Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/3138352e3234322e3138312e302f32342d3234203d3e203431373230.roa
File: 3138352e3234322e3138312e302f32342d3234203d3e203431373230.roa (raw, json)
Hash identifier: BJe1bO6YYCEXeriSlULaZwS25Q4hRdnweRF5hyXEuDY=
Subject key identifier: C3:A2:D4:A6:A0:14:F5:B5:15:B7:F8:BB:68:C4:BE:E8:EB:B2:C2:BA
Certificate issuer: /CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Certificate serial: 5155FC5DC59F98E6854E33F4979F0C20A2D609B3
Authority key identifier: 88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/3138352e3234322e3138312e302f32342d3234203d3e203431373230.roa
Signing time: Thu 24 Jul 2025 16:39:44 +0000
ROA not before: Thu 24 Jul 2025 16:34:44 +0000
ROA not after: Thu 23 Jul 2026 16:39:44 +0000
asID: 41720
IP address blocks: 185.242.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.mft
rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 23:48:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:55:fc:5d:c5:9f:98:e6:85:4e:33:f4:97:9f:0c:20:a2:d6:09:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Validity
Not Before: Jul 24 16:34:44 2025 GMT
Not After : Jul 23 16:39:44 2026 GMT
Subject: CN=C3A2D4A6A014F5B515B7F8BB68C4BEE8EBB2C2BA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:51:27:89:de:c0:53:a8:22:c7:39:c7:7b:41:
6f:e7:6d:0f:51:69:a6:fc:a0:be:63:41:62:fb:ab:
9f:89:69:b7:25:3c:c3:d3:c3:2f:71:a6:04:fd:da:
b3:31:cc:6f:c3:6f:06:e7:e5:7d:30:10:e4:f6:1d:
b3:d0:f5:06:87:38:f6:e9:07:d0:65:af:d9:06:82:
6e:53:c0:b8:b0:11:a7:40:b5:14:74:82:01:f0:ea:
35:83:35:0b:38:70:d9:dd:93:7e:b1:21:97:4a:2f:
08:ba:33:24:90:00:6d:b8:3d:54:b3:7b:97:06:53:
81:11:da:2a:d0:ec:80:5f:6b:a3:84:99:91:f6:eb:
42:5d:1c:75:d0:61:f5:06:97:24:c6:ae:35:5c:0d:
11:44:c2:7d:b6:6d:8f:0e:2a:7b:f7:2c:11:84:b1:
5a:5c:59:6f:83:31:2e:4f:9a:7b:e4:3b:e8:0a:69:
c0:39:f2:e8:bf:33:d4:85:82:58:a1:96:c6:bc:e1:
e2:41:04:5b:ec:bb:77:ad:dc:8e:d9:7e:a3:45:57:
16:73:fe:fa:78:68:21:91:90:79:2d:a5:53:52:54:
cc:d7:a6:aa:b9:1c:fe:76:68:96:b1:ef:58:e1:0d:
b6:98:b6:3d:1c:c6:3f:56:e6:b6:9c:eb:5c:69:a7:
06:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:A2:D4:A6:A0:14:F5:B5:15:B7:F8:BB:68:C4:BE:E8:EB:B2:C2:BA
X509v3 Authority Key Identifier:
keyid:88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/3138352e3234322e3138312e302f32342d3234203d3e203431373230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.242.181.0/24
Signature Algorithm: sha256WithRSAEncryption
56:f9:e9:0b:6c:ba:d4:86:5d:fe:8a:1f:27:5d:2f:16:0d:9d:
09:d6:00:1e:e2:2c:c3:1f:cd:a0:92:ed:5a:8c:ec:22:48:63:
3e:61:08:2c:0b:94:f9:f2:5a:53:e9:28:c9:12:ab:dc:3f:b1:
07:de:e4:72:9f:39:54:83:93:3d:51:d2:ab:0d:8d:f2:a2:b0:
d6:e9:fc:06:1c:94:e6:ee:20:65:07:c6:30:58:7d:6f:19:37:
f4:f4:35:d5:0b:87:80:9f:9b:8f:41:a4:57:1a:e1:f4:c9:8d:
db:18:7d:97:c8:e6:47:ef:00:2d:0f:ba:65:5d:5a:69:52:ee:
fc:97:b9:27:7d:df:ea:b7:23:6a:9a:da:f7:80:57:1c:4d:79:
57:2f:b2:94:6e:a0:97:31:11:ae:09:e7:cd:77:e2:a4:7e:1f:
e9:47:e0:85:6c:89:8d:a2:c0:a3:8e:99:15:d6:28:9c:db:c5:
52:3b:5c:d3:e9:c6:97:c2:50:02:7e:a9:8a:16:9e:07:66:1e:
9d:37:81:5e:54:4e:07:5b:22:ef:23:70:71:bd:fc:98:08:35:
6d:13:98:6a:1b:b5:80:70:35:0f:42:85:aa:fe:9f:20:f8:fb:
2f:93:7b:09:94:65:3a:29:f1:41:68:6c:e2:cf:b0:12:1b:be:
f8:00:2f:b6
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUUVX8XcWfmOaFTjP0l58MIKLWCbMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjZGQ5YzE5M2RhOTE4NWE0YWMxNWIyYWRlODc1ZmU5
N2I2ZjQ5MTAeFw0yNTA3MjQxNjM0NDRaFw0yNjA3MjMxNjM5NDRaMDMxMTAvBgNV
BAMTKEMzQTJENEE2QTAxNEY1QjUxNUI3RjhCQjY4QzRCRUU4RUJCMkMyQkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrUSeJ3sBTqCLHOcd7QW/nbQ9R
aab8oL5jQWL7q5+JabclPMPTwy9xpgT92rMxzG/Dbwbn5X0wEOT2HbPQ9QaHOPbp
B9Blr9kGgm5TwLiwEadAtRR0ggHw6jWDNQs4cNndk36xIZdKLwi6MySQAG24PVSz
e5cGU4ER2irQ7IBfa6OEmZH260JdHHXQYfUGlyTGrjVcDRFEwn22bY8OKnv3LBGE
sVpcWW+DMS5PmnvkO+gKacA58ui/M9SFglihlsa84eJBBFvsu3et3I7ZfqNFVxZz
/vp4aCGRkHktpVNSVMzXpqq5HP52aJax71jhDbaYtj0cxj9W5rac61xppwbfAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUw6LUpqAU9bUVt/i7aMS+6OuywrowHwYDVR0j
BBgwFoAUiM3ZwZPakYWkrBWyreh1/pe29JEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQtNjFjNS00MjkwLThhNmQtNWYyYjkwMjcz
MjJmLzAvODhDREQ5QzE5M0RBOTE4NUE0QUMxNUIyQURFODc1RkU5N0I2RjQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNM1p3WlBha1lXa3JCV3lyZWgxX3Bl
MjlKRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQt
NjFjNS00MjkwLThhNmQtNWYyYjkwMjczMjJmLzAvMzEzODM1MmUzMjM0MzIyZTMx
MzgzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzEzNzMyMzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC58rUwDQYJKoZIhvcNAQELBQADggEBAFb56QtsutSGXf6KHyddLxYNnQnWAB7i
LMMfzaCS7VqM7CJIYz5hCCwLlPnyWlPpKMkSq9w/sQfe5HKfOVSDkz1R0qsNjfKi
sNbp/AYclObuIGUHxjBYfW8ZN/T0NdULh4Cfm49BpFca4fTJjdsYfZfI5kfvAC0P
umVdWmlS7vyXuSd93+q3I2qa2veAVxxNeVcvspRuoJcxEa4J58134qR+H+lH4IVs
iY2iwKOOmRXWKJzbxVI7XNPpxpfCUAJ+qYoWngdmHp03gV5UTgdbIu8jcHG9/JgI
NW0TmGobtYBwNQ9Char+nyD4+y+TewmUZTop8UFobOLPsBIbvvgAL7Y=
-----END CERTIFICATE-----
Generated at Wed Aug 6 11:17:48 2025 by rpki-client