Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3232362e3135352e302f32342d3234203d3e203634323637.roa
File: 3138352e3232362e3135352e302f32342d3234203d3e203634323637.roa (raw, json)
Hash identifier: BphaL/Q+MmU9qXxX06J/d3Yz3MPwKV/7sGiY2uy2MYY=
Subject key identifier: 45:F1:B1:61:94:D1:29:D3:7D:BA:D3:6F:BF:F0:96:DF:79:60:01:AC
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 7815C3DDDE357279CE89D03AF18CC26E38042F1C
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3232362e3135352e302f32342d3234203d3e203634323637.roa
Signing time: Mon 17 Feb 2025 07:53:55 +0000
ROA not before: Mon 17 Feb 2025 07:48:55 +0000
ROA not after: Mon 16 Feb 2026 07:53:55 +0000
asID: 64267
IP address blocks: 185.226.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:15:c3:dd:de:35:72:79:ce:89:d0:3a:f1:8c:c2:6e:38:04:2f:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Feb 17 07:48:55 2025 GMT
Not After : Feb 16 07:53:55 2026 GMT
Subject: CN=45F1B16194D129D37DBAD36FBFF096DF796001AC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:28:c8:16:b6:43:6c:30:b3:dc:cf:3b:fc:fd:
27:16:79:85:9d:21:c0:94:2f:9b:a9:cf:f4:e9:39:
17:4f:aa:4a:e4:76:32:3d:3e:3c:97:28:36:b9:31:
40:c5:a0:bf:f7:8d:e8:11:24:ea:0d:e2:2a:0e:e7:
01:1e:f7:f3:b0:96:cb:37:23:4a:06:75:a8:fb:a6:
3e:cc:7c:95:07:c2:b2:e6:4a:8f:0e:52:13:31:33:
c5:44:84:0f:55:ee:43:74:11:26:09:eb:7a:e8:5b:
5e:43:27:67:14:a6:33:d6:a9:e1:50:97:86:0f:51:
ef:73:e3:b7:a1:22:12:0d:0f:23:4e:6b:8f:ea:05:
97:13:7c:fe:a5:da:1c:42:0e:7a:da:43:02:56:b3:
c4:c7:b7:9f:1b:61:7b:3d:c6:a9:ba:24:ed:14:c2:
68:05:30:5e:f6:24:8f:a8:3f:e9:db:d4:ba:8e:49:
95:4d:cd:ae:39:54:72:5d:f4:4c:12:88:5f:4f:0a:
14:fc:bd:e7:17:97:20:c2:de:11:f5:33:ed:49:1e:
3a:1a:38:09:13:b8:97:a8:1d:bf:a2:11:fc:bd:a5:
ff:0e:a4:5c:6d:4d:06:8d:d7:1e:d5:4d:d5:4b:2b:
ad:90:63:c9:2b:4b:59:39:d7:34:45:56:ca:a1:2e:
c2:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:F1:B1:61:94:D1:29:D3:7D:BA:D3:6F:BF:F0:96:DF:79:60:01:AC
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3232362e3135352e302f32342d3234203d3e203634323637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.155.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:7d:49:66:6a:46:48:fc:12:c6:90:90:08:3f:6f:58:97:e0:
d7:6b:e8:f6:bc:3c:e6:af:92:f6:59:cf:11:a1:eb:be:fc:d0:
b5:9f:43:0b:73:21:d9:55:b8:3c:49:59:a7:7d:f5:f7:b2:90:
f8:75:6e:17:98:50:c5:67:2e:13:26:f5:2c:08:d9:6c:4b:b0:
fd:e5:07:49:7b:39:89:bd:bd:2b:bd:55:af:d8:b5:83:12:9a:
bc:f4:10:3e:ed:00:3e:9b:9a:55:89:f1:b7:26:33:fa:ea:26:
0e:a9:15:70:45:89:9b:15:1b:21:4b:96:19:81:42:89:a7:d7:
f7:bb:2e:fb:3d:19:6e:a1:02:f5:b3:19:f3:ea:4e:8b:e1:af:
0b:32:e2:57:60:49:0b:1c:21:34:17:8c:fc:73:06:9d:02:53:
30:5e:29:3e:8d:39:87:34:f1:48:a7:b3:40:4e:5f:7a:db:a0:
2d:ae:35:a1:41:7e:91:44:6b:e4:ab:e1:41:e9:1c:68:0c:11:
e9:d2:2e:09:f4:ee:6e:02:27:fa:94:45:32:2c:82:92:7c:52:
e9:f3:6b:db:d7:d8:68:3e:b8:a8:9c:68:35:31:9e:6d:d4:f6:
02:d5:fa:1d:a8:a4:1f:70:dd:56:48:b4:00:91:a7:8c:11:12:
93:e0:6a:33
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUeBXD3d41cnnOidA68YzCbjgELxwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNTAyMTcwNzQ4NTVaFw0yNjAyMTYwNzUzNTVaMDMxMTAvBgNV
BAMTKDQ1RjFCMTYxOTREMTI5RDM3REJBRDM2RkJGRjA5NkRGNzk2MDAxQUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXKMgWtkNsMLPczzv8/ScWeYWd
IcCUL5upz/TpORdPqkrkdjI9PjyXKDa5MUDFoL/3jegRJOoN4ioO5wEe9/Owlss3
I0oGdaj7pj7MfJUHwrLmSo8OUhMxM8VEhA9V7kN0ESYJ63roW15DJ2cUpjPWqeFQ
l4YPUe9z47ehIhINDyNOa4/qBZcTfP6l2hxCDnraQwJWs8THt58bYXs9xqm6JO0U
wmgFMF72JI+oP+nb1LqOSZVNza45VHJd9EwSiF9PChT8vecXlyDC3hH1M+1JHjoa
OAkTuJeoHb+iEfy9pf8OpFxtTQaN1x7VTdVLK62QY8krS1k51zRFVsqhLsJNAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQURfGxYZTRKdN9utNvv/CW33lgAawwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMjMyMzYyZTMx
MzUzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzQzMjM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC54pswDQYJKoZIhvcNAQELBQADggEBAMF9SWZqRkj8EsaQkAg/b1iX4Ndr6Pa8
POavkvZZzxGh67780LWfQwtzIdlVuDxJWad99feykPh1bheYUMVnLhMm9SwI2WxL
sP3lB0l7OYm9vSu9Va/YtYMSmrz0ED7tAD6bmlWJ8bcmM/rqJg6pFXBFiZsVGyFL
lhmBQomn1/e7Lvs9GW6hAvWzGfPqTovhrwsy4ldgSQscITQXjPxzBp0CUzBeKT6N
OYc08Uins0BOX3rboC2uNaFBfpFEa+Sr4UHpHGgMEenSLgn07m4CJ/qURTIsgpJ8
Uunza9vX2Gg+uKicaDUxnm3U9gLV+h2opB9w3VZItACRp4wREpPgajM=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:53:17 2025 by rpki-client