Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3235302e302f32342d3234203d3e20323132323338.roa
File: 3138352e3231332e3235302e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: ygSJr7gJnzCgddZdASy6lFYbTZobnImgktqUZvda03k=
Subject key identifier: A7:3D:D9:A8:CB:80:B5:EA:7C:82:11:A5:48:7F:1A:EB:2E:EF:7D:B7
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 5F73FE10AE8E1ADB443DE4F6586125E91A9004FF
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3235302e302f32342d3234203d3e20323132323338.roa
Signing time: Thu 13 Feb 2025 10:41:52 +0000
ROA not before: Thu 13 Feb 2025 10:36:52 +0000
ROA not after: Thu 12 Feb 2026 10:41:52 +0000
asID: 212238
IP address blocks: 185.213.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:73:fe:10:ae:8e:1a:db:44:3d:e4:f6:58:61:25:e9:1a:90:04:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Feb 13 10:36:52 2025 GMT
Not After : Feb 12 10:41:52 2026 GMT
Subject: CN=A73DD9A8CB80B5EA7C8211A5487F1AEB2EEF7DB7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:32:37:48:d1:d9:ee:30:01:7e:62:45:d0:0c:
a0:2e:d1:4d:cb:e7:f6:8c:d9:e8:f0:78:fb:cc:80:
3c:11:d4:65:f0:f5:a1:f9:65:47:cb:ee:a6:31:fa:
6e:08:56:4d:45:84:56:31:df:18:84:40:e7:e8:48:
81:b3:a2:2c:78:17:4f:d1:ea:8b:3a:e7:95:05:b6:
4a:19:da:3b:8b:77:d0:f5:c3:ce:46:43:f1:91:a0:
d2:1b:cc:ea:d7:d4:2f:8d:68:dc:4b:a1:88:77:a4:
b0:24:33:0f:23:7c:67:0e:c9:ec:30:3c:ec:c6:e3:
35:3a:04:60:fb:75:29:71:18:32:68:df:6c:c4:ad:
61:90:99:8b:a9:1f:50:63:39:c5:fb:2c:98:ac:d5:
00:40:79:42:ea:c6:bf:93:e5:be:76:20:a5:f4:0e:
d3:2f:37:b7:d1:af:72:ca:98:4e:8c:75:9b:b2:0d:
79:5b:21:09:4a:1e:bf:80:de:bd:e3:40:1a:e2:ba:
ea:59:a2:6e:c6:33:fc:b0:60:09:f7:01:d1:29:50:
12:5d:6f:ea:04:94:af:22:26:e6:28:96:e0:1e:bb:
ee:d8:42:0e:64:2b:92:0e:78:87:6b:c7:e7:50:e4:
50:27:c8:0a:53:85:e9:d6:79:80:ab:a7:8e:ef:72:
10:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:3D:D9:A8:CB:80:B5:EA:7C:82:11:A5:48:7F:1A:EB:2E:EF:7D:B7
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3235302e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.250.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:86:81:ee:91:0c:c4:ec:c8:82:96:40:a2:6a:97:ca:0d:5f:
39:dc:cf:82:ef:07:fb:a4:80:95:ac:6e:8e:82:4a:a6:25:e8:
dd:ba:d2:56:be:fa:46:e1:93:b5:ff:9a:7e:80:90:37:10:da:
0f:6e:cf:67:d2:54:67:b4:a4:6a:5e:e7:56:dc:ab:e7:3b:86:
a8:1f:3d:27:0d:e9:9c:7f:0f:67:81:4c:9b:60:0f:46:43:71:
39:e7:29:56:f0:75:cd:34:b3:23:a9:7a:25:e2:67:a0:10:4a:
d6:55:49:7e:a1:16:4a:8b:98:df:47:da:ca:60:f1:6d:e5:70:
b5:cf:92:95:95:7f:b9:5a:a2:9f:94:af:ba:75:bd:97:77:68:
67:6e:14:b9:7c:3b:4d:76:b0:6b:38:f9:b4:5c:b2:3f:b2:a5:
3e:b2:07:53:2c:e8:d0:9a:09:78:95:ca:73:f5:dc:0e:1b:6b:
95:6b:11:8a:e2:c8:1a:bb:9f:b8:dc:7b:f0:a5:94:50:a1:d0:
68:8e:af:31:7e:cc:52:91:ff:03:f6:a4:54:03:48:fc:cb:5e:
c6:46:0a:4f:39:0d:94:06:11:8c:22:56:3a:92:20:d2:f9:b2:
8b:cd:a4:b8:13:ed:06:24:10:88:4c:60:60:49:8c:da:ad:66:
3b:49:da:0d
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUX3P+EK6OGttEPeT2WGEl6RqQBP8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNTAyMTMxMDM2NTJaFw0yNjAyMTIxMDQxNTJaMDMxMTAvBgNV
BAMTKEE3M0REOUE4Q0I4MEI1RUE3QzgyMTFBNTQ4N0YxQUVCMkVFRjdEQjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaMjdI0dnuMAF+YkXQDKAu0U3L
5/aM2ejwePvMgDwR1GXw9aH5ZUfL7qYx+m4IVk1FhFYx3xiEQOfoSIGzoix4F0/R
6os655UFtkoZ2juLd9D1w85GQ/GRoNIbzOrX1C+NaNxLoYh3pLAkMw8jfGcOyeww
POzG4zU6BGD7dSlxGDJo32zErWGQmYupH1BjOcX7LJis1QBAeULqxr+T5b52IKX0
DtMvN7fRr3LKmE6MdZuyDXlbIQlKHr+A3r3jQBriuupZom7GM/ywYAn3AdEpUBJd
b+oElK8iJuYoluAeu+7YQg5kK5IOeIdrx+dQ5FAnyApThenWeYCrp47vchAJAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUpz3ZqMuAtep8ghGlSH8a6y7vfbcwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzODM1MmUzMjMxMzMyZTMy
MzUzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMyMzMzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnV+jANBgkqhkiG9w0BAQsFAAOCAQEAGoaB7pEMxOzIgpZAomqXyg1fOdzP
gu8H+6SAlaxujoJKpiXo3brSVr76RuGTtf+afoCQNxDaD27PZ9JUZ7Skal7nVtyr
5zuGqB89Jw3pnH8PZ4FMm2APRkNxOecpVvB1zTSzI6l6JeJnoBBK1lVJfqEWSouY
30faymDxbeVwtc+SlZV/uVqin5SvunW9l3doZ24UuXw7TXawazj5tFyyP7KlPrIH
Uyzo0JoJeJXKc/XcDhtrlWsRiuLIGrufuNx78KWUUKHQaI6vMX7MUpH/A/akVANI
/MtexkYKTzkNlAYRjCJWOpIg0vmyi82kuBPtBiQQiExgYEmM2q1mO0naDQ==
-----END CERTIFICATE-----
Generated at Sat Apr 12 07:53:44 2025 by rpki-client