Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3130302e37322e302f32322d3232203d3e203630343538.roa
File: 3138352e3130302e37322e302f32322d3232203d3e203630343538.roa (raw, json)
Hash identifier: tt+7v33pgcfL/OR4IEoj2XRjnG0uMYFwUsQyGd/wSJQ=
Subject key identifier: D6:B4:F7:77:D6:5A:08:CB:40:DE:85:E4:BD:1C:A0:02:A9:E7:17:A0
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 255D21B28DF429278517578B2547C898C23F9A2E
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3130302e37322e302f32322d3232203d3e203630343538.roa
Signing time: Mon 05 May 2025 06:54:06 +0000
ROA not before: Mon 05 May 2025 06:49:06 +0000
ROA not after: Mon 04 May 2026 06:54:06 +0000
asID: 60458
IP address blocks: 185.100.72.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:5d:21:b2:8d:f4:29:27:85:17:57:8b:25:47:c8:98:c2:3f:9a:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: May 5 06:49:06 2025 GMT
Not After : May 4 06:54:06 2026 GMT
Subject: CN=D6B4F777D65A08CB40DE85E4BD1CA002A9E717A0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:aa:1a:3c:40:75:b9:16:48:fd:8b:70:9e:54:
36:f8:72:31:da:22:4a:90:a0:65:a9:ca:07:29:f9:
aa:a3:69:e7:db:3c:98:78:ac:e7:90:72:e3:9a:30:
7e:41:80:66:91:df:83:18:51:ff:62:58:9f:0f:b6:
70:6e:a3:32:02:b8:c0:d0:dc:67:b5:3f:37:c5:d6:
9c:f9:a7:cb:b0:48:f2:ae:fa:84:37:d6:b0:2d:12:
55:b7:f9:1d:73:85:67:9c:c6:9e:a7:c1:6e:aa:4c:
b5:f8:8c:5a:02:47:9a:7b:4d:16:cb:ac:a2:76:38:
c5:4b:d7:94:da:86:2a:ad:14:0f:3b:ad:f4:24:cf:
c0:88:f2:d0:91:ac:2d:6e:8c:20:0b:16:3e:6f:72:
5d:bc:95:f8:1c:8d:07:73:95:8b:f6:42:51:c4:de:
0e:9e:49:be:32:20:48:88:2d:9a:03:ed:bc:73:63:
e7:e7:45:1d:dd:d3:a3:4d:2c:9b:32:33:83:6b:3e:
7d:29:37:71:f5:30:c0:36:0d:ae:fe:88:07:af:a7:
62:07:6b:a3:bf:55:ba:99:fb:af:70:1d:4a:66:56:
6f:93:4b:8c:1d:6d:37:2d:74:36:fa:52:d1:b6:26:
d3:4e:c2:b2:67:94:35:9d:76:96:09:44:76:1b:5d:
ae:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:B4:F7:77:D6:5A:08:CB:40:DE:85:E4:BD:1C:A0:02:A9:E7:17:A0
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3130302e37322e302f32322d3232203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.72.0/22
Signature Algorithm: sha256WithRSAEncryption
58:0e:67:fa:5f:fa:34:1e:7b:03:db:7c:bc:2b:42:39:a0:f5:
cc:f0:03:99:1f:f5:5d:f4:54:10:e5:81:84:0a:85:53:a9:d8:
16:e6:28:a8:23:8d:4f:66:fa:b7:49:96:32:bd:f0:79:de:ca:
11:17:09:3d:04:ab:bc:7f:bb:e8:5f:03:e9:e3:d0:1c:a0:08:
36:1f:6c:bd:45:cb:d2:62:af:bd:46:4b:f9:f9:22:e9:2f:c9:
5d:76:17:28:a4:8a:45:03:61:7d:ec:e4:ad:b0:f4:7b:c6:6f:
f1:a7:13:f1:05:06:b6:40:85:b4:d1:b9:21:8a:0e:f1:3b:a8:
e8:2c:74:ee:56:ef:7f:76:9b:df:14:2d:6f:0c:6d:c8:60:24:
ce:cd:fd:6d:1b:b7:35:56:33:d8:91:67:e3:58:6f:de:83:99:
04:3a:3a:57:0b:f6:b3:31:e0:63:a3:fc:8d:1f:40:c0:11:ed:
e7:3f:28:bb:4f:2c:99:61:07:9a:f4:c1:2e:7a:c3:0a:23:c4:
34:81:84:f4:58:13:51:67:6c:bf:04:68:35:15:29:ef:ac:e5:
c9:e4:f4:16:f1:76:b0:86:f5:aa:75:72:dd:93:53:04:02:ff:
c0:7f:cb:f2:e2:8d:16:6a:06:40:03:db:34:e8:4b:ab:f3:c7:
1b:17:30:a3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUJV0hso30KSeFF1eLJUfImMI/mi4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNTA1MDUwNjQ5MDZaFw0yNjA1MDQwNjU0MDZaMDMxMTAvBgNV
BAMTKEQ2QjRGNzc3RDY1QTA4Q0I0MERFODVFNEJEMUNBMDAyQTlFNzE3QTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4qho8QHW5Fkj9i3CeVDb4cjHa
IkqQoGWpygcp+aqjaefbPJh4rOeQcuOaMH5BgGaR34MYUf9iWJ8PtnBuozICuMDQ
3Ge1PzfF1pz5p8uwSPKu+oQ31rAtElW3+R1zhWecxp6nwW6qTLX4jFoCR5p7TRbL
rKJ2OMVL15TahiqtFA87rfQkz8CI8tCRrC1ujCALFj5vcl28lfgcjQdzlYv2QlHE
3g6eSb4yIEiILZoD7bxzY+fnRR3d06NNLJsyM4NrPn0pN3H1MMA2Da7+iAevp2IH
a6O/VbqZ+69wHUpmVm+TS4wdbTctdDb6UtG2JtNOwrJnlDWddpYJRHYbXa4VAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU1rT3d9ZaCMtA3oXkvRygAqnnF6AwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMTMwMzAyZTM3
MzIyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzNjMwMzQzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
uWRIMA0GCSqGSIb3DQEBCwUAA4IBAQBYDmf6X/o0HnsD23y8K0I5oPXM8AOZH/Vd
9FQQ5YGECoVTqdgW5iioI41PZvq3SZYyvfB53soRFwk9BKu8f7voXwPp49AcoAg2
H2y9RcvSYq+9Rkv5+SLpL8lddhcopIpFA2F97OStsPR7xm/xpxPxBQa2QIW00bkh
ig7xO6joLHTuVu9/dpvfFC1vDG3IYCTOzf1tG7c1VjPYkWfjWG/eg5kEOjpXC/az
MeBjo/yNH0DAEe3nPyi7TyyZYQea9MEuesMKI8Q0gYT0WBNRZ2y/BGg1FSnvrOXJ
5PQW8XawhvWqdXLdk1MEAv/Af8vy4o0WagZAA9s06Eur88cbFzCj
-----END CERTIFICATE-----
Generated at Fri Jun 6 19:35:30 2025 by rpki-client