Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3138352e32392e3136352e302f32342d3234203d3e20313335343032.roa
File: 3138352e32392e3136352e302f32342d3234203d3e20313335343032.roa (raw, json)
Hash identifier: FX5sZybR1zXN+N3yOJpV73EvuutF5fHwqicUAb/s0lE=
Subject key identifier: 20:E9:C7:A1:47:1E:3B:DD:5F:99:7A:A4:95:F5:05:64:F4:4B:A8:D8
Certificate issuer: /CN=048af665bf8b186b70220759d26c578f40b5f3e3
Certificate serial: 784F693ADA017EDF37F40C2DB2AACA523C615CE1
Authority key identifier: 04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3138352e32392e3136352e302f32342d3234203d3e20313335343032.roa
Signing time: Wed 04 Jun 2025 13:09:07 +0000
ROA not before: Wed 04 Jun 2025 13:04:07 +0000
ROA not after: Wed 03 Jun 2026 13:09:07 +0000
asID: 135402
IP address blocks: 185.29.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.mft
rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:4f:69:3a:da:01:7e:df:37:f4:0c:2d:b2:aa:ca:52:3c:61:5c:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048af665bf8b186b70220759d26c578f40b5f3e3
Validity
Not Before: Jun 4 13:04:07 2025 GMT
Not After : Jun 3 13:09:07 2026 GMT
Subject: CN=20E9C7A1471E3BDD5F997AA495F50564F44BA8D8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f1:a4:76:1c:8c:0f:f1:55:dd:a5:7c:92:b5:
d5:74:e5:e4:f9:12:4c:aa:28:4d:72:ca:61:a2:b4:
d0:0f:96:54:d5:79:ef:03:fb:96:ea:21:b0:cc:4e:
1d:2f:6c:1f:f3:cb:56:09:2e:9a:b9:43:f6:25:35:
4d:46:9c:fd:b6:28:a5:da:03:4c:80:d5:a9:bb:d1:
05:67:9b:b0:75:b5:c4:a0:8a:9c:d6:0c:25:02:5b:
62:ed:eb:03:aa:c3:ab:ee:ae:20:4a:7e:01:a1:57:
bf:46:52:27:60:2c:3f:03:c3:1d:03:fc:75:09:70:
cf:ff:e7:28:5c:a8:0f:2c:4a:57:6b:d2:64:2b:35:
ba:b2:f1:b8:d7:9b:e1:6e:03:14:ad:a6:6f:16:e0:
ef:3e:8a:24:49:98:de:45:7c:65:e4:9a:f9:71:c7:
e2:b7:73:12:b7:4b:70:73:fd:c2:5c:77:9e:bf:b8:
a9:b1:0a:1a:be:e3:dc:ab:78:8d:7a:72:3e:a9:30:
78:17:89:df:4b:25:f1:7c:60:ca:c4:a6:61:41:3c:
ff:89:0f:3d:02:fa:49:dc:25:8d:24:84:e0:1b:df:
bc:d2:71:35:71:ef:b3:66:90:b2:cd:76:15:70:75:
59:40:47:98:6b:18:4f:16:2c:de:88:7d:13:76:62:
b7:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:E9:C7:A1:47:1E:3B:DD:5F:99:7A:A4:95:F5:05:64:F4:4B:A8:D8
X509v3 Authority Key Identifier:
keyid:04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3138352e32392e3136352e302f32342d3234203d3e20313335343032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.29.165.0/24
Signature Algorithm: sha256WithRSAEncryption
73:d3:d9:91:38:39:c3:ba:68:f5:b4:4f:9b:ab:d6:a1:0d:92:
b5:30:58:25:cf:b1:87:4b:43:52:ce:72:1d:83:f3:bc:8c:70:
ed:7d:91:ba:c1:57:fb:ff:89:bc:05:79:ab:77:a7:72:4d:2e:
57:76:ac:b2:73:61:26:c5:71:6a:9a:53:57:1b:42:37:e5:1d:
99:3f:17:4f:cb:ad:dd:f2:10:08:42:cc:9e:ce:b0:96:0d:af:
05:94:f2:a2:95:29:1d:aa:17:d1:d6:e9:27:ef:ad:a7:25:8f:
5d:f3:e9:41:4d:5f:51:13:ff:fa:cb:4b:f5:c3:21:ef:b4:99:
69:2d:cf:ee:e5:17:27:92:8c:8a:af:fc:c3:f7:04:52:cc:fc:
e5:5f:e8:7e:da:69:6d:f5:79:68:76:5a:ac:a5:4b:1b:8e:16:
44:88:45:52:97:37:6b:92:6b:26:09:fd:d2:7a:91:08:bf:de:
fe:3e:5d:cf:25:7e:34:e2:f2:38:95:3a:78:b2:4a:63:01:8f:
4c:8a:8f:88:b5:8f:6a:d3:d8:94:f2:3b:d6:46:e0:a1:c7:ba:
3e:73:77:15:cc:03:3b:11:e0:cd:96:6b:08:d2:9b:e4:98:bf:
eb:b9:a3:51:51:23:2f:23:98:8e:04:9d:60:45:9a:05:43:ac:
78:3e:c0:6a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUeE9pOtoBft839AwtsqrKUjxhXOEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDQ4YWY2NjViZjhiMTg2YjcwMjIwNzU5ZDI2YzU3OGY0
MGI1ZjNlMzAeFw0yNTA2MDQxMzA0MDdaFw0yNjA2MDMxMzA5MDdaMDMxMTAvBgNV
BAMTKDIwRTlDN0ExNDcxRTNCREQ1Rjk5N0FBNDk1RjUwNTY0RjQ0QkE4RDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCs8aR2HIwP8VXdpXyStdV05eT5
EkyqKE1yymGitNAPllTVee8D+5bqIbDMTh0vbB/zy1YJLpq5Q/YlNU1GnP22KKXa
A0yA1am70QVnm7B1tcSgipzWDCUCW2Lt6wOqw6vuriBKfgGhV79GUidgLD8Dwx0D
/HUJcM//5yhcqA8sSldr0mQrNbqy8bjXm+FuAxStpm8W4O8+iiRJmN5FfGXkmvlx
x+K3cxK3S3Bz/cJcd56/uKmxChq+49yreI16cj6pMHgXid9LJfF8YMrEpmFBPP+J
Dz0C+kncJY0khOAb37zScTVx77NmkLLNdhVwdVlAR5hrGE8WLN6IfRN2YrdPAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUIOnHoUceO91fmXqklfUFZPRLqNgwHwYDVR0j
BBgwFoAUBIr2Zb+LGGtwIgdZ0mxXj0C18+MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODJhOWJmNWItMzljMS00MDUwLWIwNzMtNDgwNzViODYx
ZDg3LzAvMDQ4QUY2NjVCRjhCMTg2QjcwMjIwNzU5RDI2QzU3OEY0MEI1RjNFMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0JJcjJaYi1MR0d0d0lnZFowbXhYajBD
MTgtTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODJhOWJmNWIt
MzljMS00MDUwLWIwNzMtNDgwNzViODYxZDg3LzAvMzEzODM1MmUzMjM5MmUzMTM2
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzUzNDMwMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5HaUwDQYJKoZIhvcNAQELBQADggEBAHPT2ZE4OcO6aPW0T5ur1qENkrUwWCXP
sYdLQ1LOch2D87yMcO19kbrBV/v/ibwFeat3p3JNLld2rLJzYSbFcWqaU1cbQjfl
HZk/F0/Lrd3yEAhCzJ7OsJYNrwWU8qKVKR2qF9HW6Sfvraclj13z6UFNX1ET//rL
S/XDIe+0mWktz+7lFyeSjIqv/MP3BFLM/OVf6H7aaW31eWh2WqylSxuOFkSIRVKX
N2uSayYJ/dJ6kQi/3v4+Xc8lfjTi8jiVOniySmMBj0yKj4i1j2rT2JTyO9ZG4KHH
uj5zdxXMAzsR4M2WawjSm+SYv+u5o1FRIy8jmI4EnWBFmgVDrHg+wGo=
-----END CERTIFICATE-----
Generated at Fri Jun 6 14:14:29 2025 by rpki-client