Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3138352e33312e3136382e302f32322d3232203d3e203432363839.roa
File: 3138352e33312e3136382e302f32322d3232203d3e203432363839.roa (raw, json)
Hash identifier: uLliNmyXgYgIYTcX1Vgw6d0Gmkthw54L3rgfncwMu30=
Subject key identifier: 7D:D9:A7:97:7E:64:D7:29:A9:C1:C3:CE:E8:47:34:D8:CD:3A:A2:A4
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 5CDADA539EA591951027F40FF7B578AB14170DB1
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3138352e33312e3136382e302f32322d3232203d3e203432363839.roa
Signing time: Tue 18 Feb 2025 11:21:32 +0000
ROA not before: Tue 18 Feb 2025 11:16:32 +0000
ROA not after: Tue 17 Feb 2026 11:21:32 +0000
asID: 42689
IP address blocks: 185.31.168.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 11:25:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:da:da:53:9e:a5:91:95:10:27:f4:0f:f7:b5:78:ab:14:17:0d:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Feb 18 11:16:32 2025 GMT
Not After : Feb 17 11:21:32 2026 GMT
Subject: CN=7DD9A7977E64D729A9C1C3CEE84734D8CD3AA2A4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:17:84:39:a0:1c:b5:7c:96:b6:44:03:95:88:
13:08:c3:47:af:ba:c0:0e:e0:bb:85:4d:c2:89:9b:
20:34:5c:8b:b2:4c:08:d8:e1:6a:0e:c4:2f:15:7b:
83:fc:8a:e9:aa:4f:9b:7a:cd:b8:ca:57:d3:f6:ad:
68:27:5b:6d:39:3c:a4:51:15:cc:51:a1:4c:7f:bb:
85:e0:ec:26:4d:59:72:03:82:16:c3:7b:3b:aa:cd:
05:77:d5:5c:1e:7a:79:e1:a8:ce:75:4c:bb:06:aa:
06:02:22:ea:ad:31:f3:05:0c:a4:7e:de:34:ff:71:
e7:a8:d2:b8:75:de:7f:79:13:bd:ca:52:33:4c:68:
19:82:59:32:5e:9f:e9:33:de:2d:e8:0b:26:a5:66:
60:68:b2:2b:15:54:e1:96:74:d3:ae:80:30:66:23:
46:52:a7:8d:52:94:c8:f8:f0:03:0a:c3:15:57:b9:
ca:d1:b1:19:f7:91:4d:f2:9b:56:84:a2:54:ed:0a:
94:53:78:14:bf:7f:de:93:2c:68:95:c3:53:9e:56:
7d:fa:e9:4a:cd:2e:27:23:41:2b:3f:32:54:73:17:
b8:e9:ec:ea:8f:c1:2e:11:c1:2b:04:d1:e3:fd:fc:
0a:8e:49:14:ba:fe:08:20:44:0f:ff:d6:86:8d:4b:
5f:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:D9:A7:97:7E:64:D7:29:A9:C1:C3:CE:E8:47:34:D8:CD:3A:A2:A4
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3138352e33312e3136382e302f32322d3232203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.168.0/22
Signature Algorithm: sha256WithRSAEncryption
49:fc:22:cb:19:ae:0e:48:45:f8:17:38:99:b7:d7:96:4a:08:
cd:e0:f1:18:72:e9:0c:12:fd:a7:af:b7:fc:db:a4:17:91:37:
31:01:5c:3f:54:4c:db:45:9c:eb:5f:13:7c:88:f9:cd:ed:4f:
a3:c7:6c:cb:58:ad:7d:fd:e8:6a:f5:31:e6:a7:c7:d6:69:3a:
29:c2:1d:5d:1a:8f:fc:0d:c0:f1:be:96:5d:3b:b3:6d:4d:f8:
57:7f:18:35:3f:a4:11:5d:22:b9:67:55:2c:28:d3:64:6d:54:
47:79:80:81:bc:29:9a:d8:b7:6a:84:23:a5:fe:f7:1d:5e:3b:
4f:5d:40:a6:8c:7c:10:3c:68:46:6f:5e:a3:ec:3a:d9:0e:25:
4a:b1:7a:26:90:00:99:7b:3d:f5:27:d5:a5:a2:50:3e:a1:c7:
c2:01:7f:36:e0:2d:0d:b8:ec:a1:5a:d0:71:a2:2f:dd:78:7d:
16:78:9d:cd:35:a6:fc:1f:0b:bf:e4:9d:5f:36:a7:0d:56:a9:
2a:9b:da:3e:a0:08:59:b7:a6:09:2d:9f:03:7b:c0:be:19:09:
a9:b7:90:f2:82:ca:b4:6a:cb:37:7b:6f:3c:8b:12:5a:42:a2:
99:4c:e6:2c:03:6c:f3:ec:ce:c4:59:91:a6:58:67:8e:9b:7a:
5d:65:69:f8
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUXNraU56lkZUQJ/QP97V4qxQXDbEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNTAyMTgxMTE2MzJaFw0yNjAyMTcxMTIxMzJaMDMxMTAvBgNV
BAMTKDdERDlBNzk3N0U2NEQ3MjlBOUMxQzNDRUU4NDczNEQ4Q0QzQUEyQTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlF4Q5oBy1fJa2RAOViBMIw0ev
usAO4LuFTcKJmyA0XIuyTAjY4WoOxC8Ve4P8iumqT5t6zbjKV9P2rWgnW205PKRR
FcxRoUx/u4Xg7CZNWXIDghbDezuqzQV31VweennhqM51TLsGqgYCIuqtMfMFDKR+
3jT/ceeo0rh13n95E73KUjNMaBmCWTJen+kz3i3oCyalZmBosisVVOGWdNOugDBm
I0ZSp41SlMj48AMKwxVXucrRsRn3kU3ym1aEolTtCpRTeBS/f96TLGiVw1OeVn36
6UrNLicjQSs/MlRzF7jp7OqPwS4RwSsE0eP9/AqOSRS6/gggRA//1oaNS18VAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUfdmnl35k1ympwcPO6Ec02M06oqQwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzEzODM1MmUzMzMxMmUzMTM2
MzgyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
uR+oMA0GCSqGSIb3DQEBCwUAA4IBAQBJ/CLLGa4OSEX4FziZt9eWSgjN4PEYcukM
Ev2nr7f826QXkTcxAVw/VEzbRZzrXxN8iPnN7U+jx2zLWK19/ehq9THmp8fWaTop
wh1dGo/8DcDxvpZdO7NtTfhXfxg1P6QRXSK5Z1UsKNNkbVRHeYCBvCma2LdqhCOl
/vcdXjtPXUCmjHwQPGhGb16j7DrZDiVKsXomkACZez31J9WlolA+ocfCAX824C0N
uOyhWtBxoi/deH0WeJ3NNab8Hwu/5J1fNqcNVqkqm9o+oAhZt6YJLZ8De8C+GQmp
t5Dygsq0ass3e288ixJaQqKZTOYsA2zz7M7EWZGmWGeOm3pdZWn4
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:32:28 2025 by rpki-client