Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139392e3130302e302f32342d3234203d3e20323132323338.roa
File: 3138352e3139392e3130302e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: WdBR8LJH8BSo0w8eDE+K0B2jZdtOwRnNtHrDQrZ4CCs=
Subject key identifier: 0D:CA:BF:C5:A5:AB:01:35:D5:6D:6E:73:EB:6C:4B:49:BD:EF:10:5F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5A8273B029DE9F0EA47B04E70ECF3D70EA58EFDA
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139392e3130302e302f32342d3234203d3e20323132323338.roa
Signing time: Fri 16 May 2025 09:46:22 +0000
ROA not before: Fri 16 May 2025 09:41:22 +0000
ROA not after: Fri 15 May 2026 09:46:22 +0000
asID: 212238
IP address blocks: 185.199.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 10:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:82:73:b0:29:de:9f:0e:a4:7b:04:e7:0e:cf:3d:70:ea:58:ef:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 16 09:41:22 2025 GMT
Not After : May 15 09:46:22 2026 GMT
Subject: CN=0DCABFC5A5AB0135D56D6E73EB6C4B49BDEF105F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:51:62:52:2c:9f:bb:9a:09:18:1f:86:2e:5a:
71:20:3f:1a:04:87:54:cf:6b:98:13:61:c4:f6:3a:
1b:f1:98:08:87:ac:56:67:5b:53:51:da:58:7e:5f:
6f:ae:13:d2:97:e4:12:85:12:6e:bb:ed:73:75:31:
61:e4:56:d5:d5:f6:5c:d3:e9:90:cf:2e:71:e6:5c:
b5:f2:15:31:12:19:1a:cf:f0:95:ed:df:93:c9:ac:
8c:2d:6e:4b:e2:e4:76:e1:a8:82:54:71:69:37:37:
e9:0f:c7:13:b9:64:4d:20:79:a7:dc:8f:63:26:da:
10:4a:e0:ea:ad:3a:c5:48:35:a4:cc:94:dc:ca:d8:
78:2b:54:61:73:ed:64:ae:a4:a9:88:95:16:7f:dc:
fd:68:a0:76:a9:af:02:a5:ab:52:36:6e:4e:aa:e9:
cb:6a:62:1a:72:7d:ef:75:76:83:91:77:49:44:61:
31:d6:66:b9:8e:67:12:db:eb:91:5d:0a:09:fd:da:
e2:11:82:2d:be:b5:e0:c3:71:c2:19:4f:9c:8a:e6:
95:9e:90:f3:90:11:e9:f9:71:71:95:33:d3:a0:f9:
e7:a5:e5:98:08:cc:bf:7e:a6:44:2f:14:b6:47:dd:
5c:66:cb:f0:ad:80:4a:49:02:3e:5f:e3:68:37:8c:
50:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:CA:BF:C5:A5:AB:01:35:D5:6D:6E:73:EB:6C:4B:49:BD:EF:10:5F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139392e3130302e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.100.0/24
Signature Algorithm: sha256WithRSAEncryption
58:d9:d0:ed:53:d0:e8:96:f1:a1:95:51:f6:2d:35:a4:e3:87:
a9:a8:c5:ab:60:ae:42:88:d8:a1:3c:c6:73:63:93:ac:7f:8e:
0d:84:bf:70:68:4d:41:e9:38:7c:5b:02:98:e6:e0:9c:cd:72:
95:e6:a6:96:7c:3b:d0:05:2c:44:4c:2a:5b:3f:9c:4d:61:97:
41:74:5f:dc:2e:f3:a8:c7:c3:58:a8:3f:e9:3a:57:5e:b8:55:
ec:5f:6c:80:0f:f8:a5:da:fe:51:9a:c0:3e:b4:fc:a7:60:29:
d2:56:9b:c5:23:f4:a0:54:b4:6c:12:bd:5f:e0:8c:a6:b6:af:
c7:1e:09:0a:72:e8:1a:e1:06:2e:f5:cd:08:a6:a3:05:25:65:
da:22:a5:33:ae:71:9d:30:f6:35:12:cc:26:05:8a:78:71:c9:
10:0d:62:f1:8a:61:9e:69:ce:bf:b5:cc:b0:5e:a4:e7:2e:80:
b3:02:ea:18:90:6b:fe:08:da:33:f5:e1:11:c3:77:81:48:ab:
d9:32:79:b8:4d:3e:42:92:b1:36:77:20:bb:c7:f2:89:32:40:
c1:1f:7f:32:98:9b:25:be:a5:23:04:34:4e:47:08:a2:72:1d:
69:0f:02:57:91:f5:28:66:0e:97:58:f5:5c:92:c9:b2:38:7f:
4b:a5:e0:97
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUWoJzsCnenw6kewTnDs89cOpY79owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA1MTYwOTQxMjJaFw0yNjA1MTUwOTQ2MjJaMDMxMTAvBgNV
BAMTKDBEQ0FCRkM1QTVBQjAxMzVENTZENkU3M0VCNkM0QjQ5QkRFRjEwNUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQUWJSLJ+7mgkYH4YuWnEgPxoE
h1TPa5gTYcT2OhvxmAiHrFZnW1NR2lh+X2+uE9KX5BKFEm677XN1MWHkVtXV9lzT
6ZDPLnHmXLXyFTESGRrP8JXt35PJrIwtbkvi5HbhqIJUcWk3N+kPxxO5ZE0geafc
j2Mm2hBK4OqtOsVINaTMlNzK2HgrVGFz7WSupKmIlRZ/3P1ooHaprwKlq1I2bk6q
6ctqYhpyfe91doORd0lEYTHWZrmOZxLb65FdCgn92uIRgi2+teDDccIZT5yK5pWe
kPOQEen5cXGVM9Og+eel5ZgIzL9+pkQvFLZH3Vxmy/CtgEpJAj5f42g3jFAZAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUDcq/xaWrATXVbW5z62xLSb3vEF8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM5MzkyZTMx
MzAzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMyMzMzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnHZDANBgkqhkiG9w0BAQsFAAOCAQEAWNnQ7VPQ6JbxoZVR9i01pOOHqajF
q2CuQojYoTzGc2OTrH+ODYS/cGhNQek4fFsCmObgnM1yleamlnw70AUsREwqWz+c
TWGXQXRf3C7zqMfDWKg/6TpXXrhV7F9sgA/4pdr+UZrAPrT8p2Ap0labxSP0oFS0
bBK9X+CMpravxx4JCnLoGuEGLvXNCKajBSVl2iKlM65xnTD2NRLMJgWKeHHJEA1i
8YphnmnOv7XMsF6k5y6AswLqGJBr/gjaM/XhEcN3gUir2TJ5uE0+QpKxNncgu8fy
iTJAwR9/MpibJb6lIwQ0TkcIonIdaQ8CV5H1KGYOl1j1XJLJsjh/S6Xglw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 17:23:23 2025 by rpki-client