Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230332e302f32342d3234203d3e20323034333939.roa
File: 3138352e3232392e3230332e302f32342d3234203d3e20323034333939.roa (raw, json)
Hash identifier: o2s9iRRo/HWpVNV66/X3K8Nx40dZXcSQ+ar/RSKpLZ4=
Subject key identifier: A6:BE:7D:8E:B9:6C:10:E7:9E:DA:37:52:A6:AD:5D:D1:50:42:66:DA
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 72989E46B048D2C21B7CF28060812863644D4BB8
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230332e302f32342d3234203d3e20323034333939.roa
Signing time: Sun 26 Oct 2025 13:40:19 +0000
ROA not before: Sun 26 Oct 2025 13:35:19 +0000
ROA not after: Sun 25 Oct 2026 13:40:19 +0000
asID: 204399
IP address blocks: 185.229.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:98:9e:46:b0:48:d2:c2:1b:7c:f2:80:60:81:28:63:64:4d:4b:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Oct 26 13:35:19 2025 GMT
Not After : Oct 25 13:40:19 2026 GMT
Subject: CN=A6BE7D8EB96C10E79EDA3752A6AD5DD1504266DA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:7d:e6:09:44:b5:90:66:5e:bc:dc:fa:e9:cb:
52:3a:e2:03:51:32:09:80:5d:a6:30:67:67:f9:97:
73:20:c5:7e:d3:4c:b8:99:2f:02:7a:75:0b:90:9f:
02:ee:10:19:62:10:68:5e:ad:29:ea:b2:80:fe:85:
9d:b1:b0:35:32:0a:36:4c:2d:e3:cb:10:80:9a:9f:
b7:6c:be:1c:c7:3e:9b:c2:4d:9a:bc:c6:cf:27:13:
02:7b:7a:1e:e3:4a:d0:15:c1:9a:bd:d2:81:75:83:
54:db:10:5e:97:01:9e:4d:45:ac:7b:b1:7c:8d:ad:
21:1d:cf:88:a0:3f:10:e8:b8:eb:36:cb:9f:6d:f7:
58:05:f2:f8:9e:d3:b0:9f:6a:30:db:02:6c:3c:8c:
2d:bd:30:70:74:55:17:01:43:a3:e5:0f:26:6f:24:
b1:30:25:8b:65:7b:d1:20:7e:d2:b2:a4:7d:b9:91:
a6:b8:d0:42:fe:ce:43:f1:27:0e:bc:ba:22:22:1f:
b2:68:d6:0d:85:22:0d:c9:7e:7b:a6:0d:7d:e9:0d:
1d:87:ca:4b:1b:ec:4e:30:a8:53:0d:46:88:35:f8:
13:44:81:d0:aa:ad:46:f8:1a:f3:3d:e9:91:cb:c5:
6b:a9:e9:2e:1d:fd:f4:6f:03:f6:27:8d:2f:79:4c:
68:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:BE:7D:8E:B9:6C:10:E7:9E:DA:37:52:A6:AD:5D:D1:50:42:66:DA
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230332e302f32342d3234203d3e20323034333939.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.203.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:46:97:87:92:d8:d9:26:8b:d5:75:d6:7c:cb:a6:88:2c:f8:
42:0c:88:a1:82:e5:5e:2e:16:8b:7c:d2:b3:ea:f0:7a:1d:ed:
7f:58:5a:71:59:e2:e6:55:f8:17:b0:20:ba:99:7b:23:18:8e:
16:43:42:80:39:fa:79:74:c2:87:db:86:40:c0:1c:85:67:d0:
36:4f:88:3b:b9:26:02:15:f4:a5:dc:96:23:e4:10:d7:19:1b:
4e:9a:a3:94:a0:a8:a0:d8:cb:e8:e3:4a:4e:a8:bd:26:da:42:
83:e8:65:57:11:a9:a5:e5:71:40:8e:5f:ee:50:00:28:5b:bc:
4e:e9:c0:d3:17:f1:95:97:72:c5:20:9e:c9:c7:5a:b7:05:23:
ad:fb:fa:01:88:32:92:8a:fa:ec:55:0c:ea:8c:c8:77:a5:e4:
6d:9a:f0:86:7c:88:bf:84:5a:c5:97:a5:d3:a6:72:1b:b9:0f:
f2:af:13:cc:94:c3:d3:d6:c7:46:9d:1d:09:16:ed:1d:ff:66:
a4:dd:dd:68:16:ce:56:cd:e6:73:2f:21:0a:5b:c7:48:31:3b:
fb:e5:df:18:28:65:4c:19:95:92:cd:c1:17:e6:3b:e4:78:78:
28:ce:fe:ef:56:d6:32:ea:81:43:84:01:09:78:c7:65:86:56:
55:d0:55:a1
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUcpieRrBI0sIbfPKAYIEoY2RNS7gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNTEwMjYxMzM1MTlaFw0yNjEwMjUxMzQwMTlaMDMxMTAvBgNV
BAMTKEE2QkU3RDhFQjk2QzEwRTc5RURBMzc1MkE2QUQ1REQxNTA0MjY2REEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDofeYJRLWQZl683Prpy1I64gNR
MgmAXaYwZ2f5l3MgxX7TTLiZLwJ6dQuQnwLuEBliEGherSnqsoD+hZ2xsDUyCjZM
LePLEICan7dsvhzHPpvCTZq8xs8nEwJ7eh7jStAVwZq90oF1g1TbEF6XAZ5NRax7
sXyNrSEdz4igPxDouOs2y59t91gF8vie07CfajDbAmw8jC29MHB0VRcBQ6PlDyZv
JLEwJYtle9EgftKypH25kaa40EL+zkPxJw68uiIiH7Jo1g2FIg3JfnumDX3pDR2H
yksb7E4wqFMNRog1+BNEgdCqrUb4GvM96ZHLxWup6S4d/fRvA/YnjS95TGipAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUpr59jrlsEOee2jdSpq1d0VBCZtowHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjMyMzkyZTMy
MzAzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNDMzMzkzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnlyzANBgkqhkiG9w0BAQsFAAOCAQEALEaXh5LY2SaL1XXWfMumiCz4QgyI
oYLlXi4Wi3zSs+rweh3tf1hacVni5lX4F7Agupl7IxiOFkNCgDn6eXTCh9uGQMAc
hWfQNk+IO7kmAhX0pdyWI+QQ1xkbTpqjlKCooNjL6ONKTqi9JtpCg+hlVxGppeVx
QI5f7lAAKFu8TunA0xfxlZdyxSCeycdatwUjrfv6AYgykor67FUM6ozId6XkbZrw
hnyIv4RaxZel06ZyG7kP8q8TzJTD09bHRp0dCRbtHf9mpN3daBbOVs3mcy8hClvH
SDE7++XfGChlTBmVks3BF+Y75Hh4KM7+71bWMuqBQ4QBCXjHZYZWVdBVoQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 20:36:18 2025 by rpki-client