Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3133302e36332e302f32342d3234203d3e203332313831.roa
File: 3138352e3133302e36332e302f32342d3234203d3e203332313831.roa (raw, json)
Hash identifier: krs6rxjGgkgxIC0XFsSJIDbJbJTaOxRVYKdhwP98j0o=
Subject key identifier: 3E:BB:11:55:AA:45:B3:A0:42:C6:AB:D2:4A:EC:7A:A1:CA:0B:D7:70
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 124A681F8E4A2196AEA35253F53FE1CBDEBE4ED2
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3133302e36332e302f32342d3234203d3e203332313831.roa
Signing time: Mon 14 Jul 2025 09:54:13 +0000
ROA not before: Mon 14 Jul 2025 09:49:13 +0000
ROA not after: Mon 13 Jul 2026 09:54:13 +0000
asID: 32181
IP address blocks: 185.130.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 14:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:4a:68:1f:8e:4a:21:96:ae:a3:52:53:f5:3f:e1:cb:de:be:4e:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Jul 14 09:49:13 2025 GMT
Not After : Jul 13 09:54:13 2026 GMT
Subject: CN=3EBB1155AA45B3A042C6ABD24AEC7AA1CA0BD770
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:f4:25:0c:35:09:20:46:41:e7:44:58:e7:d0:
1a:36:15:bd:7a:c6:67:fa:b5:be:1d:d5:4c:43:83:
ad:72:09:5a:5b:96:cf:6f:15:3e:c3:2d:c2:bd:d8:
d3:5f:9b:6d:f2:9b:79:3f:d0:ec:56:27:3f:db:cf:
af:b6:15:43:04:15:a7:0b:b9:3d:6a:f1:8d:9e:06:
52:c7:26:10:99:c3:f0:6f:cd:c1:2a:7f:d4:28:86:
4a:c3:3f:d0:ff:ac:be:9e:dd:51:ef:8a:2d:9c:f4:
40:01:a7:7f:57:70:c4:0f:e1:df:4d:e2:4f:54:69:
43:f5:17:f1:51:ea:ba:5d:d7:bf:97:87:19:11:86:
6d:72:95:80:e4:58:62:0f:9f:d9:99:47:bd:c5:9d:
e7:37:a0:fe:f2:ab:0e:88:db:ae:31:01:de:3b:6f:
b4:5e:52:df:54:cb:39:75:9d:ae:4a:08:b6:2f:11:
0d:b2:44:c0:31:6e:99:59:3f:a8:b7:2e:20:92:34:
39:f6:49:c0:33:7c:77:a3:1a:66:2a:b9:54:d6:92:
a4:b0:3c:7a:4b:5e:06:60:c0:db:61:99:f5:87:c5:
51:b4:97:03:19:1b:59:0a:11:e7:a1:7b:6f:cf:a7:
fe:a4:86:f0:0d:6f:4c:d2:b7:99:2e:01:0f:86:ec:
3e:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:BB:11:55:AA:45:B3:A0:42:C6:AB:D2:4A:EC:7A:A1:CA:0B:D7:70
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3133302e36332e302f32342d3234203d3e203332313831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.130.63.0/24
Signature Algorithm: sha256WithRSAEncryption
50:f1:9b:41:34:ef:02:cf:ea:68:f8:ee:e7:d7:9c:f6:ab:71:
19:27:cf:d4:7c:a3:83:e8:23:74:fe:c5:7e:a5:9b:8f:c5:9c:
3e:e5:42:5c:36:5b:a2:2d:6b:e6:76:b1:1b:bd:ec:d0:52:3c:
16:18:23:21:40:80:cf:e9:38:da:49:30:59:e5:0e:a1:ff:75:
04:4d:c7:3b:81:49:65:0b:e6:42:da:03:19:99:62:e7:39:f0:
66:61:25:99:24:65:1a:f3:6e:58:eb:ec:f1:d6:4d:ac:92:e5:
de:83:e9:ea:1c:7d:9f:4e:95:c2:49:74:e9:a6:c7:30:06:17:
f9:e1:d8:88:38:7d:b7:8c:0c:91:ab:70:99:a3:50:19:ca:af:
20:0f:75:97:f4:5c:b6:3d:66:eb:46:e8:9f:58:f0:e8:19:6c:
25:26:fa:e4:ee:f9:02:a9:c8:db:5e:a8:fe:9d:55:4d:0f:be:
c8:52:ee:30:59:ce:07:71:1e:b3:48:e1:40:c4:4f:4e:b8:e7:
31:84:18:d2:30:51:4a:ea:10:2e:97:52:54:b3:ec:d3:cd:7b:
3c:cf:69:9c:39:47:dc:b3:a9:9c:7b:12:39:aa:b2:6f:fe:3a:
db:62:26:98:3f:80:75:8b:a2:ab:d3:02:d6:bf:93:21:91:56:
a9:16:c3:43
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUEkpoH45KIZauo1JT9T/hy96+TtIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNTA3MTQwOTQ5MTNaFw0yNjA3MTMwOTU0MTNaMDMxMTAvBgNV
BAMTKDNFQkIxMTU1QUE0NUIzQTA0MkM2QUJEMjRBRUM3QUExQ0EwQkQ3NzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCL9CUMNQkgRkHnRFjn0Bo2Fb16
xmf6tb4d1UxDg61yCVpbls9vFT7DLcK92NNfm23ym3k/0OxWJz/bz6+2FUMEFacL
uT1q8Y2eBlLHJhCZw/BvzcEqf9QohkrDP9D/rL6e3VHvii2c9EABp39XcMQP4d9N
4k9UaUP1F/FR6rpd17+XhxkRhm1ylYDkWGIPn9mZR73Fnec3oP7yqw6I264xAd47
b7ReUt9Uyzl1na5KCLYvEQ2yRMAxbplZP6i3LiCSNDn2ScAzfHejGmYquVTWkqSw
PHpLXgZgwNthmfWHxVG0lwMZG1kKEeehe2/Pp/6khvANb0zSt5kuAQ+G7D4nAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUPrsRVapFs6BCxqvSSux6ocoL13AwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMTMzMzAyZTM2
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzMyMzEzODMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uYI/MA0GCSqGSIb3DQEBCwUAA4IBAQBQ8ZtBNO8Cz+po+O7n15z2q3EZJ8/UfKOD
6CN0/sV+pZuPxZw+5UJcNluiLWvmdrEbvezQUjwWGCMhQIDP6TjaSTBZ5Q6h/3UE
Tcc7gUllC+ZC2gMZmWLnOfBmYSWZJGUa825Y6+zx1k2skuXeg+nqHH2fTpXCSXTp
pscwBhf54diIOH23jAyRq3CZo1AZyq8gD3WX9Fy2PWbrRuifWPDoGWwlJvrk7vkC
qcjbXqj+nVVND77IUu4wWc4HcR6zSOFAxE9OuOcxhBjSMFFK6hAul1JUs+zTzXs8
z2mcOUfcs6mcexI5qrJv/jrbYiaYP4B1i6Kr0wLWv5MhkVapFsND
-----END CERTIFICATE-----
Generated at Thu Jul 24 23:29:51 2025 by rpki-client