Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3235302e302f32342d3234203d3e20323135323837.roa
File: 3138352e3231332e3235302e302f32342d3234203d3e20323135323837.roa (raw, json)
Hash identifier: OuMYxXICssNOZJDRGMEnGTcFO5vZgXdH+8Ld5wKU7zA=
Subject key identifier: C3:D4:6E:78:41:E3:C4:14:E1:00:21:F2:27:41:34:C0:88:C5:AD:72
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 07E3D73FBAEE290E96075B11896752E5D79DE7FA
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3235302e302f32342d3234203d3e20323135323837.roa
Signing time: Sat 11 Jan 2025 15:25:37 +0000
ROA not before: Sat 11 Jan 2025 15:20:37 +0000
ROA not after: Sat 10 Jan 2026 15:25:37 +0000
asID: 215287
IP address blocks: 185.213.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:e3:d7:3f:ba:ee:29:0e:96:07:5b:11:89:67:52:e5:d7:9d:e7:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Jan 11 15:20:37 2025 GMT
Not After : Jan 10 15:25:37 2026 GMT
Subject: CN=C3D46E7841E3C414E10021F2274134C088C5AD72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:10:b5:59:e4:b9:09:d4:a8:7b:ee:a2:22:5c:
ad:83:68:59:6d:c1:58:b1:3b:00:97:2c:ff:ca:30:
0b:9e:f8:8f:77:43:3b:ee:dc:4c:3b:3b:4e:ab:e3:
dc:f1:60:55:03:2a:02:44:0c:15:17:d4:d6:48:93:
ed:1e:92:d3:f4:c8:3b:cb:9e:2d:85:54:7f:d6:06:
6e:01:ce:04:9f:81:2a:06:c4:fe:09:2c:9f:ff:7d:
92:da:b8:a8:ec:72:24:65:28:fc:ce:5e:e2:33:cb:
10:0b:be:07:16:ea:aa:79:7a:54:56:9c:6d:c8:84:
9b:25:91:de:d8:67:a8:12:5f:5b:4d:60:2d:4b:49:
2b:6b:93:d2:d3:44:44:41:18:6b:64:cb:f3:59:f0:
5d:40:93:a3:fd:06:69:be:99:d7:81:f6:12:40:00:
b4:1b:22:0c:d8:b0:14:12:6c:b8:39:81:4e:ca:7b:
15:7a:29:96:73:87:74:cf:f8:c1:b8:ed:08:e7:ea:
9f:f1:69:9a:51:66:a8:bd:ee:96:7a:f0:d1:56:da:
21:29:db:d2:6b:94:52:2a:0c:b3:24:37:be:53:17:
e1:8d:27:55:91:fe:52:77:dd:5d:d0:a8:c6:70:67:
9a:c5:29:dd:42:16:28:47:23:71:17:05:c0:c9:46:
f8:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:D4:6E:78:41:E3:C4:14:E1:00:21:F2:27:41:34:C0:88:C5:AD:72
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3235302e302f32342d3234203d3e20323135323837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.250.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:74:aa:77:6b:00:77:90:c2:ae:13:bf:48:be:ff:49:57:4c:
2b:2d:35:e8:04:20:5a:6b:d3:37:38:9b:13:2b:bd:b9:45:c5:
ee:42:12:19:bd:cf:51:9e:18:f9:08:fc:a0:db:00:80:43:2a:
52:f6:67:63:0d:8e:db:01:80:dd:0a:b6:c9:d7:3e:f0:ac:59:
fa:a7:fa:4b:ca:71:43:e5:5a:04:d2:45:c6:84:e4:e3:16:98:
ef:c4:e4:06:45:7f:d1:b3:22:5d:a3:b7:93:e8:2a:4e:ed:df:
d9:a9:59:6e:2c:db:60:ee:3f:f5:c3:5d:21:b8:91:68:04:43:
2c:62:b5:ab:b8:a1:29:2f:25:33:55:29:84:4a:4b:78:8e:82:
09:88:cf:15:b5:ba:4c:13:b2:f9:82:6c:77:f7:c2:4d:ce:5c:
35:36:20:ba:54:08:29:f4:59:c1:16:dd:1b:f3:b8:66:6f:ab:
c3:fc:a8:4e:e0:ab:b4:39:c3:2e:06:df:5c:5f:e5:f2:51:0b:
3a:0f:b0:ba:1d:e4:01:cc:12:66:eb:6c:b8:2d:49:ff:5c:a0:
cb:f5:23:b2:01:64:73:7c:2a:f3:4f:8c:5d:2d:cd:24:0c:62:
6e:8b:e5:ae:ff:27:12:f8:1f:3b:4f:a3:9a:90:f2:9f:58:ed:
92:d6:b9:89
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUB+PXP7ruKQ6WB1sRiWdS5ded5/owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNTAxMTExNTIwMzdaFw0yNjAxMTAxNTI1MzdaMDMxMTAvBgNV
BAMTKEMzRDQ2RTc4NDFFM0M0MTRFMTAwMjFGMjI3NDEzNEMwODhDNUFENzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDELVZ5LkJ1Kh77qIiXK2DaFlt
wVixOwCXLP/KMAue+I93Qzvu3Ew7O06r49zxYFUDKgJEDBUX1NZIk+0ektP0yDvL
ni2FVH/WBm4BzgSfgSoGxP4JLJ//fZLauKjsciRlKPzOXuIzyxALvgcW6qp5elRW
nG3IhJslkd7YZ6gSX1tNYC1LSStrk9LTRERBGGtky/NZ8F1Ak6P9Bmm+mdeB9hJA
ALQbIgzYsBQSbLg5gU7KexV6KZZzh3TP+MG47Qjn6p/xaZpRZqi97pZ68NFW2iEp
29JrlFIqDLMkN75TF+GNJ1WR/lJ33V3QqMZwZ5rFKd1CFihHI3EXBcDJRvjHAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUw9RueEHjxBThACHyJ0E0wIjFrXIwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzODM1MmUzMjMxMzMyZTMy
MzUzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNTMyMzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnV+jANBgkqhkiG9w0BAQsFAAOCAQEAnXSqd2sAd5DCrhO/SL7/SVdMKy01
6AQgWmvTNzibEyu9uUXF7kISGb3PUZ4Y+Qj8oNsAgEMqUvZnYw2O2wGA3Qq2ydc+
8KxZ+qf6S8pxQ+VaBNJFxoTk4xaY78TkBkV/0bMiXaO3k+gqTu3f2alZbizbYO4/
9cNdIbiRaARDLGK1q7ihKS8lM1UphEpLeI6CCYjPFbW6TBOy+YJsd/fCTc5cNTYg
ulQIKfRZwRbdG/O4Zm+rw/yoTuCrtDnDLgbfXF/l8lELOg+wuh3kAcwSZutsuC1J
/1ygy/UjsgFkc3wq80+MXS3NJAxibovlrv8nEvgfO0+jmpDyn1jtkta5iQ==
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:55:31 2025 by rpki-client