Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232312e302f32342d3234203d3e20313335343032.roa
File: 38352e3233372e3232312e302f32342d3234203d3e20313335343032.roa (raw, json)
Hash identifier: lJrTXGvqLCtu6cef6iZf3khISFbUFFsjAGWek66yrLY=
Subject key identifier: 97:59:64:10:C4:C4:2D:E7:33:BC:B4:1C:4A:89:75:21:BB:31:4B:8A
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 72453775C87DAE62BE85E6B5691AE48142879B2A
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232312e302f32342d3234203d3e20313335343032.roa
Signing time: Fri 06 Jun 2025 01:47:10 +0000
ROA not before: Fri 06 Jun 2025 01:42:10 +0000
ROA not after: Fri 05 Jun 2026 01:47:10 +0000
asID: 135402
IP address blocks: 85.237.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 18 Jun 2025 09:10:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:45:37:75:c8:7d:ae:62:be:85:e6:b5:69:1a:e4:81:42:87:9b:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Jun 6 01:42:10 2025 GMT
Not After : Jun 5 01:47:10 2026 GMT
Subject: CN=97596410C4C42DE733BCB41C4A897521BB314B8A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0a:09:82:8a:af:ca:c2:16:cf:5e:43:5e:b1:
02:0c:31:60:f7:b0:da:80:1d:ac:4e:8f:8f:61:81:
78:f1:8f:d5:36:39:7b:f7:30:c3:d4:8b:25:6d:58:
a6:f3:76:1c:35:08:82:0a:e4:c7:e9:56:78:e1:13:
50:2d:55:35:b6:2a:6f:40:ce:cf:32:60:bb:ec:f4:
52:94:38:16:50:c3:e2:7f:5d:df:d6:cf:07:53:62:
9f:db:94:6b:83:2b:b8:f0:f5:78:42:01:20:b2:6f:
a6:aa:3c:d4:da:1d:db:d2:e4:7d:d5:1a:e3:3e:fb:
61:cb:b5:5a:4a:c7:52:ba:83:2f:12:ce:f2:ca:06:
ec:89:05:af:c8:e2:f6:35:05:b9:fb:8e:1f:e6:76:
51:f1:8f:ee:ec:92:74:dc:b2:ac:d4:94:57:7d:97:
93:65:8a:12:08:b1:b4:7f:a0:17:b3:b3:b8:f2:b7:
25:2a:c7:cc:58:76:78:88:57:63:05:97:83:d0:e8:
fa:40:f3:f7:a2:2a:52:4c:e4:65:9d:40:d6:99:a3:
00:b6:8e:3d:e5:48:8d:9a:55:34:0c:f7:11:e9:be:
be:97:bd:78:dd:f4:b0:b1:21:5c:d4:91:49:23:3f:
40:5a:01:c3:27:e2:b3:fd:ba:b2:80:8c:24:9d:38:
f8:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:59:64:10:C4:C4:2D:E7:33:BC:B4:1C:4A:89:75:21:BB:31:4B:8A
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232312e302f32342d3234203d3e20313335343032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.221.0/24
Signature Algorithm: sha256WithRSAEncryption
46:30:95:81:1e:db:3c:94:8a:28:df:69:b7:cb:48:9f:37:4d:
ab:17:3b:db:e0:e4:74:73:55:57:9f:78:77:36:75:9c:93:82:
7e:a6:ac:9a:90:6c:0f:0c:9c:e7:4e:d9:cd:e3:7b:e7:5c:3b:
cb:64:c8:2e:f9:80:54:7c:14:0e:15:f9:34:99:12:d8:e9:bd:
38:52:4c:89:5a:49:86:0c:f7:f3:8e:09:9f:9b:30:ec:2d:9e:
b9:6b:4d:6c:a2:66:57:7c:13:46:89:c5:28:1f:e2:7f:f1:9c:
0b:39:43:58:61:40:b1:ac:b8:80:cb:be:99:a7:f7:36:6d:f4:
4e:d6:f7:66:8d:4c:4c:ce:28:74:4f:32:ca:89:9e:a3:be:98:
0f:fe:fe:42:9e:45:8e:c3:53:2b:11:22:e6:f3:12:f7:8d:b4:
d1:bb:e5:68:46:f7:0c:4e:82:60:35:9d:37:b0:7b:10:85:34:
65:9f:7b:19:20:2e:d4:9b:c1:08:5e:26:16:d2:8b:17:ac:f1:
48:9c:95:8f:23:14:3f:90:01:f5:36:5f:ed:2b:2a:84:7c:35:
0f:74:38:52:7d:07:7d:b5:8b:ae:84:60:4b:6b:65:e9:42:03:
74:91:c2:36:6f:c3:af:31:8d:24:59:bd:4b:95:93:88:f5:6d:
27:ac:1f:de
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUckU3dch9rmK+hea1aRrkgUKHmyowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTA2MDYwMTQyMTBaFw0yNjA2MDUwMTQ3MTBaMDMxMTAvBgNV
BAMTKDk3NTk2NDEwQzRDNDJERTczM0JDQjQxQzRBODk3NTIxQkIzMTRCOEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnCgmCiq/KwhbPXkNesQIMMWD3
sNqAHaxOj49hgXjxj9U2OXv3MMPUiyVtWKbzdhw1CIIK5MfpVnjhE1AtVTW2Km9A
zs8yYLvs9FKUOBZQw+J/Xd/WzwdTYp/blGuDK7jw9XhCASCyb6aqPNTaHdvS5H3V
GuM++2HLtVpKx1K6gy8SzvLKBuyJBa/I4vY1Bbn7jh/mdlHxj+7sknTcsqzUlFd9
l5NlihIIsbR/oBezs7jytyUqx8xYdniIV2MFl4PQ6PpA8/eiKlJM5GWdQNaZowC2
jj3lSI2aVTQM9xHpvr6XvXjd9LCxIVzUkUkjP0BaAcMn4rP9urKAjCSdOPjlAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUl1lkEMTELeczvLQcSol1IbsxS4owHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMy
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzUzNDMwMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7d0wDQYJKoZIhvcNAQELBQADggEBAEYwlYEe2zyUiijfabfLSJ83TasXO9vg
5HRzVVefeHc2dZyTgn6mrJqQbA8MnOdO2c3je+dcO8tkyC75gFR8FA4V+TSZEtjp
vThSTIlaSYYM9/OOCZ+bMOwtnrlrTWyiZld8E0aJxSgf4n/xnAs5Q1hhQLGsuIDL
vpmn9zZt9E7W92aNTEzOKHRPMsqJnqO+mA/+/kKeRY7DUysRIubzEveNtNG75WhG
9wxOgmA1nTewexCFNGWfexkgLtSbwQheJhbSixes8UiclY8jFD+QAfU2X+0rKoR8
NQ90OFJ9B321i66EYEtrZelCA3SRwjZvw68xjSRZvUuVk4j1bSesH94=
-----END CERTIFICATE-----
Generated at Tue Jun 17 23:34:42 2025 by rpki-client