Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/352e3138312e3138352e302f32342d3234203d3e20323132333834.roa
File: 352e3138312e3138352e302f32342d3234203d3e20323132333834.roa (raw, json)
Hash identifier: erSH6Mf15T5HOlDb5lpbU/Ku2eMK+cc/6OxLysGJmP4=
Subject key identifier: 4D:9E:8F:E1:0E:C4:4A:5B:11:22:8C:72:86:A7:D1:97:EB:1C:2D:55
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 3B17AFAF87F45AC3F124EE9306D1E3FAE11912E9
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/352e3138312e3138352e302f32342d3234203d3e20323132333834.roa
Signing time: Tue 03 Jun 2025 08:54:08 +0000
ROA not before: Tue 03 Jun 2025 08:49:08 +0000
ROA not after: Tue 02 Jun 2026 08:54:08 +0000
asID: 212384
IP address blocks: 5.181.185.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 14:50:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:17:af:af:87:f4:5a:c3:f1:24:ee:93:06:d1:e3:fa:e1:19:12:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Jun 3 08:49:08 2025 GMT
Not After : Jun 2 08:54:08 2026 GMT
Subject: CN=4D9E8FE10EC44A5B11228C7286A7D197EB1C2D55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:8b:65:b1:8e:14:19:89:a3:e8:0f:b9:42:0d:
2c:f3:3a:d3:f9:82:e0:ee:24:17:60:02:fa:8f:1a:
c7:63:fb:1d:00:02:eb:6c:33:70:04:67:75:b0:a9:
59:50:d7:c1:65:30:46:07:8c:8f:05:60:43:e5:61:
fa:ea:29:73:8f:3f:ba:4c:2a:32:90:97:e8:6e:51:
e8:27:cc:4f:6d:b9:4b:eb:68:22:56:72:32:02:37:
19:24:90:e6:eb:05:b7:79:47:08:d4:55:c6:dc:60:
48:6f:2c:d4:0d:87:b4:cb:1b:27:cc:5f:5d:bb:1a:
14:bc:c9:bf:84:d3:d5:8a:84:82:3c:81:c8:99:75:
48:f7:a6:32:84:c3:a4:cc:a4:fe:67:00:5a:6a:3b:
f1:40:3b:07:7c:7b:7b:56:80:da:1b:47:9a:d9:74:
47:c9:d9:78:fe:4d:43:8c:9b:71:47:42:b7:65:d4:
b3:b8:5a:fc:b2:c0:d3:0f:5b:b0:00:16:11:22:ca:
24:c7:82:c7:6d:13:b8:2a:32:de:65:c7:28:62:09:
49:a9:07:b1:65:dc:9d:a4:da:7b:5b:33:b2:b0:5f:
71:c3:b9:50:99:a5:8c:65:78:27:5d:b8:47:7c:01:
b6:2f:39:76:fe:43:67:cd:76:1d:f5:8a:d1:ac:0a:
15:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:9E:8F:E1:0E:C4:4A:5B:11:22:8C:72:86:A7:D1:97:EB:1C:2D:55
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/352e3138312e3138352e302f32342d3234203d3e20323132333834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.185.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:7f:75:a4:29:d0:0d:63:bd:a6:ea:9b:3e:e7:16:dc:fe:c1:
5d:4f:98:ae:6f:1d:c5:50:50:b3:51:21:6b:c9:9c:0e:57:9d:
ee:15:64:b8:59:54:24:d5:2c:98:de:20:8d:57:43:68:60:30:
81:c5:a8:02:92:e2:86:00:6e:b0:f2:cc:65:39:dc:96:8b:8d:
1d:81:63:af:c4:86:c6:43:2a:45:d7:9e:ed:23:53:c0:8f:14:
56:46:49:8e:04:e2:ea:f3:b1:a0:b8:24:1e:01:63:d2:1d:25:
d6:4f:cc:a8:24:0d:bf:9c:1a:8d:2b:6c:89:40:5b:8b:09:df:
ec:70:3d:6f:1d:58:07:0c:ad:91:90:ec:93:19:ab:a6:3f:e8:
0e:b6:46:a4:9c:ca:33:b1:fa:14:c0:19:7f:15:04:d3:6d:13:
6f:6b:4a:7a:ee:1b:13:b1:b5:67:0c:90:7a:f4:79:39:54:6a:
e7:57:19:68:90:47:bc:8a:e9:e4:4f:ac:29:5f:4b:cc:d6:16:
23:8b:44:ab:50:17:ae:a4:0c:7e:97:b0:1f:7a:49:8b:8c:35:
98:e7:73:b4:d5:09:e5:8e:65:57:bf:92:a7:38:21:d9:9e:b4:
a8:3e:33:ed:59:78:ee:fb:c8:0d:9f:89:ff:0a:ea:65:a0:0b:
b1:77:31:10
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUOxevr4f0WsPxJO6TBtHj+uEZEukwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNTA2MDMwODQ5MDhaFw0yNjA2MDIwODU0MDhaMDMxMTAvBgNV
BAMTKDREOUU4RkUxMEVDNDRBNUIxMTIyOEM3Mjg2QTdEMTk3RUIxQzJENTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCri2WxjhQZiaPoD7lCDSzzOtP5
guDuJBdgAvqPGsdj+x0AAutsM3AEZ3WwqVlQ18FlMEYHjI8FYEPlYfrqKXOPP7pM
KjKQl+huUegnzE9tuUvraCJWcjICNxkkkObrBbd5RwjUVcbcYEhvLNQNh7TLGyfM
X127GhS8yb+E09WKhII8gciZdUj3pjKEw6TMpP5nAFpqO/FAOwd8e3tWgNobR5rZ
dEfJ2Xj+TUOMm3FHQrdl1LO4WvyywNMPW7AAFhEiyiTHgsdtE7gqMt5lxyhiCUmp
B7Fl3J2k2ntbM7KwX3HDuVCZpYxleCdduEd8AbYvOXb+Q2fNdh31itGsChXfAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUTZ6P4Q7ESlsRIoxyhqfRl+scLVUwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzUyZTMxMzgzMTJlMzEzODM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzMzODM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
BbW5MA0GCSqGSIb3DQEBCwUAA4IBAQDJf3WkKdANY72m6ps+5xbc/sFdT5iubx3F
UFCzUSFryZwOV53uFWS4WVQk1SyY3iCNV0NoYDCBxagCkuKGAG6w8sxlOdyWi40d
gWOvxIbGQypF157tI1PAjxRWRkmOBOLq87GguCQeAWPSHSXWT8yoJA2/nBqNK2yJ
QFuLCd/scD1vHVgHDK2RkOyTGaumP+gOtkaknMozsfoUwBl/FQTTbRNva0p67hsT
sbVnDJB69Hk5VGrnVxlokEe8iunkT6wpX0vM1hYji0SrUBeupAx+l7AfekmLjDWY
53O01QnljmVXv5KnOCHZnrSoPjPtWXju+8gNn4n/CuploAuxdzEQ
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:22:55 2025 by rpki-client