Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/38352e3131372e3233312e302f32342d3234203d3e203230343733.roa
File: 38352e3131372e3233312e302f32342d3234203d3e203230343733.roa (raw, json)
Hash identifier: c4h29Illw58EYQEPXmLNp1atSntt/NwJKBQmuBCeD2I=
Subject key identifier: 22:B3:30:7B:F1:81:42:03:3A:63:D3:69:4C:D6:3D:FC:31:BB:F2:7E
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 0AE376BC756BA9F13B451EE53B99A129BDA145C3
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/38352e3131372e3233312e302f32342d3234203d3e203230343733.roa
Signing time: Wed 12 Mar 2025 09:53:10 +0000
ROA not before: Wed 12 Mar 2025 09:48:10 +0000
ROA not after: Wed 11 Mar 2026 09:53:10 +0000
asID: 20473
IP address blocks: 85.117.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 22:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:e3:76:bc:75:6b:a9:f1:3b:45:1e:e5:3b:99:a1:29:bd:a1:45:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Mar 12 09:48:10 2025 GMT
Not After : Mar 11 09:53:10 2026 GMT
Subject: CN=22B3307BF18142033A63D3694CD63DFC31BBF27E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:7e:e0:b0:32:b2:98:07:6a:50:57:79:f2:3c:
15:78:f9:e4:c7:88:6e:b2:f8:41:78:d2:07:86:a5:
b0:e6:7a:de:d3:d9:59:b3:37:1a:8f:c3:0e:3e:fd:
42:7f:42:5f:82:35:e6:75:48:cc:34:20:7a:2e:84:
8e:91:04:66:4f:aa:90:a2:56:2a:d4:32:24:83:12:
77:5b:97:3b:2b:68:32:35:f6:2d:5d:dc:c9:d4:57:
ae:5b:4a:48:5c:94:7e:b0:0f:42:fc:69:68:dd:e1:
ab:e1:3a:fb:06:9c:4f:30:e1:5f:26:3b:dc:e9:69:
2b:37:28:ca:d9:73:ac:ee:26:8e:e0:91:c4:fc:06:
dd:44:f6:e2:44:46:39:44:6b:bf:2f:58:1e:d4:7f:
4d:e3:b6:5b:1f:3a:c7:85:ed:ee:99:b9:f7:76:58:
2e:10:97:85:3c:e7:10:aa:f4:8d:ea:1f:ff:08:75:
f9:f8:83:e6:5f:4a:b6:d3:1e:b6:06:9d:61:86:cf:
52:7f:af:2e:0c:16:be:8d:59:f7:c3:ba:29:10:ca:
8f:a0:01:61:20:59:6a:8e:28:fb:7a:af:1f:77:7b:
4e:cf:83:a5:e2:c1:1b:da:44:fb:a0:f0:be:c4:f6:
d5:93:0f:26:70:d1:2c:ff:5a:48:d1:dc:b2:fb:4d:
1e:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:B3:30:7B:F1:81:42:03:3A:63:D3:69:4C:D6:3D:FC:31:BB:F2:7E
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/38352e3131372e3233312e302f32342d3234203d3e203230343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.231.0/24
Signature Algorithm: sha256WithRSAEncryption
77:31:01:15:34:54:b5:af:e7:79:f0:82:52:9d:69:01:ba:44:
cb:1b:14:31:ec:74:9b:ec:42:99:a0:82:d7:49:dd:74:df:fc:
2c:d9:32:73:06:5e:26:0f:ab:da:e7:e3:dd:68:28:fc:a4:7d:
74:d4:80:6a:c4:ce:fb:fe:75:22:ca:7b:f2:45:88:cc:08:1d:
7d:95:df:b2:eb:9d:30:6e:69:ea:38:f5:89:b5:b4:ad:af:c5:
45:b3:02:37:0d:4a:82:9c:a4:69:af:8f:49:9e:4a:a2:c8:b0:
d2:33:16:8f:21:37:eb:f5:7f:64:52:69:3e:ba:62:ca:28:ac:
c4:a0:06:e3:49:7a:96:4d:ba:2d:4d:b1:78:56:37:aa:02:e9:
ae:c4:5d:d2:b6:d0:ae:b0:7d:42:1e:d4:6f:bb:d7:79:d5:fd:
eb:d3:40:47:7f:3c:20:b8:c3:20:2c:e4:e8:38:63:ce:74:c9:
f9:ee:5f:6f:18:37:31:a6:20:62:b0:99:55:74:37:a8:17:10:
fd:c7:ee:2f:e0:13:13:28:52:9f:c8:1d:bc:64:01:a5:2f:16:
60:31:82:b9:0a:bf:86:0c:68:ef:82:20:a1:9d:97:31:68:07:
94:31:1c:f4:c1:ee:91:93:69:a0:5c:b6:f0:71:3b:85:6d:35:
88:a8:ca:41
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUCuN2vHVrqfE7RR7lO5mhKb2hRcMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNTAzMTIwOTQ4MTBaFw0yNjAzMTEwOTUzMTBaMDMxMTAvBgNV
BAMTKDIyQjMzMDdCRjE4MTQyMDMzQTYzRDM2OTRDRDYzREZDMzFCQkYyN0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDyfuCwMrKYB2pQV3nyPBV4+eTH
iG6y+EF40geGpbDmet7T2VmzNxqPww4+/UJ/Ql+CNeZ1SMw0IHouhI6RBGZPqpCi
VirUMiSDEndblzsraDI19i1d3MnUV65bSkhclH6wD0L8aWjd4avhOvsGnE8w4V8m
O9zpaSs3KMrZc6zuJo7gkcT8Bt1E9uJERjlEa78vWB7Uf03jtlsfOseF7e6Zufd2
WC4Ql4U85xCq9I3qH/8Idfn4g+ZfSrbTHrYGnWGGz1J/ry4MFr6NWffDuikQyo+g
AWEgWWqOKPt6rx93e07Pg6XiwRvaRPug8L7E9tWTDyZw0Sz/WkjR3LL7TR5PAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUIrMwe/GBQgM6Y9NpTNY9/DG78n4wHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzgzNTJlMzEzMTM3MmUzMjMz
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
VXXnMA0GCSqGSIb3DQEBCwUAA4IBAQB3MQEVNFS1r+d58IJSnWkBukTLGxQx7HSb
7EKZoILXSd103/ws2TJzBl4mD6va5+PdaCj8pH101IBqxM77/nUiynvyRYjMCB19
ld+y650wbmnqOPWJtbStr8VFswI3DUqCnKRpr49JnkqiyLDSMxaPITfr9X9kUmk+
umLKKKzEoAbjSXqWTbotTbF4VjeqAumuxF3SttCusH1CHtRvu9d51f3r00BHfzwg
uMMgLOToOGPOdMn57l9vGDcxpiBisJlVdDeoFxD9x+4v4BMTKFKfyB28ZAGlLxZg
MYK5Cr+GDGjvgiChnZcxaAeUMRz0we6Rk2mgXLbwcTuFbTWIqMpB
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:07:48 2025 by rpki-client