Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/3138352e3231312e34332e302f32342d3234203d3e203536383833.roa
File: 3138352e3231312e34332e302f32342d3234203d3e203536383833.roa (raw, json)
Hash identifier: 0GGtulQgh58mdaZy9i43/jGy8cDbbjgf1fqq974LzcM=
Subject key identifier: C8:80:FC:20:99:9A:08:24:8A:79:8B:CB:35:AA:39:4D:27:48:AB:FB
Certificate issuer: /CN=fac4708d7e265db1044f9bb0ee8728587f48b484
Certificate serial: 529F1295C46E9F6872AC5A1DCF01F87AD39945DE
Authority key identifier: FA:C4:70:8D:7E:26:5D:B1:04:4F:9B:B0:EE:87:28:58:7F:48:B4:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/3138352e3231312e34332e302f32342d3234203d3e203536383833.roa
Signing time: Wed 04 Jun 2025 21:32:14 +0000
ROA not before: Wed 04 Jun 2025 21:27:14 +0000
ROA not after: Wed 03 Jun 2026 21:32:14 +0000
asID: 56883
IP address blocks: 185.211.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.crl
rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 01:40:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:9f:12:95:c4:6e:9f:68:72:ac:5a:1d:cf:01:f8:7a:d3:99:45:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fac4708d7e265db1044f9bb0ee8728587f48b484
Validity
Not Before: Jun 4 21:27:14 2025 GMT
Not After : Jun 3 21:32:14 2026 GMT
Subject: CN=C880FC20999A08248A798BCB35AA394D2748ABFB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ed:57:ac:3d:4d:3b:fb:a4:39:cc:68:82:98:
aa:91:e9:6f:9a:17:02:86:6a:b8:8f:a0:25:08:07:
00:f9:f5:24:45:d6:89:c6:5e:57:76:24:f9:6c:11:
b5:d6:55:4c:bd:20:47:68:99:bf:54:98:e2:88:8f:
aa:b6:34:48:76:80:5c:61:7b:27:b3:47:0b:1e:6c:
09:e5:54:89:4c:4b:70:95:da:b5:72:5d:9a:cf:dd:
18:11:51:c3:d4:ed:df:05:3c:a8:ca:72:fd:59:76:
70:52:8a:2f:2f:75:f1:5b:ec:ec:dc:24:b0:bb:e2:
a9:a0:28:24:07:40:bd:c4:c6:4a:d3:74:48:d5:07:
25:0d:af:7d:20:68:e4:64:01:88:0b:5b:6b:dd:67:
a9:b7:2c:c0:04:55:84:57:cf:a7:6a:b8:43:03:75:
6f:9a:de:6b:d1:3d:f4:8c:c0:d8:30:fe:7b:7d:5d:
20:4a:27:c8:f6:d9:df:fd:ee:0d:7b:54:2d:89:b0:
ee:ea:9f:5e:c7:d1:44:79:29:f4:14:2e:df:96:8b:
73:8e:5d:9f:d1:f0:81:48:8b:f4:6d:8b:ce:0d:91:
fd:e8:b4:f2:ca:22:4f:01:8d:94:c8:25:5c:e5:b1:
e4:76:86:79:7e:fa:e9:c4:fe:ed:c2:37:7b:42:35:
54:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:80:FC:20:99:9A:08:24:8A:79:8B:CB:35:AA:39:4D:27:48:AB:FB
X509v3 Authority Key Identifier:
keyid:FA:C4:70:8D:7E:26:5D:B1:04:4F:9B:B0:EE:87:28:58:7F:48:B4:84
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/3138352e3231312e34332e302f32342d3234203d3e203536383833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.43.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:f8:8c:a3:3e:58:4c:23:33:63:30:94:cd:7c:cc:21:96:0c:
aa:20:bb:34:09:0c:94:b5:3d:d7:96:6d:b2:43:00:1d:80:76:
25:db:02:46:0b:ab:12:42:5c:b4:9f:2e:ab:08:a1:b4:d4:e6:
16:8d:bd:4a:76:41:c9:98:53:99:3f:36:6b:15:a8:d5:b9:cd:
8b:02:e5:90:bd:0e:53:40:1a:81:77:e8:2c:84:b9:43:03:20:
ce:d9:76:88:a7:83:74:c6:b6:ec:91:02:3c:ff:bc:b8:c1:95:
af:45:cb:37:fa:e5:18:d1:25:7a:33:9f:91:fc:53:fb:10:c5:
6d:8f:7a:9c:2c:22:9f:b8:52:84:e0:53:5f:8c:09:a7:dc:f6:
68:3c:b5:b1:e1:aa:16:93:35:8d:0b:0f:19:40:cc:f3:ed:21:
15:07:98:30:c3:2e:b4:38:87:2b:92:73:1a:7f:5c:3f:82:5c:
f4:7f:13:51:4a:a1:45:7d:a9:e1:e0:87:2b:38:0b:4f:07:1e:
3b:c4:87:e3:88:f5:4d:00:b4:ee:87:09:ba:62:1e:b3:c7:79:
1a:20:d0:27:6b:a1:5f:c7:a7:81:eb:41:84:8f:52:ad:1e:44:
75:81:b0:b0:fc:f4:92:a7:b0:88:a2:16:fa:ab:5e:68:67:64:
04:b7:3f:c9
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUUp8SlcRun2hyrFodzwH4etOZRd4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmFjNDcwOGQ3ZTI2NWRiMTA0NGY5YmIwZWU4NzI4NTg3
ZjQ4YjQ4NDAeFw0yNTA2MDQyMTI3MTRaFw0yNjA2MDMyMTMyMTRaMDMxMTAvBgNV
BAMTKEM4ODBGQzIwOTk5QTA4MjQ4QTc5OEJDQjM1QUEzOTREMjc0OEFCRkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDU7VesPU07+6Q5zGiCmKqR6W+a
FwKGariPoCUIBwD59SRF1onGXld2JPlsEbXWVUy9IEdomb9UmOKIj6q2NEh2gFxh
eyezRwsebAnlVIlMS3CV2rVyXZrP3RgRUcPU7d8FPKjKcv1ZdnBSii8vdfFb7Ozc
JLC74qmgKCQHQL3ExkrTdEjVByUNr30gaORkAYgLW2vdZ6m3LMAEVYRXz6dquEMD
dW+a3mvRPfSMwNgw/nt9XSBKJ8j22d/97g17VC2JsO7qn17H0UR5KfQULt+Wi3OO
XZ/R8IFIi/Rti84Nkf3otPLKIk8BjZTIJVzlseR2hnl++unE/u3CN3tCNVRxAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUyID8IJmaCCSKeYvLNao5TSdIq/swHwYDVR0j
BBgwFoAU+sRwjX4mXbEET5uw7ocoWH9ItIQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNWI1OGU2NDYtZTdhMi00NjVjLTg3YzUtNDNjMzU5YWQ5
MzY5LzAvRkFDNDcwOEQ3RTI2NURCMTA0NEY5QkIwRUU4NzI4NTg3RjQ4QjQ4NC5j
cmwwZQYIKwYBBQUHAQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEtc1J3alg0bVhiRUVUNXV3N29jb1dI
OUl0SVEuY2VyMIGtBggrBgEFBQcBCwSBoDCBnTCBmgYIKwYBBQUHMAuGgY1yc3lu
YzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzViNThlNjQ2
LWU3YTItNDY1Yy04N2M1LTQzYzM1OWFkOTM2OS8wLzMxMzgzNTJlMzIzMTMxMmUz
NDMzMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzNjM4MzgzMy5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ALnTKzANBgkqhkiG9w0BAQsFAAOCAQEALPiMoz5YTCMzYzCUzXzMIZYMqiC7NAkM
lLU915ZtskMAHYB2JdsCRgurEkJctJ8uqwihtNTmFo29SnZByZhTmT82axWo1bnN
iwLlkL0OU0AagXfoLIS5QwMgztl2iKeDdMa27JECPP+8uMGVr0XLN/rlGNElejOf
kfxT+xDFbY96nCwin7hShOBTX4wJp9z2aDy1seGqFpM1jQsPGUDM8+0hFQeYMMMu
tDiHK5JzGn9cP4Jc9H8TUUqhRX2p4eCHKzgLTwceO8SH44j1TQC07ocJumIes8d5
GiDQJ2uhX8engetBhI9SrR5EdYGwsPz0kqewiKIW+qteaGdkBLc/yQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 14:27:17 2025 by rpki-client