Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232302e302f32342d3234203d3e20323132323338.roa
File: 38352e3233372e3232302e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: XfVuo/kjISDEmCHHvUMnWk/0W/kuzbkZAGtTqqJT+LM=
Subject key identifier: A4:45:C8:E3:E9:7F:C3:8E:A7:AC:01:49:A3:B7:6C:0C:0E:6B:DE:58
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 35D3A932A2DB81BF8E6C0D4194BF7942803D85F2
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232302e302f32342d3234203d3e20323132323338.roa
Signing time: Mon 09 Jun 2025 10:54:31 +0000
ROA not before: Mon 09 Jun 2025 10:49:31 +0000
ROA not after: Mon 08 Jun 2026 10:54:31 +0000
asID: 212238
IP address blocks: 85.237.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:d3:a9:32:a2:db:81:bf:8e:6c:0d:41:94:bf:79:42:80:3d:85:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Jun 9 10:49:31 2025 GMT
Not After : Jun 8 10:54:31 2026 GMT
Subject: CN=A445C8E3E97FC38EA7AC0149A3B76C0C0E6BDE58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a3:81:6f:be:73:11:4c:a3:79:4b:30:79:e2:
6a:3b:9a:82:fd:b2:a0:f8:e5:eb:7d:1c:55:89:43:
c9:ba:7c:0a:14:ed:a2:ee:b3:5a:59:5e:ff:84:9d:
35:53:7e:34:e9:75:56:b3:a7:eb:a7:e7:b8:ad:8b:
16:58:36:27:ad:54:57:62:0f:1c:21:b0:8a:00:3a:
1b:0d:7a:ca:bc:17:01:cb:c1:a9:38:7e:b9:aa:f2:
51:b9:5f:1c:17:29:30:be:8a:d6:18:04:c1:20:f2:
30:0d:b2:11:78:30:3b:d3:77:c5:b4:98:ad:ea:a4:
1e:4b:5a:d1:0e:87:b4:e4:4c:6d:95:58:08:af:4c:
23:a3:ea:9f:ee:82:a4:e1:91:64:77:3d:56:5d:ea:
84:43:8d:db:bf:18:2b:67:56:b5:f9:b7:98:52:15:
16:8b:23:35:21:6e:2f:1b:86:bf:b8:31:1b:fa:13:
b0:df:01:22:24:d2:6d:51:0c:37:de:7e:0c:23:ec:
3e:d6:13:4e:81:b9:36:c3:cb:ce:9a:8d:d0:c6:d4:
9b:d1:9a:6a:db:46:a7:d1:74:79:44:77:4f:ed:a9:
7f:b4:87:94:76:af:3f:32:c8:c2:16:38:b9:a5:25:
fd:dd:25:fa:71:79:1e:54:ed:62:4f:d8:be:76:23:
8e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:45:C8:E3:E9:7F:C3:8E:A7:AC:01:49:A3:B7:6C:0C:0E:6B:DE:58
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232302e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.220.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:35:5d:33:79:28:7f:81:43:2f:5b:7d:96:b9:f8:5a:c5:4b:
0f:b5:0c:49:ac:94:4d:05:1c:18:81:6f:8f:56:c8:c5:aa:5e:
cb:7a:21:4c:c2:f2:e5:5b:0f:aa:cb:7d:6f:92:55:22:07:ca:
fb:3e:00:c7:31:f1:e0:0c:12:ef:6e:a9:6b:10:eb:7d:d0:bf:
7d:68:57:c8:ad:32:98:ec:0e:ff:bd:23:84:b0:8b:99:f0:57:
f0:42:03:55:af:6e:a1:69:d8:65:f9:95:89:b6:21:96:67:67:
14:69:c6:e1:86:ce:d3:cc:7e:95:c9:a3:ee:95:84:8e:09:34:
04:e2:34:35:91:e9:90:37:ec:79:cf:cb:16:74:79:14:e3:5f:
44:35:bc:75:fe:1d:a7:a2:54:90:31:35:c9:55:8b:3b:cf:a7:
75:71:ee:43:fc:dd:d4:0b:29:67:d3:05:c3:56:dd:8d:3a:ff:
c2:9c:e0:2d:03:ff:d8:c9:99:7a:75:23:69:fa:4f:a4:66:77:
ee:cf:91:24:f5:8c:4c:41:55:37:c4:a1:af:5c:25:41:cf:68:
b7:7d:26:4d:75:f7:8d:dc:78:f3:60:17:00:ff:9e:be:eb:c1:
b0:07:4f:3c:a6:9a:02:aa:dc:f0:d7:25:90:01:5a:df:81:e6:
38:e3:5a:00
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUNdOpMqLbgb+ObA1BlL95QoA9hfIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTA2MDkxMDQ5MzFaFw0yNjA2MDgxMDU0MzFaMDMxMTAvBgNV
BAMTKEE0NDVDOEUzRTk3RkMzOEVBN0FDMDE0OUEzQjc2QzBDMEU2QkRFNTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+o4FvvnMRTKN5SzB54mo7moL9
sqD45et9HFWJQ8m6fAoU7aLus1pZXv+EnTVTfjTpdVazp+un57itixZYNietVFdi
DxwhsIoAOhsNesq8FwHLwak4frmq8lG5XxwXKTC+itYYBMEg8jANshF4MDvTd8W0
mK3qpB5LWtEOh7TkTG2VWAivTCOj6p/ugqThkWR3PVZd6oRDjdu/GCtnVrX5t5hS
FRaLIzUhbi8bhr+4MRv6E7DfASIk0m1RDDfefgwj7D7WE06BuTbDy86ajdDG1JvR
mmrbRqfRdHlEd0/tqX+0h5R2rz8yyMIWOLmlJf3dJfpxeR5U7WJP2L52I46BAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUpEXI4+l/w46nrAFJo7dsDA5r3lgwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMy
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMjMzMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7dwwDQYJKoZIhvcNAQELBQADggEBAE01XTN5KH+BQy9bfZa5+FrFSw+1DEms
lE0FHBiBb49WyMWqXst6IUzC8uVbD6rLfW+SVSIHyvs+AMcx8eAMEu9uqWsQ633Q
v31oV8itMpjsDv+9I4Swi5nwV/BCA1WvbqFp2GX5lYm2IZZnZxRpxuGGztPMfpXJ
o+6VhI4JNATiNDWR6ZA37HnPyxZ0eRTjX0Q1vHX+HaeiVJAxNclVizvPp3Vx7kP8
3dQLKWfTBcNW3Y06/8Kc4C0D/9jJmXp1I2n6T6Rmd+7PkST1jExBVTfEoa9cJUHP
aLd9Jk11943cePNgFwD/nr7rwbAHTzymmgKq3PDXJZABWt+B5jjjWgA=
-----END CERTIFICATE-----
Generated at Sat Jun 14 04:31:08 2025 by rpki-client