Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3235312e302f32342d3234203d3e203233343730.roa
File: 3138352e3231332e3235312e302f32342d3234203d3e203233343730.roa (raw, json)
Hash identifier: AH3oeu7z77VRsoVVR4srUimECF5mJwhXNeKuseb6qFA=
Subject key identifier: 94:40:DF:DD:08:32:B7:5D:DF:2B:D2:56:4A:ED:8F:A4:DE:FA:0B:90
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 2587C0F7E1CFF1EDBB9A22858D9B6B60A0A30A9D
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3235312e302f32342d3234203d3e203233343730.roa
Signing time: Sat 11 Jan 2025 14:56:19 +0000
ROA not before: Sat 11 Jan 2025 14:51:19 +0000
ROA not after: Sat 10 Jan 2026 14:56:19 +0000
asID: 23470
IP address blocks: 185.213.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:87:c0:f7:e1:cf:f1:ed:bb:9a:22:85:8d:9b:6b:60:a0:a3:0a:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Jan 11 14:51:19 2025 GMT
Not After : Jan 10 14:56:19 2026 GMT
Subject: CN=9440DFDD0832B75DDF2BD2564AED8FA4DEFA0B90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:54:1d:c9:b5:5d:ce:03:4a:ed:dd:0a:af:5c:
10:09:3d:65:1e:25:a0:24:98:48:95:37:ce:a5:cd:
2d:37:c0:47:5b:dc:48:4d:f0:25:e2:3c:0c:82:ec:
35:c9:3f:b4:b7:2a:16:23:52:d0:b4:e3:c4:9c:b8:
3f:c3:ba:28:37:53:1f:ff:a3:c1:79:fa:65:90:65:
b8:98:50:0f:f3:0b:90:23:ab:47:c9:89:34:58:59:
ed:dd:d8:d1:ca:71:e0:b0:5b:e9:a3:21:7b:07:51:
f6:8a:24:db:36:d2:86:fb:b5:1b:16:1f:82:13:7c:
58:67:85:97:79:23:c0:c4:ba:0f:31:05:48:c5:bf:
4b:42:5a:12:fb:4e:12:0e:46:3a:3c:ad:f9:09:ab:
e9:71:c2:e4:aa:68:49:fe:9a:46:22:7f:31:13:a5:
0e:72:84:1d:68:6b:eb:52:e0:0a:80:b1:5e:cf:84:
22:46:b4:b7:7d:89:ba:2a:33:ec:07:bd:4f:91:13:
fe:3b:36:8f:64:15:3e:ed:98:41:e5:0d:29:94:11:
8e:c4:af:98:f1:eb:dc:aa:c9:cf:94:2f:48:5d:94:
d6:6b:65:33:1c:9e:4b:34:9d:bc:15:d4:97:e8:9c:
60:b5:13:64:51:6e:18:6d:2c:b4:c6:e4:4f:69:4b:
d0:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:40:DF:DD:08:32:B7:5D:DF:2B:D2:56:4A:ED:8F:A4:DE:FA:0B:90
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3235312e302f32342d3234203d3e203233343730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.251.0/24
Signature Algorithm: sha256WithRSAEncryption
48:79:8b:c4:3b:02:b5:0c:3b:56:b0:bc:77:a4:38:88:64:14:
db:74:b0:1f:57:36:61:4e:46:12:9a:07:43:29:f0:a4:27:88:
f5:0a:c7:44:89:26:e9:78:55:c7:37:fc:6a:86:00:15:e0:e8:
07:18:eb:5c:d5:ad:e3:db:78:88:e1:ff:c6:0e:f8:2b:17:b0:
bf:ee:40:b8:ae:e3:2b:82:14:1a:44:20:f7:d4:b5:5b:21:0e:
10:90:e5:f4:53:fc:a5:43:3d:ad:d8:0e:cd:74:b2:27:b1:d4:
5c:12:d0:c7:df:e3:bb:ac:2e:47:ed:e1:16:14:4a:d2:23:1e:
12:6e:c0:4c:31:b6:49:71:b0:cb:1b:d1:43:68:d4:63:77:ea:
38:48:1a:1c:16:78:81:66:3b:00:a9:c6:cc:2c:88:80:95:2d:
c7:65:53:de:09:fb:ee:99:49:b8:07:9f:f2:b5:8d:9e:95:88:
fc:e7:fd:44:ae:72:c8:ac:d1:01:7c:56:80:f0:da:06:3f:f2:
01:96:63:69:49:bf:e0:5c:4e:26:36:81:33:78:4f:eb:64:e9:
37:02:3b:62:da:9b:47:65:be:6d:eb:c1:7a:30:a0:f4:4c:90:
d9:30:da:50:5b:e5:5a:e3:94:12:a5:a0:37:27:36:33:5f:6b:
92:c2:f5:a8
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJYfA9+HP8e27miKFjZtrYKCjCp0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNTAxMTExNDUxMTlaFw0yNjAxMTAxNDU2MTlaMDMxMTAvBgNV
BAMTKDk0NDBERkREMDgzMkI3NURERjJCRDI1NjRBRUQ4RkE0REVGQTBCOTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCSVB3JtV3OA0rt3QqvXBAJPWUe
JaAkmEiVN86lzS03wEdb3EhN8CXiPAyC7DXJP7S3KhYjUtC048ScuD/Duig3Ux//
o8F5+mWQZbiYUA/zC5Ajq0fJiTRYWe3d2NHKceCwW+mjIXsHUfaKJNs20ob7tRsW
H4ITfFhnhZd5I8DEug8xBUjFv0tCWhL7ThIORjo8rfkJq+lxwuSqaEn+mkYifzET
pQ5yhB1oa+tS4AqAsV7PhCJGtLd9iboqM+wHvU+RE/47No9kFT7tmEHlDSmUEY7E
r5jx69yqyc+UL0hdlNZrZTMcnks0nbwV1JfonGC1E2RRbhhtLLTG5E9pS9ATAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUlEDf3Qgyt13fK9JWSu2PpN76C5AwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzODM1MmUzMjMxMzMyZTMy
MzUzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzMzNDM3MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC51fswDQYJKoZIhvcNAQELBQADggEBAEh5i8Q7ArUMO1awvHekOIhkFNt0sB9X
NmFORhKaB0Mp8KQniPUKx0SJJul4Vcc3/GqGABXg6AcY61zVrePbeIjh/8YO+CsX
sL/uQLiu4yuCFBpEIPfUtVshDhCQ5fRT/KVDPa3YDs10siex1FwS0Mff47usLkft
4RYUStIjHhJuwEwxtklxsMsb0UNo1GN36jhIGhwWeIFmOwCpxswsiICVLcdlU94J
++6ZSbgHn/K1jZ6ViPzn/USucsis0QF8VoDw2gY/8gGWY2lJv+BcTiY2gTN4T+tk
6TcCO2Lam0dlvm3rwXowoPRMkNkw2lBb5VrjlBKloDcnNjNfa5LC9ag=
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:39:23 2025 by rpki-client