Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230322e302f32342d3234203d3e20323132323338.roa
File: 38352e3233372e3230322e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: 710fTHQvlt981DZ/Ycbo34N++uhGOLqhHF6FzkOMPmI=
Subject key identifier: 4E:F1:16:17:91:91:E0:40:29:B4:20:3C:7C:03:80:4B:35:87:39:CD
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 7889C657425F757FB6DB670A404DD99C4D8A5AB8
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230322e302f32342d3234203d3e20323132323338.roa
Signing time: Wed 04 Jun 2025 09:33:05 +0000
ROA not before: Wed 04 Jun 2025 09:28:05 +0000
ROA not after: Wed 03 Jun 2026 09:33:05 +0000
asID: 212238
IP address blocks: 85.237.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:89:c6:57:42:5f:75:7f:b6:db:67:0a:40:4d:d9:9c:4d:8a:5a:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Jun 4 09:28:05 2025 GMT
Not After : Jun 3 09:33:05 2026 GMT
Subject: CN=4EF116179191E04029B4203C7C03804B358739CD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:1f:14:50:b6:5b:32:4e:97:59:76:b9:a5:df:
21:b9:fe:44:73:f6:f7:8e:3e:8b:77:61:cc:b4:4a:
6a:07:aa:a1:f5:b4:70:5d:c4:4f:35:49:7b:82:75:
10:b3:59:de:0f:82:1a:ac:ca:eb:44:eb:87:59:dd:
b8:4e:7b:1d:88:f3:e3:2f:5c:2d:f8:5c:e2:cf:82:
cb:f1:1f:c1:18:e5:21:7f:62:1f:d3:6d:fb:d9:95:
70:cb:5a:54:1b:6d:03:2d:c9:9d:cd:1c:e5:86:31:
c3:e3:70:d7:7c:81:51:fd:b1:72:14:cf:12:7c:af:
40:ec:bb:1f:e8:cf:29:d1:1d:64:f5:1b:84:68:d6:
06:76:5d:13:aa:48:0d:c1:bd:22:1c:52:45:38:8c:
a5:d2:70:10:e1:b9:a4:7b:0b:5c:46:04:f8:90:4a:
43:51:81:91:d0:23:9e:1d:75:23:bd:4d:12:e1:d2:
4e:de:5f:47:43:12:b1:ee:56:ea:88:f9:3f:d4:74:
37:bb:98:80:93:dd:e2:ca:35:b8:23:f2:43:53:21:
99:6f:33:cf:61:b7:cd:d2:af:9a:2c:3a:ae:b0:54:
ce:35:b3:85:a8:64:6f:f4:1f:de:c4:af:d2:0f:46:
19:85:00:68:e7:eb:c6:c4:a3:f9:ec:d6:47:31:72:
63:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:F1:16:17:91:91:E0:40:29:B4:20:3C:7C:03:80:4B:35:87:39:CD
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230322e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.202.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:73:12:95:67:b2:5b:cd:fb:de:d8:9c:38:c8:e9:59:d5:38:
89:9f:1e:8e:b8:b2:13:49:44:00:e6:60:95:b9:d6:77:d4:88:
e3:e9:8d:61:b3:98:73:9c:94:0a:e7:6a:46:ac:01:db:ab:cd:
2e:b5:d5:02:19:d6:e9:72:a2:a9:2d:7a:9d:93:e1:ae:27:4c:
be:21:35:a3:b9:a4:8d:02:f0:8a:49:30:eb:77:d2:d5:bd:6f:
ca:d7:f8:19:c7:16:0e:4e:c6:35:1c:de:af:dc:bb:61:58:63:
91:47:30:f5:a9:14:1d:4c:a9:0e:40:41:da:4c:4d:72:e3:1f:
d1:96:83:8f:6e:0c:37:d3:f7:92:02:a0:6d:3b:44:91:d8:a8:
29:cd:8e:a1:da:fb:03:e1:23:66:34:14:14:60:2b:ef:db:96:
98:b1:31:2b:de:76:21:c3:53:f9:1c:a2:cb:3f:d0:40:67:3b:
12:a3:aa:a5:e2:0e:8c:71:5f:83:89:2b:7c:69:1e:b0:86:77:
a0:d0:1c:c8:95:69:c9:4a:6d:eb:6e:65:11:97:1d:a4:ff:e4:
a6:cc:e4:ac:50:e7:3c:77:84:33:c7:2d:61:5e:4e:42:56:fa:
ec:7b:a6:cc:53:ac:a2:76:66:a5:9f:4c:1e:01:fb:50:96:89:
c1:29:1b:c3
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUeInGV0JfdX+222cKQE3ZnE2KWrgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTA2MDQwOTI4MDVaFw0yNjA2MDMwOTMzMDVaMDMxMTAvBgNV
BAMTKDRFRjExNjE3OTE5MUUwNDAyOUI0MjAzQzdDMDM4MDRCMzU4NzM5Q0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWHxRQtlsyTpdZdrml3yG5/kRz
9veOPot3Ycy0SmoHqqH1tHBdxE81SXuCdRCzWd4PghqsyutE64dZ3bhOex2I8+Mv
XC34XOLPgsvxH8EY5SF/Yh/TbfvZlXDLWlQbbQMtyZ3NHOWGMcPjcNd8gVH9sXIU
zxJ8r0Dsux/ozynRHWT1G4Ro1gZ2XROqSA3BvSIcUkU4jKXScBDhuaR7C1xGBPiQ
SkNRgZHQI54ddSO9TRLh0k7eX0dDErHuVuqI+T/UdDe7mICT3eLKNbgj8kNTIZlv
M89ht83Sr5osOq6wVM41s4WoZG/0H97Er9IPRhmFAGjn68bEo/ns1kcxcmP1AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUTvEWF5GR4EAptCA8fAOASzWHOc0wHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMw
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMjMzMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7cowDQYJKoZIhvcNAQELBQADggEBAI9zEpVnslvN+97YnDjI6VnVOImfHo64
shNJRADmYJW51nfUiOPpjWGzmHOclArnakasAdurzS611QIZ1ulyoqktep2T4a4n
TL4hNaO5pI0C8IpJMOt30tW9b8rX+BnHFg5OxjUc3q/cu2FYY5FHMPWpFB1MqQ5A
QdpMTXLjH9GWg49uDDfT95ICoG07RJHYqCnNjqHa+wPhI2Y0FBRgK+/blpixMSve
diHDU/kcoss/0EBnOxKjqqXiDoxxX4OJK3xpHrCGd6DQHMiVaclKbetuZRGXHaT/
5KbM5KxQ5zx3hDPHLWFeTkJW+ux7psxTrKJ2ZqWfTB4B+1CWicEpG8M=
-----END CERTIFICATE-----
Generated at Fri Jun 6 16:07:42 2025 by rpki-client