Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3133392e32342e302f32342d3234203d3e20313335333931.roa
File: 3138352e3133392e32342e302f32342d3234203d3e20313335333931.roa (raw, json)
Hash identifier: jO5u/Hy22N4qNgtK9QwZIt+71vuunxsBoAascm6NJm0=
Subject key identifier: 48:3C:63:EE:EF:4D:84:64:13:A6:CA:FE:56:7D:DB:ED:0D:A8:66:BE
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 660FB7981AF9FDD36BC3768657ADADBA00B0D574
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3133392e32342e302f32342d3234203d3e20313335333931.roa
Signing time: Wed 28 May 2025 06:54:08 +0000
ROA not before: Wed 28 May 2025 06:49:08 +0000
ROA not after: Wed 27 May 2026 06:54:08 +0000
asID: 135391
IP address blocks: 185.139.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:0f:b7:98:1a:f9:fd:d3:6b:c3:76:86:57:ad:ad:ba:00:b0:d5:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: May 28 06:49:08 2025 GMT
Not After : May 27 06:54:08 2026 GMT
Subject: CN=483C63EEEF4D846413A6CAFE567DDBED0DA866BE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:9c:08:80:56:7f:a9:41:2e:b1:ac:0d:01:c2:
db:3c:69:80:91:2f:69:df:08:d7:fd:46:c3:1d:17:
1a:35:e2:b1:c0:1a:42:ce:b6:69:b4:59:29:1d:d8:
9d:aa:05:59:ea:e8:11:e1:23:79:53:94:a3:82:22:
be:df:dc:a9:9d:6b:81:7c:82:c9:c6:6a:2e:da:24:
ec:f3:19:c6:1d:90:54:d7:e9:4a:01:d8:31:ab:71:
16:51:4d:8b:d9:c1:9c:ba:bd:0e:2c:7e:dd:5b:d3:
0e:84:69:7e:54:7a:58:b3:fb:5d:6c:20:54:2a:6f:
81:dd:36:9d:0e:da:d1:a5:d6:e6:90:64:df:fe:ad:
df:3a:08:61:2d:35:2f:2e:be:93:31:ae:da:01:24:
c4:89:c2:17:a8:eb:95:19:3e:ca:0f:6a:91:f4:4a:
f0:ec:cd:40:31:0e:5b:7b:40:73:27:53:bc:c8:18:
f8:f6:55:9f:12:76:ef:50:2a:f6:fc:8e:2e:af:48:
a6:8f:e4:d5:e2:fc:b8:a5:05:50:33:56:39:bc:19:
c0:50:97:1a:07:35:ab:52:12:ae:0d:85:67:e9:2e:
1e:95:82:a8:79:c2:42:26:4c:52:68:e4:1a:57:63:
76:86:ce:83:9e:10:5f:b1:0d:d3:2c:da:4a:36:71:
30:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:3C:63:EE:EF:4D:84:64:13:A6:CA:FE:56:7D:DB:ED:0D:A8:66:BE
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3133392e32342e302f32342d3234203d3e20313335333931.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.139.24.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:72:fb:ab:dd:c9:b4:1c:d4:d4:60:44:b0:4a:8d:e1:97:41:
d6:51:d1:84:dc:d2:d7:58:d5:c8:0c:3e:45:1a:ac:11:fc:ef:
1c:b9:2c:f0:5d:40:44:40:f4:33:78:bc:6b:2c:ef:cb:51:61:
ff:28:39:b7:6c:30:40:8f:27:79:33:08:aa:ae:ab:b2:6b:f4:
ac:ba:f8:8d:d3:1d:3c:20:22:87:0d:71:e7:e5:f8:a6:22:1b:
90:e3:c8:90:47:d5:fd:af:64:1b:9e:12:93:4c:3a:fe:ac:a9:
28:54:71:15:39:a1:7d:49:0c:4e:6f:9c:f9:e2:9c:48:89:5a:
32:8b:f6:a7:39:27:51:38:8e:28:64:b4:1d:ac:26:8b:21:e0:
cd:fd:e6:54:ef:1d:d6:db:31:ed:fe:34:b4:4b:fb:d5:e2:bd:
ba:73:a6:07:a0:ae:48:29:31:73:93:d6:cd:e6:07:f8:d1:7d:
b3:e7:25:68:1a:ec:13:a9:30:50:40:6a:ff:b7:ed:13:c2:18:
1d:39:01:41:8b:ad:36:59:a8:24:ea:c6:b7:fc:e6:ae:28:d2:
24:43:b1:ea:dc:c8:7f:ee:c8:75:81:89:7c:74:8a:2a:fc:d7:
0e:e8:cf:e5:c9:d9:39:c4:fd:ee:46:2b:e9:10:15:36:03:58:
34:ed:ff:04
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZg+3mBr5/dNrw3aGV62tugCw1XQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTA1MjgwNjQ5MDhaFw0yNjA1MjcwNjU0MDhaMDMxMTAvBgNV
BAMTKDQ4M0M2M0VFRUY0RDg0NjQxM0E2Q0FGRTU2N0REQkVEMERBODY2QkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUnAiAVn+pQS6xrA0Bwts8aYCR
L2nfCNf9RsMdFxo14rHAGkLOtmm0WSkd2J2qBVnq6BHhI3lTlKOCIr7f3Kmda4F8
gsnGai7aJOzzGcYdkFTX6UoB2DGrcRZRTYvZwZy6vQ4sft1b0w6EaX5Ueliz+11s
IFQqb4HdNp0O2tGl1uaQZN/+rd86CGEtNS8uvpMxrtoBJMSJwheo65UZPsoPapH0
SvDszUAxDlt7QHMnU7zIGPj2VZ8Sdu9QKvb8ji6vSKaP5NXi/LilBVAzVjm8GcBQ
lxoHNatSEq4NhWfpLh6Vgqh5wkImTFJo5BpXY3aGzoOeEF+xDdMs2ko2cTCtAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUSDxj7u9NhGQTpsr+Vn3b7Q2oZr4wHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzODM1MmUzMTMzMzkyZTMy
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzUzMzM5MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5ixgwDQYJKoZIhvcNAQELBQADggEBAEpy+6vdybQc1NRgRLBKjeGXQdZR0YTc
0tdY1cgMPkUarBH87xy5LPBdQERA9DN4vGss78tRYf8oObdsMECPJ3kzCKquq7Jr
9Ky6+I3THTwgIocNcefl+KYiG5DjyJBH1f2vZBueEpNMOv6sqShUcRU5oX1JDE5v
nPninEiJWjKL9qc5J1E4jihktB2sJosh4M395lTvHdbbMe3+NLRL+9Xivbpzpgeg
rkgpMXOT1s3mB/jRfbPnJWga7BOpMFBAav+37RPCGB05AUGLrTZZqCTqxrf85q4o
0iRDsercyH/uyHWBiXx0iir81w7oz+XJ2TnE/e5GK+kQFTYDWDTt/wQ=
-----END CERTIFICATE-----
Generated at Thu Jun 5 07:22:09 2025 by rpki-client