Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232332e302f32342d3234203d3e203434333832.roa
File: 38352e3233372e3232332e302f32342d3234203d3e203434333832.roa (raw, json)
Hash identifier: itKEw1FVoAh1iAXi10WBAe87cHwpy+9p1TtargCtjaI=
Subject key identifier: ED:AB:E8:AD:0E:09:EF:47:29:C9:7E:39:BE:61:62:1E:76:52:67:D9
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 13AE45A006DC6068DC6131603F5CA453AD2E041E
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232332e302f32342d3234203d3e203434333832.roa
Signing time: Sat 29 Mar 2025 17:57:23 +0000
ROA not before: Sat 29 Mar 2025 17:52:23 +0000
ROA not after: Sat 28 Mar 2026 17:57:23 +0000
asID: 44382
IP address blocks: 85.237.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:ae:45:a0:06:dc:60:68:dc:61:31:60:3f:5c:a4:53:ad:2e:04:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Mar 29 17:52:23 2025 GMT
Not After : Mar 28 17:57:23 2026 GMT
Subject: CN=EDABE8AD0E09EF4729C97E39BE61621E765267D9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e9:c2:37:56:22:29:0a:d8:1a:a4:ad:d9:40:
87:77:bb:76:9c:4e:2a:51:24:9a:b4:70:64:fb:14:
ec:8a:ce:d6:b4:29:f2:8b:66:0f:ee:e7:1b:f3:0d:
66:95:f8:49:fc:f3:24:53:97:aa:d8:aa:59:fc:35:
35:65:fb:70:c0:1e:8e:e7:f4:a6:4f:ad:8f:24:90:
84:b0:a2:03:24:02:ba:41:17:d9:46:f1:f7:14:9d:
2e:76:41:1f:a3:4f:66:80:1d:a6:ef:62:1c:51:59:
5f:ac:6f:27:2e:77:a4:6e:34:de:bb:88:e6:ec:0d:
e4:26:d8:04:94:6a:25:ca:a3:8b:e7:9a:8a:8f:4b:
6e:57:4a:b4:6e:24:ec:be:b4:37:25:88:80:70:60:
20:67:7f:c1:9e:d3:88:93:5b:94:48:f8:45:98:a8:
71:87:81:15:9e:ac:ef:78:b4:7d:2d:f2:f5:94:cf:
77:d1:6d:21:00:e5:76:dc:45:9b:b0:89:d8:98:52:
6a:d8:9c:16:b8:20:7b:4f:31:0c:94:e3:46:89:40:
4b:45:18:aa:30:2e:c7:2c:b9:e2:e5:90:aa:5a:64:
34:0e:2e:11:00:2c:7d:7d:a7:5f:bd:4c:42:6a:ef:
96:81:88:63:00:14:90:71:08:92:dc:95:fd:d3:ef:
76:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:AB:E8:AD:0E:09:EF:47:29:C9:7E:39:BE:61:62:1E:76:52:67:D9
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232332e302f32342d3234203d3e203434333832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.223.0/24
Signature Algorithm: sha256WithRSAEncryption
00:c0:29:fe:25:17:6a:f4:93:fe:fd:f7:d6:01:b9:83:a8:2b:
dd:5f:1d:95:e8:99:f0:35:2f:cc:5b:c3:77:73:ac:39:8c:4d:
e0:17:d9:9d:18:4d:99:ce:4d:69:b5:1c:16:4d:43:4c:8c:64:
ce:54:fa:ad:73:7c:36:da:d9:f5:dd:f6:4a:85:28:6b:17:4a:
d7:8d:e3:4a:f0:08:2f:7e:a8:0c:84:81:f9:37:22:04:73:c4:
db:e8:35:88:49:4a:8f:13:f9:e4:2c:bb:33:60:6b:69:81:c9:
52:04:e1:59:bb:6e:63:cc:ae:3c:61:31:1b:ed:59:c7:54:47:
30:67:e2:d4:fb:21:cb:09:0b:0c:01:3a:71:6c:b9:fb:3c:e5:
52:b2:29:84:d5:03:f9:be:49:ad:14:d5:12:e3:ce:7d:74:cf:
d8:81:bc:fe:0c:76:4f:4a:57:86:63:36:28:3a:19:60:a0:03:
1b:f4:f6:d7:3f:b8:23:af:87:e3:da:42:81:2b:fc:79:19:7e:
18:7f:92:48:98:8c:ba:46:f9:36:54:05:de:fd:9c:69:0c:f7:
90:a3:ee:e3:01:69:ab:cf:b6:5f:7c:93:7f:15:3a:34:fd:63:
48:bf:6c:a2:01:2f:d8:f4:5f:c7:a4:4a:f3:be:f9:26:a9:d3:
67:40:61:23
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUE65FoAbcYGjcYTFgP1ykU60uBB4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTAzMjkxNzUyMjNaFw0yNjAzMjgxNzU3MjNaMDMxMTAvBgNV
BAMTKEVEQUJFOEFEMEUwOUVGNDcyOUM5N0UzOUJFNjE2MjFFNzY1MjY3RDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw6cI3ViIpCtgapK3ZQId3u3ac
TipRJJq0cGT7FOyKzta0KfKLZg/u5xvzDWaV+En88yRTl6rYqln8NTVl+3DAHo7n
9KZPrY8kkISwogMkArpBF9lG8fcUnS52QR+jT2aAHabvYhxRWV+sbycud6RuNN67
iObsDeQm2ASUaiXKo4vnmoqPS25XSrRuJOy+tDcliIBwYCBnf8Ge04iTW5RI+EWY
qHGHgRWerO94tH0t8vWUz3fRbSEA5XbcRZuwidiYUmrYnBa4IHtPMQyU40aJQEtF
GKowLscsueLlkKpaZDQOLhEALH19p1+9TEJq75aBiGMAFJBxCJLclf3T73bBAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU7avorQ4J70cpyX45vmFiHnZSZ9kwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMy
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM0MzMzODMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Ve3fMA0GCSqGSIb3DQEBCwUAA4IBAQAAwCn+JRdq9JP+/ffWAbmDqCvdXx2V6Jnw
NS/MW8N3c6w5jE3gF9mdGE2Zzk1ptRwWTUNMjGTOVPqtc3w22tn13fZKhShrF0rX
jeNK8AgvfqgMhIH5NyIEc8Tb6DWISUqPE/nkLLszYGtpgclSBOFZu25jzK48YTEb
7VnHVEcwZ+LU+yHLCQsMATpxbLn7POVSsimE1QP5vkmtFNUS4859dM/Ygbz+DHZP
SleGYzYoOhlgoAMb9PbXP7gjr4fj2kKBK/x5GX4Yf5JImIy6Rvk2VAXe/ZxpDPeQ
o+7jAWmrz7ZffJN/FTo0/WNIv2yiAS/Y9F/HpErzvvkmqdNnQGEj
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:39:22 2025 by rpki-client