Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3234392e302f32342d3234203d3e20343030393039.roa
File: 3138352e3231332e3234392e302f32342d3234203d3e20343030393039.roa (raw, json)
Hash identifier: 4O3foUV7f18NUYJQaeBYgK+aW1lr+7o+ea8CcQjVzCw=
Subject key identifier: B5:93:D7:71:1E:F3:AD:11:8C:07:AC:3F:87:1E:03:70:D2:1E:13:CA
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 73ACC5AA7E7F26487CFCCFED46268B954383F5FC
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3234392e302f32342d3234203d3e20343030393039.roa
Signing time: Sat 15 Mar 2025 07:12:49 +0000
ROA not before: Sat 15 Mar 2025 07:07:49 +0000
ROA not after: Sat 14 Mar 2026 07:12:49 +0000
asID: 400909
IP address blocks: 185.213.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:ac:c5:aa:7e:7f:26:48:7c:fc:cf:ed:46:26:8b:95:43:83:f5:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Mar 15 07:07:49 2025 GMT
Not After : Mar 14 07:12:49 2026 GMT
Subject: CN=B593D7711EF3AD118C07AC3F871E0370D21E13CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:99:4c:48:04:f7:77:9c:60:8d:8c:a0:f4:45:
53:c4:3c:ac:ec:31:13:c6:f1:e6:33:a9:e1:75:3f:
2c:6c:73:c1:cc:ae:30:bf:8f:0f:42:cc:61:2a:fe:
f5:1f:3f:f4:2c:56:5f:d1:94:78:0e:7a:32:7c:02:
74:e4:3c:67:1c:d8:82:08:a6:a7:04:ef:e9:d0:7f:
d6:34:73:74:65:e0:7e:7b:0c:d1:59:af:93:7e:71:
9b:b3:a3:e1:80:f1:b5:ee:6a:6a:89:26:da:be:d4:
bc:86:58:3a:3c:96:32:d5:ae:ab:bc:b0:6e:b0:02:
37:42:ae:3c:fd:91:20:d4:fd:62:71:16:66:46:c0:
f7:cf:51:e8:5f:5f:af:1e:76:6b:e9:c5:31:dd:53:
07:56:98:42:71:3e:4f:cc:56:9c:1a:d8:23:1c:45:
69:f9:2f:5f:5e:d5:08:ec:8b:77:7b:c0:9d:29:01:
76:aa:b2:71:69:82:3e:e7:b2:5a:b4:fd:28:a3:b6:
70:aa:f1:89:0a:89:10:9e:d1:c3:bf:77:3c:b6:36:
98:73:50:6d:46:6b:68:66:a1:6e:d8:d6:ca:2c:56:
af:a6:6f:69:93:7e:4d:94:cf:4f:d8:fb:0b:c6:e5:
5c:b5:f3:1e:12:a3:96:06:6e:67:b3:95:28:f2:37:
7c:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:93:D7:71:1E:F3:AD:11:8C:07:AC:3F:87:1E:03:70:D2:1E:13:CA
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3234392e302f32342d3234203d3e20343030393039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.249.0/24
Signature Algorithm: sha256WithRSAEncryption
59:b6:b6:a8:e1:66:b5:13:c6:5b:c7:6a:58:2c:d2:09:32:b7:
33:b3:e3:4a:61:fe:49:c5:ff:69:02:9a:d2:fd:c2:17:6e:16:
89:c1:22:eb:ed:b1:28:2d:28:fc:14:60:ee:ee:1e:03:80:16:
e9:d1:20:f1:64:6e:df:10:12:df:3b:8f:95:21:25:94:75:c3:
e5:97:5d:e2:51:ad:df:0e:e4:07:fa:53:89:d2:d9:7e:83:9e:
cc:94:8c:1b:92:ee:3a:d5:e0:ec:5f:fd:c1:1e:a1:72:7b:09:
4b:2a:43:83:ba:ee:39:45:ff:fa:23:ec:16:14:f0:4b:23:b9:
0b:1f:0d:01:bf:6d:79:1d:8a:7e:e7:76:33:72:49:12:39:86:
4c:9a:27:b1:84:0d:85:ea:eb:a1:5e:12:01:c7:77:29:c5:2d:
fb:5f:1b:61:24:fd:d5:0b:35:86:7a:1b:17:0b:03:24:9e:9f:
9f:6c:2e:c2:14:a2:ff:c5:6f:68:51:d6:a0:63:7e:a8:4c:22:
b5:a5:e6:23:17:da:87:78:b1:85:8f:e1:ac:00:3a:e0:24:68:
f5:cf:64:20:b0:be:b4:3c:a4:ea:60:e2:88:56:f1:2b:99:b6:
a7:92:79:46:a8:dc:87:6b:e8:d4:b0:3f:6f:5d:24:68:4c:73:
e2:0c:95:ea
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUc6zFqn5/Jkh8/M/tRiaLlUOD9fwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNTAzMTUwNzA3NDlaFw0yNjAzMTQwNzEyNDlaMDMxMTAvBgNV
BAMTKEI1OTNENzcxMUVGM0FEMTE4QzA3QUMzRjg3MUUwMzcwRDIxRTEzQ0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtmUxIBPd3nGCNjKD0RVPEPKzs
MRPG8eYzqeF1Pyxsc8HMrjC/jw9CzGEq/vUfP/QsVl/RlHgOejJ8AnTkPGcc2III
pqcE7+nQf9Y0c3Rl4H57DNFZr5N+cZuzo+GA8bXuamqJJtq+1LyGWDo8ljLVrqu8
sG6wAjdCrjz9kSDU/WJxFmZGwPfPUehfX68edmvpxTHdUwdWmEJxPk/MVpwa2CMc
RWn5L19e1Qjsi3d7wJ0pAXaqsnFpgj7nslq0/SijtnCq8YkKiRCe0cO/dzy2Nphz
UG1Ga2hmoW7Y1sosVq+mb2mTfk2Uz0/Y+wvG5Vy18x4So5YGbmezlSjyN3zZAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUtZPXcR7zrRGMB6w/hx4DcNIeE8owHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzODM1MmUzMjMxMzMyZTMy
MzQzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzAzMDM5MzAzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnV+TANBgkqhkiG9w0BAQsFAAOCAQEAWba2qOFmtRPGW8dqWCzSCTK3M7Pj
SmH+ScX/aQKa0v3CF24WicEi6+2xKC0o/BRg7u4eA4AW6dEg8WRu3xAS3zuPlSEl
lHXD5Zdd4lGt3w7kB/pTidLZfoOezJSMG5LuOtXg7F/9wR6hcnsJSypDg7ruOUX/
+iPsFhTwSyO5Cx8NAb9teR2Kfud2M3JJEjmGTJonsYQNherroV4SAcd3KcUt+18b
YST91Qs1hnobFwsDJJ6fn2wuwhSi/8VvaFHWoGN+qEwitaXmIxfah3ixhY/hrAA6
4CRo9c9kILC+tDyk6mDiiFbxK5m2p5J5Rqjch2vo1LA/b10kaExz4gyV6g==
-----END CERTIFICATE-----
Generated at Fri Apr 18 16:02:30 2025 by rpki-client