Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e3132332e3135372e302f32342d3234203d3e203533333536.roa
File: 3138352e3132332e3135372e302f32342d3234203d3e203533333536.roa (raw, json)
Hash identifier: lHbHKjkzEHNG8HMgZvfO2b7EsuiOvBYyEIHvvUxLyMU=
Subject key identifier: 7D:47:B9:5D:C6:8A:D3:A5:82:D3:74:A6:4A:C2:2C:8C:50:0B:01:65
Certificate issuer: /CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Certificate serial: 6481276DFD0DF8A8ED818BA9A2681DDB918E37DF
Authority key identifier: E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e3132332e3135372e302f32342d3234203d3e203533333536.roa
Signing time: Wed 09 Jul 2025 14:13:18 +0000
ROA not before: Wed 09 Jul 2025 14:08:18 +0000
ROA not after: Wed 08 Jul 2026 14:13:18 +0000
asID: 53356
IP address blocks: 185.123.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.mft
rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 02:21:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:81:27:6d:fd:0d:f8:a8:ed:81:8b:a9:a2:68:1d:db:91:8e:37:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Validity
Not Before: Jul 9 14:08:18 2025 GMT
Not After : Jul 8 14:13:18 2026 GMT
Subject: CN=7D47B95DC68AD3A582D374A64AC22C8C500B0165
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a7:af:ee:ca:8a:af:16:84:0d:d3:3d:d5:54:
5b:52:9d:42:9f:76:fa:05:8e:be:87:8d:3c:5c:3f:
67:c6:d2:d1:6c:ec:52:3d:85:df:49:29:0d:d8:9b:
5a:dd:5a:20:65:72:d1:62:f3:3a:82:15:b0:17:1b:
69:75:9f:4e:15:ff:9c:0b:1c:bb:e8:e5:9d:87:f5:
ec:c8:38:bf:3a:63:f3:fd:16:a7:e6:20:1c:49:cf:
9f:cf:e4:29:79:ed:4e:6c:74:f2:11:3b:f5:6e:01:
81:4f:70:fd:77:be:1a:e0:d9:aa:18:fb:ab:4a:01:
c6:8a:28:d0:33:b8:95:e9:66:59:9d:1b:4d:41:7a:
15:ee:51:30:d0:90:de:c5:d5:33:d4:84:58:dc:c5:
c6:ed:61:83:7a:02:13:06:14:69:53:49:aa:92:0c:
c7:60:b3:11:0f:6d:39:29:63:6b:63:00:ec:d4:0a:
cc:f8:36:af:18:06:65:b8:00:e9:91:4a:c9:b7:5d:
35:23:bd:33:26:b0:39:d1:b9:1f:43:bb:c5:c2:b4:
cd:b7:36:4c:95:81:61:84:2d:65:0d:08:43:6c:98:
f5:0c:2e:be:91:52:92:57:05:20:4c:09:54:54:ea:
14:56:ef:c9:58:69:7c:50:50:41:98:b8:ec:e5:a3:
c7:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:47:B9:5D:C6:8A:D3:A5:82:D3:74:A6:4A:C2:2C:8C:50:0B:01:65
X509v3 Authority Key Identifier:
keyid:E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e3132332e3135372e302f32342d3234203d3e203533333536.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.157.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:77:d4:5b:9b:f5:b1:cd:d5:8e:01:ee:e2:b6:cb:f7:aa:c8:
48:e8:c2:45:8a:10:81:df:92:a3:af:69:98:c7:df:16:ec:8c:
5a:06:78:a6:44:62:90:2a:e0:d8:99:65:e5:9d:59:e0:02:6e:
e5:91:c7:9b:c8:bb:28:41:2b:47:9b:73:e7:08:ea:ed:69:bc:
f5:79:1c:c8:cd:57:3d:06:e7:a9:51:ab:bc:61:bb:bf:25:c2:
f3:c2:17:8f:30:99:46:4d:1b:42:68:04:9c:87:33:38:8f:21:
61:8e:e9:07:f5:e3:3f:b3:34:5c:6a:5d:e8:44:77:10:c8:3f:
2f:f4:f8:6e:76:a7:a1:f5:6b:33:44:af:da:91:dc:79:34:c7:
54:d4:8c:ba:7a:32:06:63:6c:81:b2:11:1d:b7:ec:b6:19:64:
92:3a:84:11:5d:5c:a0:e7:ce:23:23:66:b6:cc:92:dd:4f:d7:
df:f8:cc:3f:5e:e6:15:45:cf:ee:c3:f4:91:25:7f:74:45:82:
e4:a4:64:e8:aa:d1:93:31:7c:08:00:e7:a1:9d:b4:63:d0:5f:
d7:6e:f3:b7:a6:85:71:74:0e:43:13:cb:82:1f:1a:e8:3c:f9:
2e:25:65:a2:04:01:3a:d3:77:ef:69:b7:4c:bb:1b:29:1d:1f:
9a:1f:57:75
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZIEnbf0N+KjtgYupomgd25GON98wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTFmMzUxMmY1MWRjNDJiYjllYjEyYWJjMGJiNTI5NjY4
YjJlZGVlNDAeFw0yNTA3MDkxNDA4MThaFw0yNjA3MDgxNDEzMThaMDMxMTAvBgNV
BAMTKDdENDdCOTVEQzY4QUQzQTU4MkQzNzRBNjRBQzIyQzhDNTAwQjAxNjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCRp6/uyoqvFoQN0z3VVFtSnUKf
dvoFjr6HjTxcP2fG0tFs7FI9hd9JKQ3Ym1rdWiBlctFi8zqCFbAXG2l1n04V/5wL
HLvo5Z2H9ezIOL86Y/P9FqfmIBxJz5/P5Cl57U5sdPIRO/VuAYFPcP13vhrg2aoY
+6tKAcaKKNAzuJXpZlmdG01BehXuUTDQkN7F1TPUhFjcxcbtYYN6AhMGFGlTSaqS
DMdgsxEPbTkpY2tjAOzUCsz4Nq8YBmW4AOmRSsm3XTUjvTMmsDnRuR9Du8XCtM23
NkyVgWGELWUNCENsmPUMLr6RUpJXBSBMCVRU6hRW78lYaXxQUEGYuOzlo8eBAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUfUe5XcaK06WC03SmSsIsjFALAWUwHwYDVR0j
BBgwFoAU4fNRL1HcQruesSq8C7UpZosu3uQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgtZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3
OWE3LzAvRTFGMzUxMkY1MURDNDJCQjlFQjEyQUJDMEJCNTI5NjY4QjJFREVFNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRmTlJMMUhjUXJ1ZXNTcThDN1VwWm9z
dTN1US5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgt
ZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3OWE3LzAvMzEzODM1MmUzMTMyMzMyZTMx
MzUzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzMzMzM1MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5e50wDQYJKoZIhvcNAQELBQADggEBAA531Fub9bHN1Y4B7uK2y/eqyEjowkWK
EIHfkqOvaZjH3xbsjFoGeKZEYpAq4NiZZeWdWeACbuWRx5vIuyhBK0ebc+cI6u1p
vPV5HMjNVz0G56lRq7xhu78lwvPCF48wmUZNG0JoBJyHMziPIWGO6Qf14z+zNFxq
XehEdxDIPy/0+G52p6H1azNEr9qR3Hk0x1TUjLp6MgZjbIGyER237LYZZJI6hBFd
XKDnziMjZrbMkt1P19/4zD9e5hVFz+7D9JElf3RFguSkZOiq0ZMxfAgA56GdtGPQ
X9du87emhXF0DkMTy4IfGug8+S4lZaIEATrTd+9pt0y7GykdH5ofV3U=
-----END CERTIFICATE-----
Generated at Sun Jul 20 14:14:07 2025 by rpki-client