Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/352e3138312e3138352e302f32342d3234203d3e20323131333733.roa
File: 352e3138312e3138352e302f32342d3234203d3e20323131333733.roa (raw, json)
Hash identifier: 2IzUCrtAIyuz9E3rWXqOgG5uo4suNn7bGWeOLhfOKvg=
Subject key identifier: C4:D5:EF:45:4B:00:2E:F4:F7:7F:3C:D6:75:0B:11:86:D4:18:4D:C1
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 46B168C27C8D628E5BAB36E04AC3815F851A3481
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/352e3138312e3138352e302f32342d3234203d3e20323131333733.roa
Signing time: Fri 06 Jun 2025 12:54:08 +0000
ROA not before: Fri 06 Jun 2025 12:49:08 +0000
ROA not after: Fri 05 Jun 2026 12:54:08 +0000
asID: 211373
IP address blocks: 5.181.185.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 10:06:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:b1:68:c2:7c:8d:62:8e:5b:ab:36:e0:4a:c3:81:5f:85:1a:34:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Jun 6 12:49:08 2025 GMT
Not After : Jun 5 12:54:08 2026 GMT
Subject: CN=C4D5EF454B002EF4F77F3CD6750B1186D4184DC1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:dc:bd:da:f6:81:1d:bb:e8:8e:3d:5f:32:1b:
50:d2:5e:33:f3:73:6e:c9:71:cc:30:6f:67:ad:44:
ed:23:26:71:9b:5c:98:72:c1:79:42:4a:3b:f3:67:
0e:12:34:d4:3f:c2:b7:6e:a0:38:b3:a3:8c:6e:52:
ae:17:a5:d4:3d:da:f7:86:58:d5:a0:c6:e9:86:26:
86:72:7c:21:41:bc:d2:71:9d:db:27:98:7c:ad:d8:
1b:77:b3:7b:4a:cd:97:8c:68:31:d1:98:dc:39:47:
aa:11:94:12:18:00:66:df:10:cc:2e:19:cd:09:fe:
1e:87:2f:af:ec:5b:1d:65:91:0c:63:80:ee:1d:d1:
c4:69:0b:2b:c2:13:de:68:44:e1:87:23:c1:41:0b:
b4:09:5c:c3:9d:4e:d1:c9:af:ae:78:99:88:79:94:
d1:42:81:5e:cc:27:0a:f6:97:02:66:60:9b:3c:61:
b4:94:cd:9f:df:37:b1:e5:c7:12:00:c9:4e:52:57:
8c:ab:fa:f9:45:85:ba:e1:4b:ff:bc:e2:28:1e:d5:
d2:93:1e:27:3c:19:73:de:34:83:8c:cc:1f:52:78:
e9:cc:fc:cb:00:53:a8:d0:d8:4e:a6:59:f1:bb:40:
39:a3:8f:d4:d5:21:0f:68:15:12:cf:cd:5f:75:ae:
58:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:D5:EF:45:4B:00:2E:F4:F7:7F:3C:D6:75:0B:11:86:D4:18:4D:C1
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/352e3138312e3138352e302f32342d3234203d3e20323131333733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.185.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:f5:a7:97:f5:ed:53:dc:9e:e6:93:67:9d:56:ca:da:77:e3:
f2:b4:67:ef:2a:25:13:32:03:86:1c:17:41:29:94:8e:c4:60:
a0:27:5b:0a:83:5a:7d:5b:ea:19:0a:93:0e:2d:6c:35:f2:40:
5f:17:32:6b:24:b1:d9:96:47:70:f2:fe:c9:c0:ce:0b:14:da:
bf:92:24:74:53:d7:fc:d2:ad:e3:54:ff:3f:7e:28:c7:ea:0a:
80:72:df:71:ef:c2:fc:81:49:58:07:8b:cc:b4:0b:22:39:86:
a8:0e:ac:0d:e2:cd:67:38:f1:04:99:3d:4e:88:21:30:c8:61:
0d:e0:5f:29:47:fb:6f:ab:61:bc:9a:e3:0a:ca:95:6a:19:db:
54:4a:ac:90:af:c5:c8:53:b3:cc:75:35:8a:12:3d:7d:07:93:
af:8a:c5:42:92:a0:f5:cf:be:40:85:2c:d7:c4:23:7a:f6:5e:
ab:34:aa:a3:bc:35:01:42:7e:04:12:61:d5:09:6b:fd:14:87:
db:a5:36:60:96:94:b4:2a:6b:6f:a0:6b:0b:bf:61:44:26:09:
8f:e8:14:9f:41:50:47:5a:bd:3c:56:36:2d:69:20:97:53:06:
7a:84:c0:7d:b5:7e:9b:77:8f:f4:3a:22:ed:48:dd:03:b3:93:
a8:cf:75:69
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIURrFownyNYo5bqzbgSsOBX4UaNIEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNTA2MDYxMjQ5MDhaFw0yNjA2MDUxMjU0MDhaMDMxMTAvBgNV
BAMTKEM0RDVFRjQ1NEIwMDJFRjRGNzdGM0NENjc1MEIxMTg2RDQxODREQzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx3L3a9oEdu+iOPV8yG1DSXjPz
c27Jccwwb2etRO0jJnGbXJhywXlCSjvzZw4SNNQ/wrduoDizo4xuUq4XpdQ92veG
WNWgxumGJoZyfCFBvNJxndsnmHyt2Bt3s3tKzZeMaDHRmNw5R6oRlBIYAGbfEMwu
Gc0J/h6HL6/sWx1lkQxjgO4d0cRpCyvCE95oROGHI8FBC7QJXMOdTtHJr654mYh5
lNFCgV7MJwr2lwJmYJs8YbSUzZ/fN7HlxxIAyU5SV4yr+vlFhbrhS/+84ige1dKT
Hic8GXPeNIOMzB9SeOnM/MsAU6jQ2E6mWfG7QDmjj9TVIQ9oFRLPzV91rli3AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUxNXvRUsALvT3fzzWdQsRhtQYTcEwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzUyZTMxMzgzMTJlMzEzODM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMxMzMzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
BbW5MA0GCSqGSIb3DQEBCwUAA4IBAQA69aeX9e1T3J7mk2edVsrad+PytGfvKiUT
MgOGHBdBKZSOxGCgJ1sKg1p9W+oZCpMOLWw18kBfFzJrJLHZlkdw8v7JwM4LFNq/
kiR0U9f80q3jVP8/fijH6gqAct9x78L8gUlYB4vMtAsiOYaoDqwN4s1nOPEEmT1O
iCEwyGEN4F8pR/tvq2G8muMKypVqGdtUSqyQr8XIU7PMdTWKEj19B5OvisVCkqD1
z75AhSzXxCN69l6rNKqjvDUBQn4EEmHVCWv9FIfbpTZglpS0KmtvoGsLv2FEJgmP
6BSfQVBHWr08VjYtaSCXUwZ6hMB9tX6bd4/0OiLtSN0Ds5Ooz3Vp
-----END CERTIFICATE-----
Generated at Sun Jun 8 00:47:45 2025 by rpki-client