Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3234382e302f32342d3234203d3e2039323332.roa
File: 3138352e3231332e3234382e302f32342d3234203d3e2039323332.roa (raw, json)
Hash identifier: yrSC0birtnydpnbjo/rNrx0iogZg2oT/xPc762BHT94=
Subject key identifier: 49:AD:AC:F0:67:7E:1D:A7:7D:39:ED:E0:5F:C2:AA:6F:56:3E:BF:47
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 7CD8E33CBDCFDB3F57F61C2128DAF6FFCB20ECCF
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3234382e302f32342d3234203d3e2039323332.roa
Signing time: Fri 10 Jan 2025 14:56:32 +0000
ROA not before: Fri 10 Jan 2025 14:51:32 +0000
ROA not after: Fri 09 Jan 2026 14:56:32 +0000
asID: 9232
IP address blocks: 185.213.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:d8:e3:3c:bd:cf:db:3f:57:f6:1c:21:28:da:f6:ff:cb:20:ec:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Jan 10 14:51:32 2025 GMT
Not After : Jan 9 14:56:32 2026 GMT
Subject: CN=49ADACF0677E1DA77D39EDE05FC2AA6F563EBF47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d7:b8:99:7b:0c:58:38:20:26:c4:59:99:88:
9e:1c:ae:69:eb:05:4e:fe:c4:28:89:66:4c:aa:4d:
ce:c5:7e:b7:fc:82:a0:e0:ba:de:be:13:80:3f:0d:
d5:f4:0a:c4:01:47:04:b2:06:90:1b:da:87:ac:91:
0d:8c:c8:04:c8:a5:fa:34:4f:35:63:8c:86:e7:3a:
11:e7:02:f7:12:ff:14:8e:bf:04:a0:99:75:15:5a:
29:af:53:2a:49:c1:8e:c2:aa:c3:c7:75:6f:93:47:
03:53:39:27:2f:43:6e:d3:f3:f7:11:27:0a:58:66:
26:07:a1:7d:f8:be:e1:8e:2e:a5:59:16:5a:04:1e:
1c:8c:6d:92:44:68:4c:7c:e2:02:b4:16:a1:c0:17:
50:9c:5d:87:27:5d:05:f6:8e:3a:c6:ef:2d:13:9d:
ec:ca:4f:85:d7:c7:ff:92:6f:e1:0b:fd:5f:44:20:
6b:eb:f1:31:ac:31:41:f6:d9:86:f9:25:dc:d6:c5:
a1:6d:e8:1a:12:6d:03:6c:1b:68:dd:f2:24:3f:81:
b2:f9:2b:9d:2d:aa:19:46:0a:db:af:7d:9e:04:58:
46:f5:38:f5:bf:38:8b:bc:53:00:89:88:a0:89:8c:
63:0c:f6:d2:cd:96:dd:d8:a3:6f:4e:f9:91:21:8f:
c4:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:AD:AC:F0:67:7E:1D:A7:7D:39:ED:E0:5F:C2:AA:6F:56:3E:BF:47
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3234382e302f32342d3234203d3e2039323332.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.248.0/24
Signature Algorithm: sha256WithRSAEncryption
04:58:bf:04:84:6f:c1:08:c4:42:40:13:88:8e:cd:96:9c:0a:
50:36:df:36:bc:1c:88:69:de:0e:0e:9b:bb:8c:76:bd:14:da:
ad:8b:b2:96:44:1c:79:8c:a8:ad:43:e9:c0:ec:4b:78:81:d9:
a1:df:c2:16:83:d1:f2:ad:ff:f4:ca:02:78:17:fa:03:dc:6b:
41:33:9f:1e:ac:fd:15:25:23:7b:59:71:2c:34:3d:6f:15:94:
c1:ff:3f:47:ba:d2:3b:aa:76:5e:2a:d1:bb:aa:f7:a2:1a:f1:
59:5d:0b:cf:6e:dd:87:a1:e7:be:05:84:fe:a9:76:00:2f:83:
df:11:b0:96:d3:2d:ee:52:1f:e8:be:30:d6:5b:5a:3a:15:74:
dc:24:56:09:b3:9e:30:7d:9a:14:96:2a:fb:4b:f5:76:1e:a2:
5a:fa:d4:93:00:e6:44:a2:52:a0:6a:9c:03:ec:43:bb:a7:c3:
42:9a:c2:d6:38:68:0d:80:df:14:93:41:0d:ce:65:cf:75:13:
41:07:71:e0:65:6c:ff:85:5f:e2:ac:8e:f0:80:2e:9e:d6:d5:
29:97:cc:84:49:7f:70:09:fe:d4:d1:c8:54:91:21:98:52:40:
0a:bc:fc:05:f4:05:01:0a:d6:ac:d1:6b:0f:e3:28:b5:94:b6:
8b:10:90:b0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUfNjjPL3P2z9X9hwhKNr2/8sg7M8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNTAxMTAxNDUxMzJaFw0yNjAxMDkxNDU2MzJaMDMxMTAvBgNV
BAMTKDQ5QURBQ0YwNjc3RTFEQTc3RDM5RURFMDVGQzJBQTZGNTYzRUJGNDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCm17iZewxYOCAmxFmZiJ4crmnr
BU7+xCiJZkyqTc7Ffrf8gqDgut6+E4A/DdX0CsQBRwSyBpAb2oeskQ2MyATIpfo0
TzVjjIbnOhHnAvcS/xSOvwSgmXUVWimvUypJwY7CqsPHdW+TRwNTOScvQ27T8/cR
JwpYZiYHoX34vuGOLqVZFloEHhyMbZJEaEx84gK0FqHAF1CcXYcnXQX2jjrG7y0T
nezKT4XXx/+Sb+EL/V9EIGvr8TGsMUH22Yb5JdzWxaFt6BoSbQNsG2jd8iQ/gbL5
K50tqhlGCtuvfZ4EWEb1OPW/OIu8UwCJiKCJjGMM9tLNlt3Yo29O+ZEhj8T7AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUSa2s8Gd+Had9Oe3gX8Kqb1Y+v0cwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzODM1MmUzMjMxMzMyZTMy
MzQzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM5MzIzMzMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
udX4MA0GCSqGSIb3DQEBCwUAA4IBAQAEWL8EhG/BCMRCQBOIjs2WnApQNt82vByI
ad4ODpu7jHa9FNqti7KWRBx5jKitQ+nA7Et4gdmh38IWg9Hyrf/0ygJ4F/oD3GtB
M58erP0VJSN7WXEsND1vFZTB/z9HutI7qnZeKtG7qveiGvFZXQvPbt2Hoee+BYT+
qXYAL4PfEbCW0y3uUh/ovjDWW1o6FXTcJFYJs54wfZoUlir7S/V2HqJa+tSTAOZE
olKgapwD7EO7p8NCmsLWOGgNgN8Uk0ENzmXPdRNBB3HgZWz/hV/irI7wgC6e1tUp
l8yESX9wCf7U0chUkSGYUkAKvPwF9AUBCtas0WsP4yi1lLaLEJCw
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:49:53 2025 by rpki-client