Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/3138352e3235302e34322e302f32332d3233203d3e203338313935.roa
File: 3138352e3235302e34322e302f32332d3233203d3e203338313935.roa (raw, json)
Hash identifier: N+mjQzTN9eKn05wWYxGO3ym5VpigEEyuw5Wil2CeqM0=
Subject key identifier: F0:4A:E3:18:E9:47:AC:EC:F7:7B:DC:F8:F3:AD:7D:87:AA:13:4E:D2
Certificate issuer: /CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Certificate serial: 533FC331B16DEB1CD58AABC41385D0B08DABB36A
Authority key identifier: 83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/3138352e3235302e34322e302f32332d3233203d3e203338313935.roa
Signing time: Tue 22 Jul 2025 16:54:13 +0000
ROA not before: Tue 22 Jul 2025 16:49:13 +0000
ROA not after: Tue 21 Jul 2026 16:54:13 +0000
asID: 38195
IP address blocks: 185.250.42.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.mft
rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 11:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:3f:c3:31:b1:6d:eb:1c:d5:8a:ab:c4:13:85:d0:b0:8d:ab:b3:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Validity
Not Before: Jul 22 16:49:13 2025 GMT
Not After : Jul 21 16:54:13 2026 GMT
Subject: CN=F04AE318E947ACECF77BDCF8F3AD7D87AA134ED2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:12:6b:f9:83:7f:45:2f:96:75:c1:22:6f:8e:
7d:0b:7f:52:d1:17:ad:54:29:c2:c9:27:d8:33:be:
61:8d:21:68:02:ed:6d:91:8f:f0:38:be:00:8d:94:
00:11:f4:7f:51:44:bc:8a:5c:a7:d8:0a:79:97:3c:
21:b2:6e:cf:c6:ee:2c:cd:25:7e:9f:e3:72:1a:04:
45:c1:26:04:40:5e:7c:69:7e:36:f8:2c:b0:47:ba:
b6:8d:15:15:90:9d:a0:2f:c3:7c:49:c5:a4:c2:6f:
cf:81:2c:5a:9e:eb:56:83:b2:4e:80:b0:83:c4:47:
16:65:98:f7:6d:23:9e:1f:da:77:81:be:1f:3a:11:
cf:52:59:df:2c:e1:14:ff:67:39:63:12:4f:7c:3e:
7b:0c:11:fb:f7:34:90:07:f6:ee:f8:36:a4:af:53:
ba:46:e2:2e:bd:00:76:62:95:b0:88:17:ed:e7:e2:
d6:5e:ab:a7:38:8a:64:19:54:af:d5:7d:3a:af:72:
d6:a8:bf:85:5a:33:6e:6b:7b:d4:4c:10:46:aa:98:
fa:b7:44:94:44:12:6a:65:0e:89:92:2e:62:eb:fc:
cb:04:e8:e6:48:30:f5:55:6e:4a:d1:7e:8c:13:b7:
0f:70:fc:a9:05:9f:9f:e3:4b:b5:cb:e6:66:38:2c:
b3:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:4A:E3:18:E9:47:AC:EC:F7:7B:DC:F8:F3:AD:7D:87:AA:13:4E:D2
X509v3 Authority Key Identifier:
keyid:83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/3138352e3235302e34322e302f32332d3233203d3e203338313935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.42.0/23
Signature Algorithm: sha256WithRSAEncryption
21:c2:b0:50:bc:48:65:c9:6e:85:b4:35:78:43:06:a6:b6:7e:
a3:01:95:ca:31:c9:d9:7e:9a:c7:31:79:6d:81:ee:29:6f:e3:
e3:5c:a7:f6:7f:17:e2:bf:0b:00:23:b9:c1:49:37:18:da:9c:
c1:3a:a0:73:8e:50:32:9a:b9:6e:56:54:ea:71:6a:1c:48:a1:
0c:3d:82:37:e5:01:75:88:3d:ff:04:24:4e:72:d3:80:e6:06:
dd:37:3f:81:b0:36:a1:95:56:7b:4a:e2:56:69:e9:e5:da:62:
02:7c:fd:fb:0e:f4:ab:93:ad:c7:bb:cc:c7:8a:6e:d9:d3:08:
c0:78:06:2a:2e:56:69:cd:04:f4:22:d5:58:a3:4f:bd:6d:43:
23:86:c5:07:07:7f:d3:34:9f:b5:3d:20:7b:9e:1a:ce:da:52:
db:4e:1d:af:f9:63:82:3e:ea:64:75:c5:ff:22:32:f0:14:c7:
64:7b:70:50:b7:9f:0b:ca:27:48:3d:8c:21:f4:07:73:3a:4f:
0e:96:ae:e0:dd:a2:ba:f0:51:8a:01:4d:4c:e8:c0:3d:2f:8e:
17:4d:e8:49:52:ec:73:cb:e0:e4:aa:d4:de:b4:f1:30:fe:70:
a5:10:91:d2:39:6c:52:4d:6d:39:17:6e:0f:6b:86:c6:07:ef:
08:9a:07:d0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUUz/DMbFt6xzViqvEE4XQsI2rs2owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODMwZTA2NDE5ZmM0NmEyODAyZjZmMDNiNzEzNjhhYzdi
YWFmNjRjZTAeFw0yNTA3MjIxNjQ5MTNaFw0yNjA3MjExNjU0MTNaMDMxMTAvBgNV
BAMTKEYwNEFFMzE4RTk0N0FDRUNGNzdCRENGOEYzQUQ3RDg3QUExMzRFRDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFEmv5g39FL5Z1wSJvjn0Lf1LR
F61UKcLJJ9gzvmGNIWgC7W2Rj/A4vgCNlAAR9H9RRLyKXKfYCnmXPCGybs/G7izN
JX6f43IaBEXBJgRAXnxpfjb4LLBHuraNFRWQnaAvw3xJxaTCb8+BLFqe61aDsk6A
sIPERxZlmPdtI54f2neBvh86Ec9SWd8s4RT/ZzljEk98PnsMEfv3NJAH9u74NqSv
U7pG4i69AHZilbCIF+3n4tZeq6c4imQZVK/VfTqvctaov4VaM25re9RMEEaqmPq3
RJREEmplDomSLmLr/MsE6OZIMPVVbkrRfowTtw9w/KkFn5/jS7XL5mY4LLPrAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU8ErjGOlHrOz3e9z48619h6oTTtIwHwYDVR0j
BBgwFoAUgw4GQZ/EaigC9vA7cTaKx7qvZM4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQtYmE2Ny00OTc5LThkMTItMGVkNDc0OGZj
ODZlLzAvODMwRTA2NDE5RkM0NkEyODAyRjZGMDNCNzEzNjhBQzdCQUFGNjRDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2d3NEdRWl9FYWlnQzl2QTdjVGFLeDdx
dlpNNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQt
YmE2Ny00OTc5LThkMTItMGVkNDc0OGZjODZlLzAvMzEzODM1MmUzMjM1MzAyZTM0
MzIyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzMzM4MzEzOTM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
ufoqMA0GCSqGSIb3DQEBCwUAA4IBAQAhwrBQvEhlyW6FtDV4Qwamtn6jAZXKMcnZ
fprHMXltge4pb+PjXKf2fxfivwsAI7nBSTcY2pzBOqBzjlAymrluVlTqcWocSKEM
PYI35QF1iD3/BCROctOA5gbdNz+BsDahlVZ7SuJWaenl2mICfP37DvSrk63Hu8zH
im7Z0wjAeAYqLlZpzQT0ItVYo0+9bUMjhsUHB3/TNJ+1PSB7nhrO2lLbTh2v+WOC
PupkdcX/IjLwFMdke3BQt58LyidIPYwh9AdzOk8Olq7g3aK68FGKAU1M6MA9L44X
TehJUuxzy+DkqtTetPEw/nClEJHSOWxSTW05F24Pa4bGB+8ImgfQ
-----END CERTIFICATE-----
Generated at Fri Aug 8 13:04:11 2025 by rpki-client