Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/3138352e38362e3232342e302f32342d3234203d3e203439313932.roa
File: 3138352e38362e3232342e302f32342d3234203d3e203439313932.roa (raw, json)
Hash identifier: R1iDu9WCL0q2IrJGzq/wt63LOyBWhh9M6puThqaZhTQ=
Subject key identifier: 63:B6:42:AF:74:22:1E:B8:A4:0A:E2:2C:09:6C:75:63:9E:22:5E:1F
Certificate issuer: /CN=fac4708d7e265db1044f9bb0ee8728587f48b484
Certificate serial: 43ECC642A00F4F9786BF8488B00820C9DEDEFA96
Authority key identifier: FA:C4:70:8D:7E:26:5D:B1:04:4F:9B:B0:EE:87:28:58:7F:48:B4:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/3138352e38362e3232342e302f32342d3234203d3e203439313932.roa
Signing time: Wed 04 Jun 2025 21:32:14 +0000
ROA not before: Wed 04 Jun 2025 21:27:14 +0000
ROA not after: Wed 03 Jun 2026 21:32:14 +0000
asID: 49192
IP address blocks: 185.86.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.crl
rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:ec:c6:42:a0:0f:4f:97:86:bf:84:88:b0:08:20:c9:de:de:fa:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fac4708d7e265db1044f9bb0ee8728587f48b484
Validity
Not Before: Jun 4 21:27:14 2025 GMT
Not After : Jun 3 21:32:14 2026 GMT
Subject: CN=63B642AF74221EB8A40AE22C096C75639E225E1F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:df:95:e5:4d:4f:04:3a:bb:e4:30:88:b9:51:
e1:4c:b9:91:41:7a:dd:3f:33:31:26:81:95:e6:2e:
b1:e4:f8:15:66:b6:53:53:b4:7f:b0:b4:f9:12:94:
b2:da:21:e9:0c:95:90:db:88:3b:79:2e:d9:08:c3:
68:eb:f5:b1:88:37:27:80:79:99:1d:8d:0f:47:5f:
63:ec:e7:35:b3:14:9b:cd:a5:7d:2c:d4:1b:36:02:
80:35:79:da:5f:2c:d1:69:f6:2a:f5:7e:fe:6b:3c:
a3:dd:91:4a:cb:d7:98:5c:1d:d7:2e:b2:10:bb:fb:
27:38:ec:09:87:94:c9:ee:6b:76:b9:e6:77:1c:86:
cb:85:d1:d1:18:d1:25:62:91:22:a2:cc:b7:4c:29:
93:52:34:21:dd:af:09:8a:63:56:06:42:0b:01:fd:
f7:4e:17:3f:a7:59:65:97:51:02:52:ee:a8:23:7c:
f0:40:e8:1a:f5:c4:bb:6c:7b:4d:4b:2b:45:d6:f2:
c1:be:52:15:a8:e5:1f:bd:82:d4:5b:11:38:71:7a:
88:61:2b:65:09:bc:73:de:4a:c2:ae:3d:4a:8b:9e:
ab:6d:d6:10:af:e7:11:f9:0c:f6:77:93:5e:d1:d3:
a7:7e:2f:1f:40:15:dc:60:9a:e8:b2:df:95:db:78:
e5:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:B6:42:AF:74:22:1E:B8:A4:0A:E2:2C:09:6C:75:63:9E:22:5E:1F
X509v3 Authority Key Identifier:
keyid:FA:C4:70:8D:7E:26:5D:B1:04:4F:9B:B0:EE:87:28:58:7F:48:B4:84
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/3138352e38362e3232342e302f32342d3234203d3e203439313932.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.224.0/24
Signature Algorithm: sha256WithRSAEncryption
55:72:ed:ef:42:d4:ed:37:af:43:05:46:b2:2d:37:a3:de:aa:
6e:e4:b9:fb:14:ce:11:80:e0:43:4d:68:b2:76:2a:85:90:00:
24:70:22:a4:8a:81:ae:27:be:1c:2f:12:2b:35:73:6d:f3:90:
9c:e6:15:36:f6:50:52:a4:59:b7:de:ac:24:7b:ae:d7:08:6c:
52:3e:c1:ea:81:37:98:8b:21:67:12:a9:76:00:50:19:f2:fd:
fa:28:42:ca:f5:c0:6a:e7:7f:51:a7:7c:a7:45:f3:46:e4:23:
be:51:4a:76:b5:3c:25:83:91:0f:51:fd:bd:76:f2:0e:2b:e3:
b2:87:b0:47:06:72:ae:ce:f8:28:d8:9f:db:b8:6d:ba:88:69:
3e:5c:67:78:64:21:04:a9:a0:80:21:bf:5a:16:42:d1:93:ac:
51:bd:8d:44:3c:bb:36:cf:5c:02:51:14:f0:09:04:33:9d:2d:
3d:fe:b0:86:eb:b1:de:9c:75:e5:d3:e2:24:a7:51:d5:5a:c3:
b8:dc:37:a2:6c:ab:39:8e:da:25:5d:84:0b:46:78:e0:26:e0:
bd:da:10:56:a7:c6:9f:fa:2a:28:51:1f:54:ea:da:95:6f:03:
bc:08:2f:5f:34:92:31:34:57:af:a7:c3:85:2e:a2:f1:4c:9b:
2c:a4:4b:c0
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUQ+zGQqAPT5eGv4SIsAggyd7e+pYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmFjNDcwOGQ3ZTI2NWRiMTA0NGY5YmIwZWU4NzI4NTg3
ZjQ4YjQ4NDAeFw0yNTA2MDQyMTI3MTRaFw0yNjA2MDMyMTMyMTRaMDMxMTAvBgNV
BAMTKDYzQjY0MkFGNzQyMjFFQjhBNDBBRTIyQzA5NkM3NTYzOUUyMjVFMUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCX35XlTU8EOrvkMIi5UeFMuZFB
et0/MzEmgZXmLrHk+BVmtlNTtH+wtPkSlLLaIekMlZDbiDt5LtkIw2jr9bGINyeA
eZkdjQ9HX2Ps5zWzFJvNpX0s1Bs2AoA1edpfLNFp9ir1fv5rPKPdkUrL15hcHdcu
shC7+yc47AmHlMnua3a55ncchsuF0dEY0SVikSKizLdMKZNSNCHdrwmKY1YGQgsB
/fdOFz+nWWWXUQJS7qgjfPBA6Br1xLtse01LK0XW8sG+UhWo5R+9gtRbEThxeohh
K2UJvHPeSsKuPUqLnqtt1hCv5xH5DPZ3k17R06d+Lx9AFdxgmuiy35XbeOXtAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUY7ZCr3QiHrikCuIsCWx1Y54iXh8wHwYDVR0j
BBgwFoAU+sRwjX4mXbEET5uw7ocoWH9ItIQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNWI1OGU2NDYtZTdhMi00NjVjLTg3YzUtNDNjMzU5YWQ5
MzY5LzAvRkFDNDcwOEQ3RTI2NURCMTA0NEY5QkIwRUU4NzI4NTg3RjQ4QjQ4NC5j
cmwwZQYIKwYBBQUHAQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEtc1J3alg0bVhiRUVUNXV3N29jb1dI
OUl0SVEuY2VyMIGtBggrBgEFBQcBCwSBoDCBnTCBmgYIKwYBBQUHMAuGgY1yc3lu
YzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzViNThlNjQ2
LWU3YTItNDY1Yy04N2M1LTQzYzM1OWFkOTM2OS8wLzMxMzgzNTJlMzgzNjJlMzIz
MjM0MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzOTMxMzkzMi5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ALlW4DANBgkqhkiG9w0BAQsFAAOCAQEAVXLt70LU7TevQwVGsi03o96qbuS5+xTO
EYDgQ01osnYqhZAAJHAipIqBrie+HC8SKzVzbfOQnOYVNvZQUqRZt96sJHuu1whs
Uj7B6oE3mIshZxKpdgBQGfL9+ihCyvXAaud/Uad8p0XzRuQjvlFKdrU8JYORD1H9
vXbyDivjsoewRwZyrs74KNif27htuohpPlxneGQhBKmggCG/WhZC0ZOsUb2NRDy7
Ns9cAlEU8AkEM50tPf6whuux3px15dPiJKdR1VrDuNw3omyrOY7aJV2EC0Z44Cbg
vdoQVqfGn/oqKFEfVOralW8DvAgvXzSSMTRXr6fDhS6i8UybLKRLwA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:01:06 2025 by rpki-client