Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3233302e302f32342d3234203d3e20313430323234.roa
File: 38352e3230392e3233302e302f32342d3234203d3e20313430323234.roa (raw, json)
Hash identifier: X9S/vAQJZJ3+zexclWqp51kmLLKozc6jAta0ZYx43Ns=
Subject key identifier: 2B:29:FE:63:C5:B7:64:B1:1A:DA:EC:CB:E7:88:30:E6:A2:78:5D:97
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 7FBB6D4D7D0A3CC7BF53FC78CED8669C1153EF94
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3233302e302f32342d3234203d3e20313430323234.roa
Signing time: Tue 27 May 2025 12:01:50 +0000
ROA not before: Tue 27 May 2025 11:56:50 +0000
ROA not after: Tue 26 May 2026 12:01:50 +0000
asID: 140224
IP address blocks: 85.209.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:bb:6d:4d:7d:0a:3c:c7:bf:53:fc:78:ce:d8:66:9c:11:53:ef:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: May 27 11:56:50 2025 GMT
Not After : May 26 12:01:50 2026 GMT
Subject: CN=2B29FE63C5B764B11ADAECCBE78830E6A2785D97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1c:2d:c8:e0:d6:81:72:57:fa:6e:db:2c:07:
45:15:8b:f5:e1:c6:d0:40:5f:52:ba:09:a1:1e:a6:
74:09:b4:10:e4:ee:03:3f:a6:99:50:6d:11:aa:cc:
cf:c5:ce:f4:8b:89:6a:32:a9:ea:cb:41:81:23:b2:
de:b7:6c:c8:e0:6b:91:51:50:e7:e2:53:99:48:27:
f4:2d:82:83:26:7f:4f:17:7a:d5:93:f1:57:9c:d0:
73:fa:57:25:b0:70:d5:34:5d:ba:6f:2f:89:39:ee:
8b:d0:23:fd:08:c1:3c:5f:c6:08:98:4d:8d:3c:d4:
c7:40:3b:14:1f:1b:a9:6e:c8:67:05:54:35:63:d4:
ca:7c:30:63:6f:3e:30:56:4a:56:20:87:66:48:ee:
8c:29:3b:4e:64:24:2d:0c:98:1f:0a:ef:55:89:2e:
5b:13:ee:a8:55:31:65:c2:35:0e:3b:ec:61:23:e7:
74:79:5c:5a:07:5c:a2:3e:ed:c0:80:28:22:77:0b:
d2:09:80:45:5f:6e:ad:0d:be:d5:75:4c:5c:2f:59:
58:ab:78:81:b6:a3:27:12:91:fb:a5:8f:ad:2e:27:
1c:5f:81:f5:21:a6:85:f3:31:9e:94:52:63:aa:ab:
8f:68:72:be:04:52:53:ce:74:c2:0d:df:5c:d7:f1:
39:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:29:FE:63:C5:B7:64:B1:1A:DA:EC:CB:E7:88:30:E6:A2:78:5D:97
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3233302e302f32342d3234203d3e20313430323234.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.230.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:3f:85:98:b8:4b:09:ed:af:cb:58:c6:d7:01:2e:9d:21:05:
da:d1:38:6e:40:f1:70:97:01:58:dd:9f:9a:3d:c4:40:12:6a:
15:70:14:66:3b:e7:7a:57:2a:f9:9c:42:4e:53:7f:81:4e:94:
8e:85:d3:96:30:07:83:e0:49:c8:fb:84:d7:fc:6e:17:41:de:
f7:2f:c3:2c:d9:c7:cb:62:bf:0d:a6:8d:f7:7c:ee:6c:a5:4a:
4c:8d:de:b8:55:7a:3b:a2:f0:42:a0:f9:0e:39:21:34:aa:6c:
c4:b9:03:56:ed:80:4c:3f:67:a5:5f:b7:c2:c1:20:74:00:9e:
11:75:04:ed:e9:31:97:90:42:0b:01:28:b7:34:e2:ca:d4:04:
36:ab:01:8f:f9:ac:ab:0f:92:9c:f0:5b:01:8a:f8:0a:43:d5:
e6:8d:5b:34:14:45:ff:46:00:cc:aa:5d:6b:7b:09:ad:bd:f1:
0f:13:fe:cd:fd:a2:42:60:5a:2b:5c:1b:d2:9d:53:90:d7:33:
77:8c:64:6f:91:a2:0e:ba:a8:b2:92:71:bc:67:76:05:24:fb:
17:bb:31:5c:45:12:9e:32:6a:70:78:bc:b5:16:cd:6d:e6:2c:
b8:38:68:d9:65:30:da:3e:00:6c:89:61:77:9f:6d:fb:04:67:
eb:96:1b:9e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUf7ttTX0KPMe/U/x4zthmnBFT75QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNTA1MjcxMTU2NTBaFw0yNjA1MjYxMjAxNTBaMDMxMTAvBgNV
BAMTKDJCMjlGRTYzQzVCNzY0QjExQURBRUNDQkU3ODgzMEU2QTI3ODVEOTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuHC3I4NaBclf6btssB0UVi/Xh
xtBAX1K6CaEepnQJtBDk7gM/pplQbRGqzM/FzvSLiWoyqerLQYEjst63bMjga5FR
UOfiU5lIJ/QtgoMmf08XetWT8Vec0HP6VyWwcNU0XbpvL4k57ovQI/0IwTxfxgiY
TY081MdAOxQfG6luyGcFVDVj1Mp8MGNvPjBWSlYgh2ZI7owpO05kJC0MmB8K71WJ
LlsT7qhVMWXCNQ477GEj53R5XFoHXKI+7cCAKCJ3C9IJgEVfbq0NvtV1TFwvWVir
eIG2oycSkfulj60uJxxfgfUhpoXzMZ6UUmOqq49ocr4EUlPOdMIN31zX8TkNAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUKyn+Y8W3ZLEa2uzL54gw5qJ4XZcwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzgzNTJlMzIzMDM5MmUzMjMz
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM0MzAzMjMyMzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV0eYwDQYJKoZIhvcNAQELBQADggEBAKA/hZi4Swntr8tYxtcBLp0hBdrROG5A
8XCXAVjdn5o9xEASahVwFGY753pXKvmcQk5Tf4FOlI6F05YwB4PgScj7hNf8bhdB
3vcvwyzZx8tivw2mjfd87mylSkyN3rhVejui8EKg+Q45ITSqbMS5A1btgEw/Z6Vf
t8LBIHQAnhF1BO3pMZeQQgsBKLc04srUBDarAY/5rKsPkpzwWwGK+ApD1eaNWzQU
Rf9GAMyqXWt7Ca298Q8T/s39okJgWitcG9KdU5DXM3eMZG+Rog66qLKScbxndgUk
+xe7MVxFEp4yanB4vLUWzW3mLLg4aNllMNo+AGyJYXefbfsEZ+uWG54=
-----END CERTIFICATE-----
Generated at Fri Jun 6 16:55:46 2025 by rpki-client