Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3138352e31332e3232362e302f32342d3234203d3e20313532313739.roa
File: 3138352e31332e3232362e302f32342d3234203d3e20313532313739.roa (raw, json)
Hash identifier: kbUfx2g7/W6xr6BcRBqigrahrWSKqlZaZ80tT5+SQUk=
Subject key identifier: C0:85:B4:8A:9E:24:90:21:32:08:54:D9:A0:2C:31:68:BE:F9:DD:2E
Certificate issuer: /CN=4c189e42f35c944d463d9ea6501f093eb62ba785
Certificate serial: 6F099B915997F39E350F2CC17EE16306B912B60B
Authority key identifier: 4C:18:9E:42:F3:5C:94:4D:46:3D:9E:A6:50:1F:09:3E:B6:2B:A7:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3138352e31332e3232362e302f32342d3234203d3e20313532313739.roa
Signing time: Fri 01 Aug 2025 10:20:22 +0000
ROA not before: Fri 01 Aug 2025 10:15:22 +0000
ROA not after: Fri 31 Jul 2026 10:20:22 +0000
asID: 152179
IP address blocks: 185.13.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.crl
rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.mft
rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 23:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:09:9b:91:59:97:f3:9e:35:0f:2c:c1:7e:e1:63:06:b9:12:b6:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c189e42f35c944d463d9ea6501f093eb62ba785
Validity
Not Before: Aug 1 10:15:22 2025 GMT
Not After : Jul 31 10:20:22 2026 GMT
Subject: CN=C085B48A9E249021320854D9A02C3168BEF9DD2E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:43:bd:4f:ac:5f:ad:ab:76:8a:f2:9f:31:2e:
d5:53:ea:50:a9:68:11:35:cc:43:15:5e:75:aa:48:
6e:99:d4:e5:63:ac:48:25:00:0c:0e:c7:d9:c2:6e:
31:58:4e:32:11:87:12:ac:47:a3:05:02:7c:d2:e2:
c0:74:5d:f1:3d:7b:f1:38:92:58:a1:84:b0:40:ce:
3d:ab:ad:d7:85:d2:5d:53:82:6b:9b:fe:26:8a:ff:
d1:7e:5e:14:a7:97:86:9b:13:09:2b:1c:b8:4d:aa:
b3:e7:d2:d1:86:28:2e:4f:01:db:00:4d:14:26:d6:
33:8d:a1:a1:13:e1:88:77:1e:c1:aa:0e:40:6c:1b:
05:9e:44:8f:43:f7:31:09:c2:8c:81:7c:59:39:d0:
b2:d6:28:08:a4:10:9e:bd:45:3b:e7:21:b4:9a:1b:
c6:c2:3d:d9:a1:62:e6:ee:55:90:9b:2d:bd:a7:c8:
2a:42:0d:fd:d1:a1:08:0b:76:25:b9:8f:bf:0d:5b:
d2:b2:d2:d7:28:06:55:58:e8:35:cf:28:d5:e5:3b:
88:e8:d7:79:c4:32:15:cb:2f:b3:b9:61:70:bf:a5:
ec:18:5e:d8:a6:f3:0c:33:60:f2:23:2a:1a:54:b9:
df:3e:c3:6b:d9:80:00:8c:ec:f1:c9:de:54:c4:97:
2a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:85:B4:8A:9E:24:90:21:32:08:54:D9:A0:2C:31:68:BE:F9:DD:2E
X509v3 Authority Key Identifier:
keyid:4C:18:9E:42:F3:5C:94:4D:46:3D:9E:A6:50:1F:09:3E:B6:2B:A7:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3138352e31332e3232362e302f32342d3234203d3e20313532313739.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.13.226.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:4c:59:47:6a:7f:fa:f7:c4:a2:a0:de:64:4e:a4:cd:c5:21:
fe:64:ce:f1:1d:ef:10:e3:11:a4:b7:5b:31:02:b2:96:00:7c:
42:6d:74:d8:d5:1e:11:73:1a:4d:0c:10:d6:30:89:4f:03:48:
22:47:5a:24:3e:bc:f9:4e:b6:81:25:8e:89:42:2d:50:a5:8e:
26:4b:aa:3f:1a:0d:00:f4:66:69:82:35:d6:ee:56:9b:f6:18:
54:26:1b:9d:d5:8a:71:16:02:19:b7:95:bf:a9:58:87:c0:77:
94:3f:a8:8e:22:f0:09:da:b8:35:03:64:15:2a:b7:95:4c:29:
c3:a3:50:69:1b:20:92:18:6c:90:fd:95:47:e3:d4:be:90:09:
df:02:ad:44:98:49:ec:93:88:1e:53:11:84:5a:9e:80:6f:18:
a4:26:27:1b:d6:4a:bb:19:dd:a7:e8:3b:b1:38:c8:96:2e:58:
99:2c:04:d4:73:82:63:ef:c6:3d:63:ed:b9:b6:7b:96:4c:7a:
47:2b:a6:eb:a5:11:60:d4:7d:73:56:c6:02:5a:3e:90:fb:26:
8b:e1:da:1f:80:52:34:5d:9d:4d:9b:e5:d1:f8:ac:13:a2:20:
71:47:b2:eb:ce:5e:1b:f7:5b:ab:52:b0:2a:87:0f:cc:b7:13:
ef:db:fa:1e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUbwmbkVmX8541DyzBfuFjBrkStgswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGMxODllNDJmMzVjOTQ0ZDQ2M2Q5ZWE2NTAxZjA5M2Vi
NjJiYTc4NTAeFw0yNTA4MDExMDE1MjJaFw0yNjA3MzExMDIwMjJaMDMxMTAvBgNV
BAMTKEMwODVCNDhBOUUyNDkwMjEzMjA4NTREOUEwMkMzMTY4QkVGOUREMkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/Q71PrF+tq3aK8p8xLtVT6lCp
aBE1zEMVXnWqSG6Z1OVjrEglAAwOx9nCbjFYTjIRhxKsR6MFAnzS4sB0XfE9e/E4
klihhLBAzj2rrdeF0l1Tgmub/iaK/9F+XhSnl4abEwkrHLhNqrPn0tGGKC5PAdsA
TRQm1jONoaET4Yh3HsGqDkBsGwWeRI9D9zEJwoyBfFk50LLWKAikEJ69RTvnIbSa
G8bCPdmhYubuVZCbLb2nyCpCDf3RoQgLdiW5j78NW9Ky0tcoBlVY6DXPKNXlO4jo
13nEMhXLL7O5YXC/pewYXtim8wwzYPIjKhpUud8+w2vZgACM7PHJ3lTElyoLAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUwIW0ip4kkCEyCFTZoCwxaL753S4wHwYDVR0j
BBgwFoAUTBieQvNclE1GPZ6mUB8JPrYrp4UwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2U1MTBlMTctMzFmYS00MTRiLTk4OWUtMDI2ZGJiNmZk
ZjUxLzAvNEMxODlFNDJGMzVDOTQ0RDQ2M0Q5RUE2NTAxRjA5M0VCNjJCQTc4NS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RCaWVRdk5jbEUxR1BaNm1VQjhKUHJZ
cnA0VS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2U1MTBlMTct
MzFmYS00MTRiLTk4OWUtMDI2ZGJiNmZkZjUxLzAvMzEzODM1MmUzMTMzMmUzMjMy
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM1MzIzMTM3Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5DeIwDQYJKoZIhvcNAQELBQADggEBALdMWUdqf/r3xKKg3mROpM3FIf5kzvEd
7xDjEaS3WzECspYAfEJtdNjVHhFzGk0MENYwiU8DSCJHWiQ+vPlOtoEljolCLVCl
jiZLqj8aDQD0ZmmCNdbuVpv2GFQmG53VinEWAhm3lb+pWIfAd5Q/qI4i8AnauDUD
ZBUqt5VMKcOjUGkbIJIYbJD9lUfj1L6QCd8CrUSYSeyTiB5TEYRanoBvGKQmJxvW
SrsZ3afoO7E4yJYuWJksBNRzgmPvxj1j7bm2e5ZMekcrpuulEWDUfXNWxgJaPpD7
Jovh2h+AUjRdnU2b5dH4rBOiIHFHsuvOXhv3W6tSsCqHD8y3E+/b+h4=
-----END CERTIFICATE-----
Generated at Wed Aug 6 07:49:34 2025 by rpki-client