Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231352e302f32342d3234203d3e20323030303137.roa
File: 38352e3233372e3231352e302f32342d3234203d3e20323030303137.roa (raw, json)
Hash identifier: +J4bDerIeRlK53XpJpuxFmRvXv2T4DeSs0/ww/CxsVE=
Subject key identifier: F6:39:5C:41:F6:5E:83:A1:88:B3:C2:62:7C:97:FE:0F:EE:52:C4:9F
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 63B7FA026AE645F108A69C38A6C49A8FB538BBA7
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231352e302f32342d3234203d3e20323030303137.roa
Signing time: Wed 26 Mar 2025 13:53:59 +0000
ROA not before: Wed 26 Mar 2025 13:48:59 +0000
ROA not after: Wed 25 Mar 2026 13:53:59 +0000
asID: 200017
IP address blocks: 85.237.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 13:50:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:b7:fa:02:6a:e6:45:f1:08:a6:9c:38:a6:c4:9a:8f:b5:38:bb:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Mar 26 13:48:59 2025 GMT
Not After : Mar 25 13:53:59 2026 GMT
Subject: CN=F6395C41F65E83A188B3C2627C97FE0FEE52C49F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:05:9c:f7:eb:c4:bc:43:07:1e:c7:fe:59:c2:
bb:52:11:36:2b:ab:d0:09:b2:65:5c:72:80:bc:25:
6c:bc:3f:a2:9f:e2:30:23:98:27:7c:f9:33:52:ec:
c9:4a:07:e4:0f:8d:00:db:b3:29:c3:c2:84:8c:e8:
06:f0:5c:bd:a7:1b:e6:3d:2d:7b:8f:90:cb:a9:e7:
2f:9f:f0:c9:d0:38:5a:ca:ed:41:1f:12:9e:b1:38:
36:d0:37:69:10:6b:d7:4e:d7:32:92:b2:08:fd:0a:
24:af:1b:69:8b:a6:7d:8d:d2:ee:a5:66:59:39:9c:
5e:79:11:18:c1:ec:bb:6b:e3:f6:3c:f5:ee:fb:34:
e2:4e:7c:51:e2:3a:d1:9f:68:da:2d:6a:4f:b0:59:
87:8e:00:8c:9d:cb:d6:96:9a:ee:7b:72:f5:48:29:
53:d6:ed:d7:3d:ba:e0:3f:1c:1a:0d:ba:b9:a6:d7:
03:73:a2:aa:c9:d8:9a:b0:e3:61:08:cd:ab:64:70:
e5:29:54:7c:4e:e9:9c:52:09:58:ea:86:af:22:66:
b8:c1:95:c3:08:f8:a1:06:44:d9:b8:53:ac:03:91:
ea:16:7b:70:af:f2:fc:33:74:73:f3:6d:16:66:38:
9e:3b:20:97:54:57:c0:43:f3:d3:3e:1d:69:74:71:
cc:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:39:5C:41:F6:5E:83:A1:88:B3:C2:62:7C:97:FE:0F:EE:52:C4:9F
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231352e302f32342d3234203d3e20323030303137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.215.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:ec:f2:cb:01:d8:ba:84:ce:eb:87:1b:ad:01:7b:35:e3:f7:
d3:e9:3e:7c:0e:f9:0b:6a:6f:2c:e1:a3:ed:fe:ef:aa:e0:31:
8e:73:b9:83:75:4a:ac:fc:cd:25:83:63:94:1b:7d:86:0b:6a:
fb:41:9a:41:29:d9:0f:4a:52:4d:e0:69:86:43:41:93:22:d0:
28:64:87:1a:bc:02:37:65:b7:52:d4:3d:7a:4d:49:a6:f3:9a:
79:42:a9:78:2a:bd:91:c0:b0:6c:42:b6:d7:29:77:3c:66:83:
e4:37:76:f1:e2:8d:30:c5:77:b9:93:7b:92:4a:7f:82:ed:68:
76:e8:b5:4b:f7:c6:38:6a:25:6a:a8:44:3a:6a:b0:4a:02:34:
51:92:bc:1f:c3:55:cb:56:df:fc:ee:71:6b:cb:fb:bd:bd:c4:
37:1b:aa:5f:dc:00:83:fe:72:f5:d6:30:b6:41:b7:8d:db:60:
f2:c3:68:fb:5f:f9:12:35:90:7b:9f:94:a2:d4:46:78:fc:c8:
ba:17:25:d6:29:b9:53:3f:8c:80:c6:18:42:b5:d3:c4:9b:55:
06:a5:97:1f:9b:34:f3:5f:22:cd:0a:5f:50:04:7a:2c:af:0e:
6f:ce:7f:c1:bb:d8:ad:2b:3d:3a:9d:fa:bd:c4:e0:8f:b3:f7:
c7:05:45:0e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUY7f6AmrmRfEIppw4psSaj7U4u6cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTAzMjYxMzQ4NTlaFw0yNjAzMjUxMzUzNTlaMDMxMTAvBgNV
BAMTKEY2Mzk1QzQxRjY1RTgzQTE4OEIzQzI2MjdDOTdGRTBGRUU1MkM0OUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhBZz368S8Qwcex/5ZwrtSETYr
q9AJsmVccoC8JWy8P6Kf4jAjmCd8+TNS7MlKB+QPjQDbsynDwoSM6AbwXL2nG+Y9
LXuPkMup5y+f8MnQOFrK7UEfEp6xODbQN2kQa9dO1zKSsgj9CiSvG2mLpn2N0u6l
Zlk5nF55ERjB7Ltr4/Y89e77NOJOfFHiOtGfaNotak+wWYeOAIydy9aWmu57cvVI
KVPW7dc9uuA/HBoNurmm1wNzoqrJ2Jqw42EIzatkcOUpVHxO6ZxSCVjqhq8iZrjB
lcMI+KEGRNm4U6wDkeoWe3Cv8vwzdHPzbRZmOJ47IJdUV8BD89M+HWl0cczrAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU9jlcQfZeg6GIs8JifJf+D+5SxJ8wHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMx
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzAzMDMxMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7dcwDQYJKoZIhvcNAQELBQADggEBAA/s8ssB2LqEzuuHG60BezXj99PpPnwO
+Qtqbyzho+3+76rgMY5zuYN1Sqz8zSWDY5QbfYYLavtBmkEp2Q9KUk3gaYZDQZMi
0Chkhxq8Ajdlt1LUPXpNSabzmnlCqXgqvZHAsGxCttcpdzxmg+Q3dvHijTDFd7mT
e5JKf4LtaHbotUv3xjhqJWqoRDpqsEoCNFGSvB/DVctW3/zucWvL+729xDcbql/c
AIP+cvXWMLZBt43bYPLDaPtf+RI1kHuflKLURnj8yLoXJdYpuVM/jIDGGEK108Sb
VQallx+bNPNfIs0KX1AEeiyvDm/Of8G72K0rPTqd+r3E4I+z98cFRQ4=
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:09:26 2025 by rpki-client