Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232332e302f32342d3234203d3e20323034343537.roa
File: 38352e3233372e3232332e302f32342d3234203d3e20323034343537.roa (raw, json)
Hash identifier: Iqezs3KyvPmo64a6LXunVCete1CQ4tj2NZ5V4bxSPUs=
Subject key identifier: E9:41:71:52:4E:C0:FA:B6:45:4E:D5:E1:B3:DD:95:C4:6C:AD:FC:05
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 7D72140D8E1E68BEF8C0C82EF011A1E6CBB62D82
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232332e302f32342d3234203d3e20323034343537.roa
Signing time: Sat 24 May 2025 17:21:24 +0000
ROA not before: Sat 24 May 2025 17:16:24 +0000
ROA not after: Sat 23 May 2026 17:21:24 +0000
asID: 204457
IP address blocks: 85.237.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Jun 2025 13:16:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:72:14:0d:8e:1e:68:be:f8:c0:c8:2e:f0:11:a1:e6:cb:b6:2d:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: May 24 17:16:24 2025 GMT
Not After : May 23 17:21:24 2026 GMT
Subject: CN=E94171524EC0FAB6454ED5E1B3DD95C46CADFC05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:9b:73:96:cf:0e:16:80:0a:7d:eb:aa:e2:07:
c2:5c:2c:6a:f6:fb:23:e0:7e:01:b7:d9:08:fd:5e:
f5:85:db:bd:03:aa:37:1f:8f:c5:53:10:cd:38:80:
fe:4e:a4:ae:91:86:96:8a:d2:b9:ae:5d:23:45:76:
66:50:0f:0a:da:77:10:c5:a0:4b:34:f6:3c:40:c9:
fd:df:5f:f4:b2:49:78:77:4b:5e:84:b9:1b:f7:3c:
0d:e7:c5:cb:53:7c:6e:73:8b:d4:56:79:ac:e6:74:
0a:c1:7f:65:75:f7:54:28:0a:fe:4f:91:66:d5:8c:
9a:ff:e5:3e:7c:70:5f:ee:89:07:8b:e8:0e:aa:9b:
21:b4:c8:53:a3:2e:72:9c:df:bd:05:ed:50:c3:df:
7d:2c:a6:0a:81:5f:a8:16:35:b2:ca:40:3d:e0:b9:
9b:c8:f3:97:2b:ab:6f:e2:0b:0d:d8:21:e1:2b:75:
9d:b3:a2:9d:08:b1:09:99:dc:8b:d5:9d:78:a6:ec:
aa:5d:0f:4f:45:2a:4d:64:cb:70:fb:c1:bc:40:a6:
b9:a5:ab:6f:4f:bc:3c:f6:23:b5:a4:f0:cd:be:28:
6c:c1:fa:54:05:c0:84:53:5e:c6:eb:db:22:33:4d:
23:77:a2:95:d6:91:b4:24:81:88:4e:cf:b3:33:67:
35:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:41:71:52:4E:C0:FA:B6:45:4E:D5:E1:B3:DD:95:C4:6C:AD:FC:05
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232332e302f32342d3234203d3e20323034343537.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.223.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:8f:7c:87:3f:6c:9e:9c:27:05:4d:71:20:86:f3:62:b1:79:
ac:f6:7a:21:1a:9c:92:fe:e5:bf:21:17:b5:23:bd:33:9e:72:
b9:54:4c:df:d5:ce:f1:ed:d0:41:61:7b:f5:90:06:34:56:c2:
06:7f:9b:d9:c3:60:03:f8:17:1a:ba:4d:b5:cc:ac:8b:1e:04:
10:25:da:b5:c5:6d:c4:d2:32:40:5f:e3:b4:7c:27:14:6e:9f:
ef:e8:15:ae:43:07:27:be:2e:0f:93:dd:cb:9b:69:5f:8e:ae:
e7:31:d7:22:4d:8b:2a:45:6b:ea:ad:a7:31:37:3a:d6:ac:95:
fc:16:16:b2:98:e0:5e:1b:d5:9e:93:34:f0:f4:40:0a:59:0a:
94:b7:f5:bd:da:39:1a:9c:1b:1a:69:b1:1f:de:6d:33:1f:58:
53:53:a1:92:0d:81:0e:f4:8d:a9:07:af:50:b8:c9:5e:68:18:
98:fe:f6:7a:81:ff:1c:a0:e1:eb:66:9d:f3:7d:09:30:47:d3:
51:34:95:6f:11:23:2d:c6:08:f1:26:7f:2b:74:b0:77:55:09:
82:6b:c5:dd:22:c7:2d:18:a1:60:f2:46:c9:c3:80:a6:ac:03:
53:7f:f2:0e:7a:23:42:ed:df:51:9a:e3:21:eb:a7:dd:6c:71:
49:e7:92:a4
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUfXIUDY4eaL74wMgu8BGh5su2LYIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTA1MjQxNzE2MjRaFw0yNjA1MjMxNzIxMjRaMDMxMTAvBgNV
BAMTKEU5NDE3MTUyNEVDMEZBQjY0NTRFRDVFMUIzREQ5NUM0NkNBREZDMDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8m3OWzw4WgAp966riB8JcLGr2
+yPgfgG32Qj9XvWF270Dqjcfj8VTEM04gP5OpK6RhpaK0rmuXSNFdmZQDwradxDF
oEs09jxAyf3fX/SySXh3S16EuRv3PA3nxctTfG5zi9RWeazmdArBf2V191QoCv5P
kWbVjJr/5T58cF/uiQeL6A6qmyG0yFOjLnKc370F7VDD330spgqBX6gWNbLKQD3g
uZvI85crq2/iCw3YIeErdZ2zop0IsQmZ3IvVnXim7KpdD09FKk1ky3D7wbxAprml
q29PvDz2I7Wk8M2+KGzB+lQFwIRTXsbr2yIzTSN3opXWkbQkgYhOz7MzZzU3AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU6UFxUk7A+rZFTtXhs92VxGyt/AUwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMy
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzQzNDM1Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7d8wDQYJKoZIhvcNAQELBQADggEBACyPfIc/bJ6cJwVNcSCG82Kxeaz2eiEa
nJL+5b8hF7UjvTOecrlUTN/VzvHt0EFhe/WQBjRWwgZ/m9nDYAP4Fxq6TbXMrIse
BBAl2rXFbcTSMkBf47R8JxRun+/oFa5DBye+Lg+T3cubaV+Orucx1yJNiypFa+qt
pzE3OtaslfwWFrKY4F4b1Z6TNPD0QApZCpS39b3aORqcGxppsR/ebTMfWFNToZIN
gQ70jakHr1C4yV5oGJj+9nqB/xyg4etmnfN9CTBH01E0lW8RIy3GCPEmfyt0sHdV
CYJrxd0ixy0YoWDyRsnDgKasA1N/8g56I0Lt31Ga4yHrp91scUnnkqQ=
-----END CERTIFICATE-----
Generated at Tue Jun 17 06:12:02 2025 by rpki-client