Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3138352e3231322e3131332e302f32342d3234203d3e20323032363738.roa
File: 3138352e3231322e3131332e302f32342d3234203d3e20323032363738.roa (raw, json)
Hash identifier: 0I5n2Zxpd6ZVl5qO7efqO/5G3aMiaibcayoOxL2ddNw=
Subject key identifier: 2B:02:04:31:0B:E6:BC:EB:85:40:29:8A:83:F8:4F:7A:88:58:C6:6B
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 6260221DFEC6957A2A29D4BC2FA5CB7F65773A65
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3138352e3231322e3131332e302f32342d3234203d3e20323032363738.roa
Signing time: Mon 28 Jul 2025 19:30:42 +0000
ROA not before: Mon 28 Jul 2025 19:25:42 +0000
ROA not after: Mon 27 Jul 2026 19:30:42 +0000
asID: 202678
IP address blocks: 185.212.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 12:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:60:22:1d:fe:c6:95:7a:2a:29:d4:bc:2f:a5:cb:7f:65:77:3a:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Jul 28 19:25:42 2025 GMT
Not After : Jul 27 19:30:42 2026 GMT
Subject: CN=2B0204310BE6BCEB8540298A83F84F7A8858C66B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:24:0d:d3:b1:10:51:18:1d:1a:ea:0e:84:77:
96:63:6e:e0:71:0a:d6:42:2a:7c:c8:d7:60:89:eb:
b0:55:05:27:5b:40:aa:15:76:99:19:e3:51:e7:4e:
ef:6f:93:cd:21:47:51:c3:45:67:67:47:d5:c2:92:
14:71:f6:d8:18:2d:26:11:94:10:5c:1e:cb:f2:49:
e4:fc:3a:2a:d8:4e:5d:8e:3d:3d:7a:e3:a2:f2:ac:
45:29:63:d8:45:12:ca:4f:9a:24:bf:8a:be:50:96:
09:b6:4c:60:53:6f:a4:0e:34:94:5d:bc:7a:e3:d1:
3a:96:bc:c5:03:dd:c5:a6:e9:af:ba:61:98:cf:7f:
5b:c7:5d:5a:50:ee:21:82:06:2b:1f:a1:b4:f1:51:
57:8d:b6:dc:8c:64:56:f0:7b:50:0a:4c:c7:61:5b:
ef:de:57:72:73:ca:2a:7d:cd:93:39:30:b3:c7:ad:
b1:3a:d0:97:61:59:92:52:1a:9c:0c:0d:09:cc:32:
86:1e:bb:40:fc:5b:4d:56:5c:b2:7c:8f:79:8a:8f:
19:5c:a3:72:f3:94:c5:66:5a:05:df:f9:c7:bd:b0:
f6:de:2e:1e:2a:10:3b:96:e0:88:1f:c8:d7:e3:d6:
2f:1e:f7:90:f5:27:c5:76:81:1e:dc:dd:23:a8:e5:
07:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:02:04:31:0B:E6:BC:EB:85:40:29:8A:83:F8:4F:7A:88:58:C6:6B
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3138352e3231322e3131332e302f32342d3234203d3e20323032363738.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.212.113.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:8e:da:4a:34:3f:a7:c6:b6:d3:0a:31:01:0b:1f:14:77:74:
e3:13:bc:71:3e:ac:60:8c:ad:04:79:31:80:1f:a8:0c:b3:78:
3f:e1:d2:f6:62:18:36:08:58:f0:80:10:a9:47:e2:72:03:45:
2d:50:28:85:77:46:83:4a:9f:7d:f2:0a:c9:ac:b5:73:f9:fb:
e1:b6:5e:70:04:d8:22:9b:88:36:4a:5a:8c:82:66:a1:1b:3f:
53:aa:ad:23:46:cb:33:70:a1:ab:84:d6:d8:b1:16:38:d5:e7:
fb:3f:3c:f0:19:72:0a:95:a0:be:69:89:b0:a8:16:73:29:5e:
5e:38:d8:83:44:b0:91:83:38:12:7a:da:b1:4b:f1:e0:39:93:
88:75:76:ba:ab:2c:3d:0b:ea:38:57:cc:4c:85:d7:e2:ba:f2:
36:6b:2e:36:de:8a:26:e2:b3:09:c6:18:08:e3:c0:1e:d5:4d:
f2:5a:f4:9e:6d:5e:65:29:90:46:64:24:d4:cd:bd:45:e0:b6:
3b:3b:ff:6f:84:dd:f1:0e:d0:83:11:27:33:c6:e4:bd:4a:e3:
80:4c:58:75:51:62:d7:9e:f0:88:b4:71:c1:42:21:ed:d7:85:
a2:7b:6d:0a:87:f2:e0:23:c4:dd:0a:ac:4f:9f:d3:a5:2b:74:
16:0d:f0:8c
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUYmAiHf7GlXoqKdS8L6XLf2V3OmUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNTA3MjgxOTI1NDJaFw0yNjA3MjcxOTMwNDJaMDMxMTAvBgNV
BAMTKDJCMDIwNDMxMEJFNkJDRUI4NTQwMjk4QTgzRjg0RjdBODg1OEM2NkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2JA3TsRBRGB0a6g6Ed5ZjbuBx
CtZCKnzI12CJ67BVBSdbQKoVdpkZ41HnTu9vk80hR1HDRWdnR9XCkhRx9tgYLSYR
lBBcHsvySeT8OirYTl2OPT1646LyrEUpY9hFEspPmiS/ir5Qlgm2TGBTb6QONJRd
vHrj0TqWvMUD3cWm6a+6YZjPf1vHXVpQ7iGCBisfobTxUVeNttyMZFbwe1AKTMdh
W+/eV3Jzyip9zZM5MLPHrbE60JdhWZJSGpwMDQnMMoYeu0D8W01WXLJ8j3mKjxlc
o3LzlMVmWgXf+ce9sPbeLh4qEDuW4IgfyNfj1i8e95D1J8V2gR7c3SOo5QerAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUKwIEMQvmvOuFQCmKg/hPeohYxmswHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzEzODM1MmUzMjMxMzIyZTMx
MzEzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMjM2MzczOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnUcTANBgkqhkiG9w0BAQsFAAOCAQEAG47aSjQ/p8a20woxAQsfFHd04xO8
cT6sYIytBHkxgB+oDLN4P+HS9mIYNghY8IAQqUficgNFLVAohXdGg0qfffIKyay1
c/n74bZecATYIpuINkpajIJmoRs/U6qtI0bLM3Chq4TW2LEWONXn+z888BlyCpWg
vmmJsKgWcyleXjjYg0SwkYM4EnrasUvx4DmTiHV2uqssPQvqOFfMTIXX4rryNmsu
Nt6KJuKzCcYYCOPAHtVN8lr0nm1eZSmQRmQk1M29ReC2Ozv/b4Td8Q7QgxEnM8bk
vUrjgExYdVFi157wiLRxwUIh7deFonttCofy4CPE3QqsT5/TpSt0Fg3wjA==
-----END CERTIFICATE-----
Generated at Wed Aug 6 04:16:23 2025 by rpki-client