90:00:9f:4a:17:52:dc:ef:9f:
6e:f6:a1:60:77:a9:2e:7d:4f:d8:e5:34:6f:34:b6:
3f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:1E:EC:B2:70:D0:66:63:D1:C5:73:04:94:E5:86:7C:80:AF:9D:D5
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230382e302f32342d3234203d3e203538303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.208.0/24
Signature Algorithm: sha256WithRSAEncryption
95:a1:86:4e:2b:2c:3a:4c:69:d2:ed:df:d5:75:2d:7c:ec:80:
29:70:85:43:1a:ec:9c:15:f2:14:9d:9b:50:94:3a:61:c6:c0:
d9:6e:3d:b2:78:a8:f5:fa:49:88:c1:7e:ad:3c:e5:29:d5:95:
8d:0b:ff:b1:72:c4:e8:0e:1f:39:6c:e6:76:a9:5b:1b:e0:e6:
20:6b:5e:66:25:1b:15:4d:b3:d4:9a:4c:f7:3a:a7:00:82:f3:
6a:71:da:2a:bd:41:98:5a:2b:3d:a2:72:34:01:d1:cb:83:54:
3a:13:3d:b0:f0:94:1c:6b:3e:07:34:8d:e2:ec:39:de:6f:87:
0a:ca:32:ad:fb:c1:99:65:11:e8:30:c1:35:ba:40:cc:f3:fa:
83:ae:ae:88:9d:69:0c:93:32:dc:dc:05:fa:9e:f0:9a:0f:85:
99:82:b6:d4:e0:74:d5:cd:bb:a8:c1:f2:3d:19:08:71:3d:bb:
25:88:b1:38:cd:a7:fd:c3:92:af:2c:37:8d:7d:0b:5c:83:bf:
c5:49:82:87:64:e0:11:fb:a8:44:d9:89:00:cc:51:79:f8:0e:
76:7b:ce:2a:c9:3f:49:04:7f:4d:8c:1e:68:a5:39:bf:25:1e:
6d:6b:5a:66:e3:bd:10:da:7f:a6:a0:0b:52:62:02:52:13:6a:
ce:6d:c2:22
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUeucblA8qY7O/Axs5dgmf5TU7YmEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTEwMjIxNjUwMDlaFw0yNjEwMjExNjU1MDlaMDMxMTAvBgNV
BAMTKEZCMUVFQ0IyNzBEMDY2NjNEMUM1NzMwNDk0RTU4NjdDODBBRjlERDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCI0YQKjNXdbekb6qkeK7cClL5H
euJvlDc+lkHMJJWxx3+YhEtANU5NBoB7271YY5RJ8pAzufkAxEycZg7rLIUFcfVy
ehC2KFV/Fc/MLj8vi/1LD/VUoSssHchECRos1RbAx8QW0l/zirHfHZ7zTbikBEca
4fbfyggiHY2p+ZHiYISeYwcwy4IN7u7xasjSMiV7LNq1TcXvFzlsoGY9Mgtj71SP
EtUucXRpkR79mVqMMw8bZsxsH8qihHx93c4/NAexlc5pou6lENbikV7hUANi0HKo
5X6g0WQRMLYcp17M2iuXBSYq/pAAn0oXUtzvn272oWB3qS59T9jlNG80tj8nAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU+x7ssnDQZmPRxXMElOWGfICvndUwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMw
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTM4MzAzNjMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Ve3QMA0GCSqGSIb3DQEBCwUAA4IBAQCVoYZOKyw6TGnS7d/VdS187IApcIVDGuyc
FfIUnZtQlDphxsDZbj2yeKj1+kmIwX6tPOUp1ZWNC/+xcsToDh85bOZ2qVsb4OYg
a15mJRsVTbPUmkz3OqcAgvNqcdoqvUGYWis9onI0AdHLg1Q6Ez2w8JQcaz4HNI3i
7Dneb4cKyjKt+8GZZRHoMME1ukDM8/qDrq6InWkMkzLc3AX6nvCaD4WZgrbU4HTV
zbuowfI9GQhxPbsliLE4zaf9w5KvLDeNfQtcg7/FSYKHZOAR+6hE2YkAzFF5+A52
e84qyT9JBH9NjB5opTm/JR5ta1pm470Q2n+moAtSYgJSE2rObcIi
-----END CERTIFICATE-----
Generated at Wed Nov 5 12:24:11 2025 by rpki-client