Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3138352e3135302e3133362e302f32342d3234203d3e203230343733.roa
File: 3138352e3135302e3133362e302f32342d3234203d3e203230343733.roa (raw, json)
Hash identifier: x5Ch0u25Yn86m3RlislxEWmtVJG7NS465iQ+E3v1+C0=
Subject key identifier: 72:00:D3:99:9B:77:3A:DB:84:7A:35:7B:2A:3B:86:6A:84:97:25:78
Certificate issuer: /CN=048af665bf8b186b70220759d26c578f40b5f3e3
Certificate serial: 012033EEBF867E909F9A7EA0C737EF94F094E7DD
Authority key identifier: 04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3138352e3135302e3133362e302f32342d3234203d3e203230343733.roa
Signing time: Sat 21 Dec 2024 15:41:21 +0000
ROA not before: Sat 21 Dec 2024 15:36:21 +0000
ROA not after: Sat 20 Dec 2025 15:41:21 +0000
asID: 20473
IP address blocks: 185.150.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.mft
rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 08:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:20:33:ee:bf:86:7e:90:9f:9a:7e:a0:c7:37:ef:94:f0:94:e7:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048af665bf8b186b70220759d26c578f40b5f3e3
Validity
Not Before: Dec 21 15:36:21 2024 GMT
Not After : Dec 20 15:41:21 2025 GMT
Subject: CN=7200D3999B773ADB847A357B2A3B866A84972578
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:48:13:5f:a3:79:ae:2e:87:35:61:46:ba:c8:
c3:0b:f9:3f:43:2d:78:9a:9a:1c:62:44:41:a2:b0:
41:7b:81:b1:95:43:d5:42:de:43:71:d9:5c:5a:d5:
c4:2f:eb:a5:04:b7:23:93:f5:38:dc:70:2a:f1:f9:
37:bb:3e:ae:23:e7:a9:f0:27:f2:8d:81:25:d1:1a:
d9:70:a5:ef:ae:67:14:af:24:9f:d2:93:aa:c5:8b:
d4:a1:29:dc:59:d0:2c:24:33:41:fd:85:fb:cb:b4:
67:f2:da:b1:55:6a:9b:7b:a0:13:a1:f6:b7:bd:13:
4b:7d:fc:b8:a3:da:c1:60:53:77:44:06:da:56:21:
e3:c3:be:b9:6f:6f:33:04:9d:ee:32:74:fa:7e:31:
d9:4c:69:be:ad:50:7e:3e:3b:9d:1b:91:dd:b8:35:
5b:07:9c:56:40:a5:42:fb:2e:88:73:45:5a:b7:3c:
06:2c:11:fb:d9:48:3f:76:a3:2c:f8:c3:47:da:da:
fe:9d:0b:c5:59:56:99:a9:22:14:d8:80:d6:b2:66:
7b:83:02:60:46:76:be:92:e6:bb:44:19:ae:38:97:
e5:0f:b0:5a:cc:52:23:74:dd:26:e9:15:90:f7:67:
2b:f2:ac:72:eb:1e:2f:6b:ce:21:f2:1b:66:7b:67:
fd:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:00:D3:99:9B:77:3A:DB:84:7A:35:7B:2A:3B:86:6A:84:97:25:78
X509v3 Authority Key Identifier:
keyid:04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3138352e3135302e3133362e302f32342d3234203d3e203230343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.136.0/24
Signature Algorithm: sha256WithRSAEncryption
11:1d:30:d2:e7:f7:c0:c2:87:a1:83:0a:4c:1a:70:6c:90:18:
c9:2e:4d:82:ba:58:f0:f0:0f:e1:8a:e4:71:cd:e2:42:72:35:
dc:76:16:db:d4:76:08:77:f9:c4:ad:a9:86:e6:2e:bd:68:5a:
4b:27:2e:43:3b:5e:57:09:ae:2b:33:df:44:3a:f7:cd:9e:29:
dd:cf:14:71:fc:df:1d:18:96:bd:ba:18:ba:a1:17:9a:87:b5:
82:56:68:34:fc:2c:a3:35:5c:a0:ab:63:43:75:ee:f7:a6:8f:
1e:fc:65:e9:82:33:9f:46:9d:fb:6b:fe:bc:92:d8:f3:d2:b2:
d0:48:45:86:61:b8:7a:80:39:2d:1f:4b:4a:6b:e8:bb:f7:74:
b5:0f:00:22:53:09:ee:dd:d2:27:8a:c5:a4:16:06:10:22:5b:
85:90:a4:89:8d:d2:c1:ea:4a:1c:9f:81:b8:4c:34:88:09:97:
ce:c3:08:b9:f5:17:c2:a5:11:35:c8:75:39:60:62:21:41:d0:
92:b9:e6:eb:6b:81:9a:0a:6c:9c:66:3d:99:8c:ca:a2:20:00:
da:7e:9c:2a:d6:a8:2b:4d:63:8c:81:45:45:4f:5c:f6:8b:44:
f7:fc:78:73:85:16:98:39:20:cf:a1:bf:b3:d7:2d:be:66:3e:
52:45:a0:dd
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUASAz7r+GfpCfmn6gxzfvlPCU590wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDQ4YWY2NjViZjhiMTg2YjcwMjIwNzU5ZDI2YzU3OGY0
MGI1ZjNlMzAeFw0yNDEyMjExNTM2MjFaFw0yNTEyMjAxNTQxMjFaMDMxMTAvBgNV
BAMTKDcyMDBEMzk5OUI3NzNBREI4NDdBMzU3QjJBM0I4NjZBODQ5NzI1NzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdSBNfo3muLoc1YUa6yMML+T9D
LXiamhxiREGisEF7gbGVQ9VC3kNx2Vxa1cQv66UEtyOT9TjccCrx+Te7Pq4j56nw
J/KNgSXRGtlwpe+uZxSvJJ/Sk6rFi9ShKdxZ0CwkM0H9hfvLtGfy2rFVapt7oBOh
9re9E0t9/Lij2sFgU3dEBtpWIePDvrlvbzMEne4ydPp+MdlMab6tUH4+O50bkd24
NVsHnFZApUL7LohzRVq3PAYsEfvZSD92oyz4w0fa2v6dC8VZVpmpIhTYgNayZnuD
AmBGdr6S5rtEGa44l+UPsFrMUiN03SbpFZD3ZyvyrHLrHi9rziHyG2Z7Z/0bAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUcgDTmZt3OtuEejV7KjuGaoSXJXgwHwYDVR0j
BBgwFoAUBIr2Zb+LGGtwIgdZ0mxXj0C18+MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODJhOWJmNWItMzljMS00MDUwLWIwNzMtNDgwNzViODYx
ZDg3LzAvMDQ4QUY2NjVCRjhCMTg2QjcwMjIwNzU5RDI2QzU3OEY0MEI1RjNFMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0JJcjJaYi1MR0d0d0lnZFowbXhYajBD
MTgtTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODJhOWJmNWIt
MzljMS00MDUwLWIwNzMtNDgwNzViODYxZDg3LzAvMzEzODM1MmUzMTM1MzAyZTMx
MzMzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNDM3MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5logwDQYJKoZIhvcNAQELBQADggEBABEdMNLn98DCh6GDCkwacGyQGMkuTYK6
WPDwD+GK5HHN4kJyNdx2FtvUdgh3+cStqYbmLr1oWksnLkM7XlcJrisz30Q6982e
Kd3PFHH83x0Ylr26GLqhF5qHtYJWaDT8LKM1XKCrY0N17vemjx78ZemCM59Gnftr
/ryS2PPSstBIRYZhuHqAOS0fS0pr6Lv3dLUPACJTCe7d0ieKxaQWBhAiW4WQpImN
0sHqShyfgbhMNIgJl87DCLn1F8KlETXIdTlgYiFB0JK55utrgZoKbJxmPZmMyqIg
ANp+nCrWqCtNY4yBRUVPXPaLRPf8eHOFFpg5IM+hv7PXLb5mPlJFoN0=
-----END CERTIFICATE-----
Generated at Thu Apr 10 18:37:19 2025 by rpki-client