Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3138352e37352e3231322e302f32322d3232203d3e203432363839.roa
File: 3138352e37352e3231322e302f32322d3232203d3e203432363839.roa (raw, json)
Hash identifier: sm6psp8heCpOcAb002b+rVnBR8kC+sAlATjw6ElQO44=
Subject key identifier: B6:37:73:51:37:4F:A7:D7:8E:C1:36:1E:D5:D4:30:86:09:31:17:14
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 0919248C23788C8BFF67103CE2E34D14E8B6BFE8
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3138352e37352e3231322e302f32322d3232203d3e203432363839.roa
Signing time: Tue 18 Feb 2025 11:21:32 +0000
ROA not before: Tue 18 Feb 2025 11:16:32 +0000
ROA not after: Tue 17 Feb 2026 11:21:32 +0000
asID: 42689
IP address blocks: 185.75.212.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 11:25:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:19:24:8c:23:78:8c:8b:ff:67:10:3c:e2:e3:4d:14:e8:b6:bf:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Feb 18 11:16:32 2025 GMT
Not After : Feb 17 11:21:32 2026 GMT
Subject: CN=B6377351374FA7D78EC1361ED5D4308609311714
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:e2:a7:82:bd:2e:b0:8d:3a:19:4e:3b:91:e1:
43:de:f5:10:6f:b6:5e:1d:1b:bb:50:ee:8a:99:a1:
cf:02:75:43:86:b4:71:3a:36:02:76:59:7a:16:6a:
9c:ca:71:f5:c3:bd:00:b8:bf:5c:4f:13:c3:df:45:
85:7a:f5:0d:00:bd:c0:77:6d:57:1d:c6:21:ac:44:
2c:35:2a:97:8b:c2:f0:6a:df:d7:fb:f4:b8:94:3f:
e9:da:ef:35:4e:13:75:7b:5a:eb:76:a7:f0:0f:a5:
02:06:c7:b9:7b:63:54:41:c7:93:a4:6e:b8:6d:70:
8d:f1:27:98:37:d1:83:fe:9c:50:d8:4f:4c:e7:60:
85:65:12:84:98:c6:9d:82:5c:29:90:ab:2c:8e:4c:
4f:d4:d5:31:ea:c2:b2:4b:9d:b6:c0:ee:d5:2d:b3:
c9:ba:d2:22:e1:e0:3e:b0:19:09:2e:b3:f1:86:12:
30:e6:df:db:f1:60:99:bc:bf:dd:6a:de:7f:b1:e1:
86:e6:5d:2c:e5:94:09:3d:db:c2:5c:b6:54:5c:01:
20:e9:d7:88:62:7f:d5:9c:13:56:1f:a4:01:9e:a3:
d8:e8:8d:48:29:14:06:70:7f:69:05:17:97:3b:84:
b6:08:f0:39:db:d8:40:1d:47:6d:cb:2c:99:48:40:
06:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:37:73:51:37:4F:A7:D7:8E:C1:36:1E:D5:D4:30:86:09:31:17:14
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3138352e37352e3231322e302f32322d3232203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.212.0/22
Signature Algorithm: sha256WithRSAEncryption
51:a7:af:20:0f:3b:f3:cc:5d:6b:21:0e:77:95:b2:8c:77:b2:
0b:35:9d:79:54:95:dd:03:57:3b:e5:06:5b:3c:69:13:7a:28:
3f:2c:d6:86:71:ad:43:fa:80:de:80:40:12:61:c3:d0:e4:2c:
7d:20:8b:b4:ac:2b:ad:42:c7:2c:40:b4:7d:6b:8f:b5:64:5d:
6a:ee:08:62:f7:fb:15:b3:16:ba:3d:43:7c:6f:53:8c:fa:2d:
7b:52:a5:dd:d5:90:85:19:10:7d:de:8f:63:76:ee:c2:09:87:
a8:7d:26:9a:54:d0:c6:77:b3:b1:f5:21:af:73:5a:2d:86:62:
f0:6f:68:03:12:01:52:87:a6:de:42:0d:63:ab:d6:eb:3a:81:
e2:1a:02:ca:7a:26:82:09:c1:04:a5:a9:7b:49:06:d6:f7:26:
c1:8c:f5:43:0d:72:a1:51:0c:54:0c:2c:bd:fd:01:80:a6:c5:
af:c8:29:30:80:20:95:74:f0:fa:91:a4:8f:b0:96:73:f3:be:
51:4c:d2:14:4d:3f:e4:78:57:93:77:e0:06:61:f0:41:24:87:
36:d7:6c:1c:f6:3d:09:a1:ff:c6:70:6d:ef:2b:4f:bd:bf:6a:
bb:b1:96:a4:ce:27:16:33:82:b3:d6:32:bf:00:81:85:2d:0a:
51:27:4b:64
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUCRkkjCN4jIv/ZxA84uNNFOi2v+gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNTAyMTgxMTE2MzJaFw0yNjAyMTcxMTIxMzJaMDMxMTAvBgNV
BAMTKEI2Mzc3MzUxMzc0RkE3RDc4RUMxMzYxRUQ1RDQzMDg2MDkzMTE3MTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD04qeCvS6wjToZTjuR4UPe9RBv
tl4dG7tQ7oqZoc8CdUOGtHE6NgJ2WXoWapzKcfXDvQC4v1xPE8PfRYV69Q0AvcB3
bVcdxiGsRCw1KpeLwvBq39f79LiUP+na7zVOE3V7Wut2p/APpQIGx7l7Y1RBx5Ok
brhtcI3xJ5g30YP+nFDYT0znYIVlEoSYxp2CXCmQqyyOTE/U1THqwrJLnbbA7tUt
s8m60iLh4D6wGQkus/GGEjDm39vxYJm8v91q3n+x4YbmXSzllAk928JctlRcASDp
14hif9WcE1YfpAGeo9jojUgpFAZwf2kFF5c7hLYI8Dnb2EAdR23LLJlIQAYdAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUtjdzUTdPp9eOwTYe1dQwhgkxFxQwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzEzODM1MmUzNzM1MmUzMjMx
MzIyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
uUvUMA0GCSqGSIb3DQEBCwUAA4IBAQBRp68gDzvzzF1rIQ53lbKMd7ILNZ15VJXd
A1c75QZbPGkTeig/LNaGca1D+oDegEASYcPQ5Cx9IIu0rCutQscsQLR9a4+1ZF1q
7ghi9/sVsxa6PUN8b1OM+i17UqXd1ZCFGRB93o9jdu7CCYeofSaaVNDGd7Ox9SGv
c1othmLwb2gDEgFSh6beQg1jq9brOoHiGgLKeiaCCcEEpal7SQbW9ybBjPVDDXKh
UQxUDCy9/QGApsWvyCkwgCCVdPD6kaSPsJZz875RTNIUTT/keFeTd+AGYfBBJIc2
12wc9j0Jof/GcG3vK0+9v2q7sZakzicWM4Kz1jK/AIGFLQpRJ0tk
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:34:59 2025 by rpki-client