Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3136322e3136382e302f32332d3233203d3e203630343538.roa
File: 3138352e3136322e3136382e302f32332d3233203d3e203630343538.roa (raw, json)
Hash identifier: FhpX/C9zk9FVjj10PImD/wKS/RfpAC0kUdP0bDZAwyg=
Subject key identifier: 7A:2D:63:6D:B4:67:8C:89:46:DC:D3:1C:C5:88:BF:EE:47:06:4E:24
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 4D99ADE7744DBCA8EB85623E1045D9234172065C
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3136322e3136382e302f32332d3233203d3e203630343538.roa
Signing time: Mon 05 May 2025 06:54:07 +0000
ROA not before: Mon 05 May 2025 06:49:07 +0000
ROA not after: Mon 04 May 2026 06:54:07 +0000
asID: 60458
IP address blocks: 185.162.168.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 15:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:99:ad:e7:74:4d:bc:a8:eb:85:62:3e:10:45:d9:23:41:72:06:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: May 5 06:49:07 2025 GMT
Not After : May 4 06:54:07 2026 GMT
Subject: CN=7A2D636DB4678C8946DCD31CC588BFEE47064E24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:8d:1f:6b:30:f5:31:86:9a:dc:2d:fd:08:ef:
76:d9:df:90:ad:16:6d:67:71:c8:60:27:e0:ac:96:
8a:16:d1:1d:fb:44:6d:86:6d:f6:7a:85:70:cf:4c:
f1:f9:ab:d7:af:61:84:48:63:4f:55:c3:dd:d2:5f:
df:b3:eb:fd:c2:7b:e4:5b:ad:20:47:a0:5a:ce:18:
ca:d7:7b:63:cd:f2:b0:fb:0b:4c:51:fa:9a:86:02:
ae:ed:29:cb:22:5e:6e:13:d0:7d:6c:65:b6:7c:1d:
ab:81:5f:74:10:99:88:9f:ca:3e:ab:44:0d:82:af:
80:6b:b2:d1:76:83:dc:72:db:46:8b:30:b7:5e:b0:
90:2d:74:43:8c:78:af:91:b4:29:7e:83:ae:ba:6b:
78:d6:be:32:ee:c9:02:8a:dd:cc:39:48:48:76:02:
a3:cb:2d:47:e3:db:55:5c:20:5e:ec:c6:fa:2c:89:
87:48:e6:fa:c2:9a:36:e3:4e:00:15:e4:bf:f5:95:
bd:01:f0:c8:ff:b8:db:61:93:04:4f:a8:0b:92:36:
25:ed:3d:df:cc:2d:33:fb:c0:9f:96:7c:ac:d0:6d:
f0:3b:d3:31:cb:cc:94:87:e9:12:cf:0d:48:7f:68:
1e:14:a0:20:12:fc:42:64:79:05:78:84:86:16:d8:
2f:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:2D:63:6D:B4:67:8C:89:46:DC:D3:1C:C5:88:BF:EE:47:06:4E:24
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3136322e3136382e302f32332d3233203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.162.168.0/23
Signature Algorithm: sha256WithRSAEncryption
2f:f5:56:cc:81:7f:e5:ae:63:41:f2:d5:ec:2d:0e:96:25:2d:
4b:af:c8:3a:84:3b:25:f2:ec:5e:fa:e1:cc:b3:b3:1b:bb:21:
3d:37:04:91:5c:a7:35:e9:76:5f:51:f5:e9:51:ba:30:93:87:
51:d4:d9:9c:75:6b:67:f1:13:f9:da:a3:23:5c:b0:0c:93:01:
25:46:ad:3a:66:5d:09:11:b0:6f:ab:42:e7:14:d2:dc:c2:6f:
09:1a:18:21:4f:51:42:97:65:bf:46:fb:c7:5b:fc:10:0d:ae:
04:e6:fd:ff:a0:c3:e6:92:35:9e:3b:c5:2d:77:ca:c6:0d:79:
cc:44:b4:91:e0:0e:0f:9e:ce:a4:7e:ba:8e:82:da:cd:01:f1:
8e:85:66:43:6c:0f:ba:4a:a7:56:82:a3:76:90:5a:c4:4c:5e:
82:64:e3:9a:2b:d6:c0:6a:d7:81:d3:ca:1b:18:02:7d:be:98:
38:e1:6e:68:60:03:0e:25:af:f7:03:8f:5c:a0:26:e2:c5:88:
33:56:3d:30:1f:26:1e:64:f2:d0:86:53:50:7c:57:95:77:d0:
52:25:93:2a:3f:52:22:76:15:f9:ac:17:df:75:a1:e6:46:eb:
e9:a9:25:fb:f6:d6:80:d9:01:3a:ee:6d:bc:94:ce:27:1f:bb:
fb:61:df:80
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUTZmt53RNvKjrhWI+EEXZI0FyBlwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNTA1MDUwNjQ5MDdaFw0yNjA1MDQwNjU0MDdaMDMxMTAvBgNV
BAMTKDdBMkQ2MzZEQjQ2NzhDODk0NkRDRDMxQ0M1ODhCRkVFNDcwNjRFMjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnjR9rMPUxhprcLf0I73bZ35Ct
Fm1ncchgJ+CslooW0R37RG2GbfZ6hXDPTPH5q9evYYRIY09Vw93SX9+z6/3Ce+Rb
rSBHoFrOGMrXe2PN8rD7C0xR+pqGAq7tKcsiXm4T0H1sZbZ8HauBX3QQmYifyj6r
RA2Cr4BrstF2g9xy20aLMLdesJAtdEOMeK+RtCl+g666a3jWvjLuyQKK3cw5SEh2
AqPLLUfj21VcIF7sxvosiYdI5vrCmjbjTgAV5L/1lb0B8Mj/uNthkwRPqAuSNiXt
Pd/MLTP7wJ+WfKzQbfA70zHLzJSH6RLPDUh/aB4UoCAS/EJkeQV4hIYW2C+RAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUei1jbbRnjIlG3NMcxYi/7kcGTiQwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMTM2MzIyZTMx
MzYzODJlMzAyZjMyMzMyZDMyMzMyMDNkM2UyMDM2MzAzNDM1Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG5oqgwDQYJKoZIhvcNAQELBQADggEBAC/1VsyBf+WuY0Hy1ewtDpYlLUuvyDqE
OyXy7F764cyzsxu7IT03BJFcpzXpdl9R9elRujCTh1HU2Zx1a2fxE/naoyNcsAyT
ASVGrTpmXQkRsG+rQucU0tzCbwkaGCFPUUKXZb9G+8db/BANrgTm/f+gw+aSNZ47
xS13ysYNecxEtJHgDg+ezqR+uo6C2s0B8Y6FZkNsD7pKp1aCo3aQWsRMXoJk45or
1sBq14HTyhsYAn2+mDjhbmhgAw4lr/cDj1ygJuLFiDNWPTAfJh5k8tCGU1B8V5V3
0FIlkyo/UiJ2FfmsF991oeZG6+mpJfv21oDZATrubbyUzicfu/th34A=
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:24:32 2025 by rpki-client