Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135352e302f32342d3234203d3e203434373731.roa
File: 3138352e3134392e3135352e302f32342d3234203d3e203434373731.roa (raw, json)
Hash identifier: W9T8aPnkMAlNbGOA+isd3U8U+YdKRxlDW0/+vHw4iGg=
Subject key identifier: 82:07:5D:52:F8:9C:3D:AF:61:53:6A:6D:6E:D7:0E:81:CA:19:BD:87
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 252946710CB61925A348B4545D96B1CF0CA0D299
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135352e302f32342d3234203d3e203434373731.roa
Signing time: Fri 09 May 2025 09:37:56 +0000
ROA not before: Fri 09 May 2025 09:32:56 +0000
ROA not after: Fri 08 May 2026 09:37:56 +0000
asID: 44771
IP address blocks: 185.149.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 13:52:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:29:46:71:0c:b6:19:25:a3:48:b4:54:5d:96:b1:cf:0c:a0:d2:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: May 9 09:32:56 2025 GMT
Not After : May 8 09:37:56 2026 GMT
Subject: CN=82075D52F89C3DAF61536A6D6ED70E81CA19BD87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:16:21:6c:3a:d7:a9:41:a2:40:fd:d3:e7:9f:
36:5d:f1:40:22:99:4d:1a:f7:0f:3a:90:e7:cd:f9:
b4:3e:48:68:4a:f2:7d:7d:88:d6:5a:1d:e9:a7:c9:
2a:57:63:ea:69:64:1f:10:1e:48:bf:ac:20:74:89:
77:33:df:2a:32:f7:c3:45:0d:d5:b0:97:76:fb:0d:
5b:aa:a1:b7:ef:b2:53:1d:8e:bb:a1:6f:fe:f1:19:
8b:f6:c7:c0:fa:e2:64:99:da:76:91:97:68:24:9f:
30:8e:3b:38:e1:09:1a:0f:8f:49:bf:c7:d9:f3:9d:
9e:ec:8a:1f:af:1e:3f:ec:93:0d:b0:6a:57:87:7a:
cc:6f:dd:75:5d:81:92:aa:42:86:aa:6a:59:56:d8:
58:e7:08:3f:60:87:08:9a:33:e3:f5:d2:76:dc:be:
53:08:8a:0a:63:71:bc:11:73:4b:44:81:f3:23:f5:
37:9a:35:be:60:d7:94:ee:9b:13:86:b1:50:ae:2b:
a2:86:6a:d3:d9:6b:e4:bd:92:68:78:9c:3d:10:ea:
27:35:93:98:89:40:66:7e:3c:12:d6:7d:df:78:4a:
00:ec:b2:99:7a:96:89:8e:a0:01:15:37:7b:91:7a:
d8:28:74:f5:93:d4:4c:4a:85:ae:97:f2:23:fe:b9:
b6:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:07:5D:52:F8:9C:3D:AF:61:53:6A:6D:6E:D7:0E:81:CA:19:BD:87
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135352e302f32342d3234203d3e203434373731.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.155.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:d8:ef:97:30:e0:ee:95:07:51:fe:41:b2:6f:fa:a3:c4:51:
f3:17:f6:5f:9b:1b:99:d9:40:ff:74:1d:35:78:6a:ad:2a:77:
bc:86:e1:fa:7f:8e:c1:38:69:65:1f:17:b5:d6:9a:90:b2:a1:
6f:cf:54:d8:17:69:5b:a2:ff:69:0d:54:84:db:53:f1:94:3e:
fe:0b:e4:7b:c3:37:0d:1d:f3:60:df:c8:38:2a:ae:43:10:d2:
3b:16:0d:3b:77:ac:63:6b:77:f9:de:d0:7c:12:f5:73:c5:bd:
c9:f3:78:64:7e:19:9e:5e:db:8c:db:21:24:6c:2d:2b:98:d3:
b0:48:01:17:d7:93:29:df:5d:df:7f:1c:c9:63:ae:64:ec:57:
ec:06:d2:fb:88:43:cd:d2:8a:1d:ca:31:38:26:38:80:be:1d:
aa:18:6b:f7:11:a5:bc:bd:e6:81:83:9e:12:d6:84:05:16:0e:
48:bd:c4:61:0b:d5:80:ab:6d:df:bf:5f:e0:fc:71:de:60:58:
d1:93:86:5a:36:bc:5e:11:01:da:78:97:21:a2:8d:f2:f2:e5:
24:67:9f:df:b6:2b:6e:47:48:3e:4c:4f:ca:59:d2:b8:3c:47:
34:4d:0a:c1:0d:0e:d8:40:f5:26:70:9b:a3:68:59:e2:a2:05:
b4:50:24:13
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJSlGcQy2GSWjSLRUXZaxzwyg0pkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNTA1MDkwOTMyNTZaFw0yNjA1MDgwOTM3NTZaMDMxMTAvBgNV
BAMTKDgyMDc1RDUyRjg5QzNEQUY2MTUzNkE2RDZFRDcwRTgxQ0ExOUJEODcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/FiFsOtepQaJA/dPnnzZd8UAi
mU0a9w86kOfN+bQ+SGhK8n19iNZaHemnySpXY+ppZB8QHki/rCB0iXcz3yoy98NF
DdWwl3b7DVuqobfvslMdjruhb/7xGYv2x8D64mSZ2naRl2gknzCOOzjhCRoPj0m/
x9nznZ7sih+vHj/skw2waleHesxv3XVdgZKqQoaqallW2FjnCD9ghwiaM+P10nbc
vlMIigpjcbwRc0tEgfMj9TeaNb5g15TumxOGsVCuK6KGatPZa+S9kmh4nD0Q6ic1
k5iJQGZ+PBLWfd94SgDsspl6lomOoAEVN3uRetgodPWT1ExKha6X8iP+ubbpAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUggddUvicPa9hU2ptbtcOgcoZvYcwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzEzODM1MmUzMTM0MzkyZTMx
MzUzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzQzNzM3MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5lZswDQYJKoZIhvcNAQELBQADggEBADzY75cw4O6VB1H+QbJv+qPEUfMX9l+b
G5nZQP90HTV4aq0qd7yG4fp/jsE4aWUfF7XWmpCyoW/PVNgXaVui/2kNVITbU/GU
Pv4L5HvDNw0d82DfyDgqrkMQ0jsWDTt3rGNrd/ne0HwS9XPFvcnzeGR+GZ5e24zb
ISRsLSuY07BIARfXkynfXd9/HMljrmTsV+wG0vuIQ83Sih3KMTgmOIC+HaoYa/cR
pby95oGDnhLWhAUWDki9xGEL1YCrbd+/X+D8cd5gWNGThlo2vF4RAdp4lyGijfLy
5SRnn9+2K25HSD5MT8pZ0rg8RzRNCsENDthA9SZwm6NoWeKiBbRQJBM=
-----END CERTIFICATE-----
Generated at Fri Jun 6 19:42:47 2025 by rpki-client