Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/3138352e3234322e3138332e302f32342d3234203d3e203431373230.roa
File: 3138352e3234322e3138332e302f32342d3234203d3e203431373230.roa (raw, json)
Hash identifier: pyzsZjErsKF/r6TDE4GaASJZY8jmD+uruFgv90V9cVg=
Subject key identifier: 8A:43:F5:A8:2C:E0:0D:97:C6:B7:15:6E:A2:9B:C0:7D:F2:A3:8F:0D
Certificate issuer: /CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Certificate serial: 08E040B129696CE27182BF3156C49193B5B8903E
Authority key identifier: 88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/3138352e3234322e3138332e302f32342d3234203d3e203431373230.roa
Signing time: Thu 22 Aug 2024 15:50:06 +0000
ROA not before: Thu 22 Aug 2024 15:45:06 +0000
ROA not after: Thu 21 Aug 2025 15:50:06 +0000
asID: 41720
IP address blocks: 185.242.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.mft
rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 05:18:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:e0:40:b1:29:69:6c:e2:71:82:bf:31:56:c4:91:93:b5:b8:90:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Validity
Not Before: Aug 22 15:45:06 2024 GMT
Not After : Aug 21 15:50:06 2025 GMT
Subject: CN=8A43F5A82CE00D97C6B7156EA29BC07DF2A38F0D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:e8:a3:bc:2b:36:f1:3f:c2:b0:f3:54:33:c5:
1d:70:06:07:77:b3:90:5e:a7:62:ad:9c:21:bc:1e:
f8:83:32:c5:9c:1a:18:7d:d9:40:d3:eb:8c:30:6f:
a8:87:71:fe:6d:03:c3:2b:08:dd:cd:03:72:50:6c:
a1:e9:bc:a1:19:4a:12:db:71:f4:22:bd:27:ea:40:
42:ec:f2:ba:0e:4a:6d:98:4e:e7:33:8c:76:3f:1e:
f7:9b:af:79:fd:40:fb:eb:ec:58:92:37:4c:31:d7:
15:0d:de:c9:95:1e:ac:fb:a4:b5:f6:dc:09:b3:ee:
64:2d:fb:63:e2:74:fd:23:52:09:d6:91:7d:df:47:
fc:cf:05:0d:89:e7:ea:1a:de:6f:5a:b6:11:55:9b:
e5:22:c4:02:39:37:50:55:8a:0a:6f:23:97:57:cd:
ab:4a:50:91:5f:6c:3b:49:50:01:9e:7b:de:89:90:
fd:80:f1:43:a9:ff:34:f8:10:45:b1:03:9d:5e:24:
ee:a9:f3:e8:d5:5e:9f:f0:a8:6a:c7:1e:c1:c7:04:
ea:85:32:06:b8:78:b3:9f:f3:ab:0d:31:4f:c1:01:
bf:2b:6b:3a:ff:6a:76:57:3e:5f:be:f3:df:d7:3d:
e9:fa:30:01:53:82:20:a8:74:3b:26:93:0a:3e:64:
ec:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:43:F5:A8:2C:E0:0D:97:C6:B7:15:6E:A2:9B:C0:7D:F2:A3:8F:0D
X509v3 Authority Key Identifier:
keyid:88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/3138352e3234322e3138332e302f32342d3234203d3e203431373230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.242.183.0/24
Signature Algorithm: sha256WithRSAEncryption
67:a5:e5:11:2b:a6:9a:36:e2:5d:a4:24:dc:34:13:ba:f3:df:
8b:d2:4c:df:4a:21:fe:7e:e8:9c:ab:5c:cd:b0:7b:39:9b:6f:
ee:a7:c9:f4:af:49:57:2a:9a:e0:dc:fe:25:3a:d4:24:76:f8:
99:7b:ac:1f:d2:2e:e1:c6:8a:6c:cf:4f:9a:f1:08:16:15:0c:
b7:8a:0b:c1:60:4b:3b:ce:fd:53:19:d0:0a:16:78:89:22:82:
4a:e5:58:93:6f:37:70:b6:0b:1a:c4:aa:f5:65:b7:55:b2:67:
15:7f:0b:37:e5:a2:f3:ff:36:a5:f7:69:90:22:04:74:63:38:
2a:ab:d6:4c:78:92:b7:d7:50:65:a9:bb:d3:bf:22:73:aa:eb:
10:81:0f:d4:3c:f9:f3:9d:64:dc:cd:32:1a:4f:a8:64:65:c0:
13:10:93:1b:67:56:b5:60:99:40:56:12:2f:c4:99:16:7c:f2:
04:e1:94:c4:33:6e:24:5d:e7:48:a0:9e:26:16:8f:46:c6:bf:
09:5f:7e:74:44:ee:f5:43:4e:56:8e:70:18:3c:17:96:0e:e6:
7f:e0:19:47:b8:c1:1a:ce:48:c7:26:9e:dc:d9:81:32:d4:11:
0e:84:48:03:3e:46:b7:63:a6:91:8f:bb:54:1d:a5:03:a0:12:
9e:3f:47:0c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUCOBAsSlpbOJxgr8xVsSRk7W4kD4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjZGQ5YzE5M2RhOTE4NWE0YWMxNWIyYWRlODc1ZmU5
N2I2ZjQ5MTAeFw0yNDA4MjIxNTQ1MDZaFw0yNTA4MjExNTUwMDZaMDMxMTAvBgNV
BAMTKDhBNDNGNUE4MkNFMDBEOTdDNkI3MTU2RUEyOUJDMDdERjJBMzhGMEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI6KO8KzbxP8Kw81QzxR1wBgd3
s5Bep2KtnCG8HviDMsWcGhh92UDT64wwb6iHcf5tA8MrCN3NA3JQbKHpvKEZShLb
cfQivSfqQELs8roOSm2YTuczjHY/Hvebr3n9QPvr7FiSN0wx1xUN3smVHqz7pLX2
3Amz7mQt+2PidP0jUgnWkX3fR/zPBQ2J5+oa3m9athFVm+UixAI5N1BVigpvI5dX
zatKUJFfbDtJUAGee96JkP2A8UOp/zT4EEWxA51eJO6p8+jVXp/wqGrHHsHHBOqF
Mga4eLOf86sNMU/BAb8razr/anZXPl++89/XPen6MAFTgiCodDsmkwo+ZOy9AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUikP1qCzgDZfGtxVuopvAffKjjw0wHwYDVR0j
BBgwFoAUiM3ZwZPakYWkrBWyreh1/pe29JEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQtNjFjNS00MjkwLThhNmQtNWYyYjkwMjcz
MjJmLzAvODhDREQ5QzE5M0RBOTE4NUE0QUMxNUIyQURFODc1RkU5N0I2RjQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNM1p3WlBha1lXa3JCV3lyZWgxX3Bl
MjlKRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQt
NjFjNS00MjkwLThhNmQtNWYyYjkwMjczMjJmLzAvMzEzODM1MmUzMjM0MzIyZTMx
MzgzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzEzNzMyMzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC58rcwDQYJKoZIhvcNAQELBQADggEBAGel5RErppo24l2kJNw0E7rz34vSTN9K
If5+6JyrXM2wezmbb+6nyfSvSVcqmuDc/iU61CR2+Jl7rB/SLuHGimzPT5rxCBYV
DLeKC8FgSzvO/VMZ0AoWeIkigkrlWJNvN3C2CxrEqvVlt1WyZxV/CzflovP/NqX3
aZAiBHRjOCqr1kx4krfXUGWpu9O/InOq6xCBD9Q8+fOdZNzNMhpPqGRlwBMQkxtn
VrVgmUBWEi/EmRZ88gThlMQzbiRd50igniYWj0bGvwlffnRE7vVDTlaOcBg8F5YO
5n/gGUe4wRrOSMcmntzZgTLUEQ6ESAM+RrdjppGPu1QdpQOgEp4/Rww=
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:55:20 2025 by rpki-client