Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e33372e3232382e302f32332d3233203d3e203630343538.roa
File: 3138352e33372e3232382e302f32332d3233203d3e203630343538.roa (raw, json)
Hash identifier: vZ0xeNj44WIw/+zpqjsYVz/OQXDqqT3PO1sgTbLjyjI=
Subject key identifier: 07:EF:2E:49:77:4D:74:07:3F:FB:A3:40:F1:79:68:55:D8:84:12:97
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 1DB5C7C522032A95C40C467F64282C53BDDA1CE0
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e33372e3232382e302f32332d3233203d3e203630343538.roa
Signing time: Mon 05 May 2025 06:54:06 +0000
ROA not before: Mon 05 May 2025 06:49:06 +0000
ROA not after: Mon 04 May 2026 06:54:06 +0000
asID: 60458
IP address blocks: 185.37.228.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:b5:c7:c5:22:03:2a:95:c4:0c:46:7f:64:28:2c:53:bd:da:1c:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: May 5 06:49:06 2025 GMT
Not After : May 4 06:54:06 2026 GMT
Subject: CN=07EF2E49774D74073FFBA340F1796855D8841297
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:7d:c5:b3:09:2f:49:8b:7f:32:cb:71:a3:8d:
85:97:d1:be:ae:5c:ba:69:51:22:6e:71:ce:1b:03:
a5:f3:5c:d6:9a:40:66:7a:1b:bf:40:fa:55:97:a6:
1c:c2:e2:ff:28:55:62:06:f4:f1:43:c1:b1:9e:cc:
50:33:e8:04:ed:af:4a:2b:08:cd:39:c4:07:5f:a9:
00:3e:7e:af:81:79:e7:f5:7b:4e:0a:c4:b8:e0:e1:
49:cb:47:78:18:11:94:09:31:ea:dd:04:ad:77:18:
a5:a6:6c:1a:b8:98:4b:01:7f:ab:03:a4:00:69:96:
e1:5b:75:48:24:8b:76:ca:66:d2:ca:f0:df:66:ff:
c4:d3:7b:2e:e1:f1:9d:28:90:eb:48:34:63:fa:fa:
c8:7e:a3:ad:5f:cf:82:1e:a5:e2:59:d6:45:19:e0:
33:83:b1:d1:e1:1c:46:8f:2a:f0:6a:68:56:11:3b:
19:f8:c1:d2:07:de:4e:78:c2:58:46:52:03:70:b6:
87:ca:51:d1:20:09:58:56:f7:c0:aa:82:04:fd:1b:
3c:34:19:5a:58:9f:b9:4e:6f:b5:21:db:a0:5c:7c:
4e:fe:f6:e6:93:f5:37:ec:7a:46:e1:46:6f:76:c0:
d8:34:8a:b5:52:9c:d8:e0:88:9b:c3:e7:a2:dc:a3:
56:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:EF:2E:49:77:4D:74:07:3F:FB:A3:40:F1:79:68:55:D8:84:12:97
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e33372e3232382e302f32332d3233203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.228.0/23
Signature Algorithm: sha256WithRSAEncryption
81:69:89:d5:96:c3:7a:fc:92:83:44:db:7b:2f:cf:17:51:a9:
01:5d:79:85:57:dc:cc:c1:84:c6:45:7c:da:aa:14:c2:f3:a6:
db:df:10:3e:b0:a3:02:3c:2b:6f:ac:d1:ba:db:4c:fa:25:ad:
40:03:7d:13:09:05:9f:86:c1:90:b3:02:53:01:95:7f:ce:30:
ff:c9:09:24:e4:fc:39:bd:92:d5:3f:43:7d:64:98:7e:65:b6:
1e:87:3e:34:9e:72:32:6d:f9:98:6c:30:15:f5:d6:e5:bd:0e:
05:ff:d7:13:66:3d:b8:90:70:3c:01:b8:fd:3b:1c:48:32:5f:
28:20:52:33:dc:a5:e6:44:df:94:a2:94:6c:cc:5c:27:3f:be:
f7:b1:3d:50:4f:20:cd:0a:f9:c5:6c:cc:d3:ec:93:ed:77:2f:
a2:30:cb:0f:8b:1d:f1:9d:9d:0c:e7:7d:f1:80:17:bf:20:ea:
10:74:7d:96:fc:42:46:4a:e9:a2:9e:9c:81:5e:80:2a:9c:db:
8e:3c:ad:42:8a:92:7e:14:19:58:3d:ac:09:b3:9b:16:b7:79:
fd:76:4d:23:60:42:a8:7e:93:ed:b0:25:2b:1c:65:e8:91:d4:
b6:8a:db:c2:58:74:b1:a2:af:0c:16:da:93:5c:2f:b6:1a:1b:
b1:c5:81:72
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUHbXHxSIDKpXEDEZ/ZCgsU73aHOAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNTA1MDUwNjQ5MDZaFw0yNjA1MDQwNjU0MDZaMDMxMTAvBgNV
BAMTKDA3RUYyRTQ5Nzc0RDc0MDczRkZCQTM0MEYxNzk2ODU1RDg4NDEyOTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCfcWzCS9Ji38yy3GjjYWX0b6u
XLppUSJucc4bA6XzXNaaQGZ6G79A+lWXphzC4v8oVWIG9PFDwbGezFAz6ATtr0or
CM05xAdfqQA+fq+Beef1e04KxLjg4UnLR3gYEZQJMerdBK13GKWmbBq4mEsBf6sD
pABpluFbdUgki3bKZtLK8N9m/8TTey7h8Z0okOtINGP6+sh+o61fz4IepeJZ1kUZ
4DODsdHhHEaPKvBqaFYROxn4wdIH3k54wlhGUgNwtofKUdEgCVhW98CqggT9Gzw0
GVpYn7lOb7Uh26BcfE7+9uaT9TfsekbhRm92wNg0irVSnNjgiJvD56Lco1aZAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUB+8uSXdNdAc/+6NA8XloVdiEEpcwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMzM3MmUzMjMy
MzgyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzNjMwMzQzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
uSXkMA0GCSqGSIb3DQEBCwUAA4IBAQCBaYnVlsN6/JKDRNt7L88XUakBXXmFV9zM
wYTGRXzaqhTC86bb3xA+sKMCPCtvrNG620z6Ja1AA30TCQWfhsGQswJTAZV/zjD/
yQkk5Pw5vZLVP0N9ZJh+ZbYehz40nnIybfmYbDAV9dblvQ4F/9cTZj24kHA8Abj9
OxxIMl8oIFIz3KXmRN+UopRszFwnP773sT1QTyDNCvnFbMzT7JPtdy+iMMsPix3x
nZ0M533xgBe/IOoQdH2W/EJGSuminpyBXoAqnNuOPK1CipJ+FBlYPawJs5sWt3n9
dk0jYEKofpPtsCUrHGXokdS2itvCWHSxoq8MFtqTXC+2GhuxxYFy
-----END CERTIFICATE-----
Generated at Sat Jun 7 17:08:31 2025 by rpki-client