Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e342e3232312e302f32342d3234203d3e20323032373336.roa
File: 3138352e342e3232312e302f32342d3234203d3e20323032373336.roa (raw, json)
Hash identifier: GppcdWq72O76ZX9sAOnWlGFPVCU/v25MPOQDT9IWXUo=
Subject key identifier: 3D:34:33:7A:75:34:29:58:68:D3:7A:FB:AE:CD:26:34:89:18:EA:47
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 1B4AB0ADE9AFF034AD20D392D6927968901E2E6E
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e342e3232312e302f32342d3234203d3e20323032373336.roa
Signing time: Wed 06 Aug 2025 09:42:46 +0000
ROA not before: Wed 06 Aug 2025 09:37:46 +0000
ROA not after: Wed 05 Aug 2026 09:42:46 +0000
asID: 202736
IP address blocks: 185.4.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 19:52:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:4a:b0:ad:e9:af:f0:34:ad:20:d3:92:d6:92:79:68:90:1e:2e:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Aug 6 09:37:46 2025 GMT
Not After : Aug 5 09:42:46 2026 GMT
Subject: CN=3D34337A7534295868D37AFBAECD26348918EA47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:cc:fb:7f:99:a6:e4:1a:90:50:62:82:5f:59:
9d:31:08:b8:d3:94:42:b6:47:09:2d:6f:07:b5:13:
3a:71:fb:b5:6b:2b:a9:d9:88:87:32:92:6d:d8:b0:
41:16:f3:e6:68:fb:ce:05:d8:ac:bd:78:82:c6:d2:
91:63:48:4a:70:67:0d:b0:da:1f:db:7b:a6:c3:18:
a7:7d:8f:fa:91:b4:f5:43:a9:7d:aa:0a:be:7d:46:
98:8d:62:cd:b8:06:06:23:af:59:18:c3:8e:46:6c:
39:44:cf:79:e4:f3:18:24:77:94:a0:df:0f:85:be:
88:b5:59:3e:0d:32:f3:e5:95:1f:8a:1d:b8:70:4f:
43:c1:50:46:24:ba:a9:86:69:7a:3d:4b:66:b6:fa:
96:9a:c1:2a:2a:05:90:59:69:ad:44:0d:2c:09:3b:
a5:14:6d:85:da:55:9c:54:12:8a:ca:15:ad:02:40:
b9:d9:d9:4b:7a:25:f2:d4:10:82:bb:02:46:d8:b7:
db:79:66:7a:10:9e:59:6b:9c:d9:7a:91:33:03:e5:
83:73:a6:8b:4a:80:5e:1b:bd:b8:12:60:e5:d7:d2:
14:2c:55:1e:7b:a0:a5:06:30:fa:4f:30:fb:b3:7d:
23:a2:5e:d3:8e:a9:4f:b2:0c:b3:80:2a:f9:fd:09:
5f:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:34:33:7A:75:34:29:58:68:D3:7A:FB:AE:CD:26:34:89:18:EA:47
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e342e3232312e302f32342d3234203d3e20323032373336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.221.0/24
Signature Algorithm: sha256WithRSAEncryption
72:23:52:98:da:1a:f9:5d:1f:27:a9:b8:8f:2f:b3:c5:a5:46:
57:94:b7:26:61:f9:26:d1:42:a8:eb:0f:58:a5:43:97:fc:76:
8c:61:62:84:26:54:1a:71:f6:3a:d9:d5:98:83:cd:c0:f4:21:
6f:e3:83:c5:75:38:78:2b:40:e1:c4:26:42:d5:ca:02:50:56:
4e:60:12:32:a1:68:c7:d2:f3:9f:8b:74:f3:b1:b4:b7:e6:57:
3d:4c:28:9b:c0:e6:ca:21:c2:cd:37:06:e9:bf:a7:2c:47:f5:
57:52:66:e5:ad:c1:68:a7:a6:81:93:31:00:f2:7c:42:d2:5a:
df:1e:4e:56:d4:be:3c:fe:5d:d7:16:be:98:87:c1:8d:9a:ea:
40:0b:6f:e4:c6:2b:17:86:62:63:2d:59:be:4e:76:e6:31:73:
52:15:af:ee:f4:b0:b9:89:09:a6:cb:ee:f5:02:82:05:d2:6e:
21:c1:c3:2f:27:43:aa:df:44:3d:dc:ba:df:61:a6:3a:80:c6:
d8:27:e8:12:ef:02:fd:d4:9e:0b:98:5d:3b:4b:2c:27:31:7b:
f0:e0:df:a1:6c:59:54:f5:31:0c:ee:85:ea:c3:12:40:2f:97:
7a:ff:44:0b:14:7b:2e:bd:5f:e9:fc:ad:1b:03:2d:0f:ec:ed:
aa:13:5d:d2
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUG0qwremv8DStINOS1pJ5aJAeLm4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNTA4MDYwOTM3NDZaFw0yNjA4MDUwOTQyNDZaMDMxMTAvBgNV
BAMTKDNEMzQzMzdBNzUzNDI5NTg2OEQzN0FGQkFFQ0QyNjM0ODkxOEVBNDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCSzPt/mabkGpBQYoJfWZ0xCLjT
lEK2Rwktbwe1Ezpx+7VrK6nZiIcykm3YsEEW8+Zo+84F2Ky9eILG0pFjSEpwZw2w
2h/be6bDGKd9j/qRtPVDqX2qCr59RpiNYs24BgYjr1kYw45GbDlEz3nk8xgkd5Sg
3w+Fvoi1WT4NMvPllR+KHbhwT0PBUEYkuqmGaXo9S2a2+paawSoqBZBZaa1EDSwJ
O6UUbYXaVZxUEorKFa0CQLnZ2Ut6JfLUEIK7AkbYt9t5ZnoQnllrnNl6kTMD5YNz
potKgF4bvbgSYOXX0hQsVR57oKUGMPpPMPuzfSOiXtOOqU+yDLOAKvn9CV8ZAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUPTQzenU0KVho03r7rs0mNIkY6kcwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzODM1MmUzNDJlMzIzMjMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMyMzczMzM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uQTdMA0GCSqGSIb3DQEBCwUAA4IBAQByI1KY2hr5XR8nqbiPL7PFpUZXlLcmYfkm
0UKo6w9YpUOX/HaMYWKEJlQacfY62dWYg83A9CFv44PFdTh4K0DhxCZC1coCUFZO
YBIyoWjH0vOfi3TzsbS35lc9TCibwObKIcLNNwbpv6csR/VXUmblrcFop6aBkzEA
8nxC0lrfHk5W1L48/l3XFr6Yh8GNmupAC2/kxisXhmJjLVm+TnbmMXNSFa/u9LC5
iQmmy+71AoIF0m4hwcMvJ0Oq30Q93LrfYaY6gMbYJ+gS7wL91J4LmF07SywnMXvw
4N+hbFlU9TEM7oXqwxJAL5d6/0QLFHsuvV/p/K0bAy0P7O2qE13S
-----END CERTIFICATE-----
Generated at Thu Aug 7 12:57:16 2025 by rpki-client