Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3138352e3234302e3130372e302f32342d3234203d3e203336353330.roa
File: 3138352e3234302e3130372e302f32342d3234203d3e203336353330.roa (raw, json)
Hash identifier: +aP4/yrjDfXMUvY2aoslM1y69SiDmKFLNj/CHXaFL2o=
Subject key identifier: 2A:27:A7:98:40:2C:94:01:FA:E3:65:33:41:3A:DE:E9:6C:82:3E:A9
Certificate issuer: /CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Certificate serial: 3DCFAF8B12B088408AC11584210B277F29D42DAE
Authority key identifier: 8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3138352e3234302e3130372e302f32342d3234203d3e203336353330.roa
Signing time: Tue 13 May 2025 11:16:50 +0000
ROA not before: Tue 13 May 2025 11:11:50 +0000
ROA not after: Tue 12 May 2026 11:16:50 +0000
asID: 36530
IP address blocks: 185.240.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl
rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.mft
rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 21:53:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:cf:af:8b:12:b0:88:40:8a:c1:15:84:21:0b:27:7f:29:d4:2d:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Validity
Not Before: May 13 11:11:50 2025 GMT
Not After : May 12 11:16:50 2026 GMT
Subject: CN=2A27A798402C9401FAE36533413ADEE96C823EA9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d6:14:49:7e:d7:b8:d7:62:90:f8:6d:ee:a6:
e3:06:9a:f7:a0:75:54:4d:79:bc:c6:00:ef:25:bf:
c9:1f:cd:f7:ab:e9:6b:4f:21:a3:53:e9:d1:a0:87:
a2:9b:20:cd:36:d0:90:01:a2:c2:67:57:94:f9:25:
6d:23:db:7b:49:a2:04:12:6e:14:9e:c4:5c:68:37:
c0:e2:05:93:10:cc:04:9e:70:79:fc:fa:9c:d5:9d:
c0:99:58:fc:df:26:07:08:2d:13:11:f9:ec:d9:96:
73:56:5b:23:16:b7:28:22:88:5f:d7:78:49:23:80:
b2:75:dd:29:56:65:82:5c:46:89:b7:36:8e:e2:6d:
1b:b6:ad:17:92:c5:26:d0:e2:54:d7:36:d2:bd:7a:
5f:3e:75:2d:ea:1d:ee:7f:44:67:c6:65:86:51:28:
8a:42:63:38:0f:2c:dc:f4:e0:18:95:f0:67:07:76:
d9:30:d1:c7:00:89:0a:3e:d6:68:35:3e:e8:d4:77:
45:19:82:47:11:20:b4:c7:0b:f9:55:c4:14:54:06:
ba:06:5e:45:e7:06:fb:af:59:a9:9e:8a:fb:0a:fc:
d1:09:5b:9e:8a:2e:88:2a:c5:8f:30:55:9c:fb:39:
d5:c7:e6:38:aa:26:ac:3a:2c:81:41:ae:41:a5:77:
95:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:27:A7:98:40:2C:94:01:FA:E3:65:33:41:3A:DE:E9:6C:82:3E:A9
X509v3 Authority Key Identifier:
keyid:8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3138352e3234302e3130372e302f32342d3234203d3e203336353330.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.107.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:de:ca:2f:20:7d:f8:1e:40:f5:ac:c3:9e:27:04:6b:02:4b:
ed:07:a8:b5:cf:3b:1a:91:67:c4:9a:2f:1d:11:9a:5b:0a:6d:
78:d9:e7:32:3b:27:68:7c:c8:f4:ed:69:cf:97:b5:5b:2e:3b:
70:e2:0a:bc:19:27:28:8c:9e:b7:5e:e8:ff:e3:60:71:a1:60:
2d:f5:47:c4:3d:19:02:5b:5d:48:03:51:7f:ec:bd:c7:96:ab:
7a:48:73:43:bb:2b:2d:b6:d9:8f:85:31:e8:08:21:d5:72:0a:
99:7b:0c:3f:c4:21:29:dd:7c:65:72:81:de:f2:50:58:c5:36:
e0:53:8f:fe:c4:d1:29:1e:ee:47:3f:90:21:19:40:ec:4c:eb:
93:e2:d7:1f:89:7c:f3:da:da:95:b3:3f:8f:5f:f9:3c:7b:a8:
f5:8f:3d:7d:92:de:f3:d2:f4:1e:a2:51:b0:b9:ba:cf:29:af:
55:c5:13:df:45:2f:25:e7:0e:eb:e9:cb:83:c8:e6:93:3d:54:
ca:95:43:d6:a6:c2:c4:63:31:f2:7f:a7:d1:c4:e9:de:18:3e:
ae:f5:ad:86:b5:48:8e:5a:6b:88:bc:9b:86:d1:21:3e:f9:b1:
cd:cc:7f:7b:4e:6c:6d:e0:03:fa:fa:d2:c8:bb:b3:38:9c:19:
d5:e7:b6:2a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUPc+vixKwiECKwRWEIQsnfynULa4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGMxMmI0MjczODMyYjQxNTZmZTAwOTJmNmFlN2U1YjNj
ZTIzYWQ4YjAeFw0yNTA1MTMxMTExNTBaFw0yNjA1MTIxMTE2NTBaMDMxMTAvBgNV
BAMTKDJBMjdBNzk4NDAyQzk0MDFGQUUzNjUzMzQxM0FERUU5NkM4MjNFQTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC31hRJfte412KQ+G3upuMGmveg
dVRNebzGAO8lv8kfzfer6WtPIaNT6dGgh6KbIM020JABosJnV5T5JW0j23tJogQS
bhSexFxoN8DiBZMQzASecHn8+pzVncCZWPzfJgcILRMR+ezZlnNWWyMWtygiiF/X
eEkjgLJ13SlWZYJcRom3No7ibRu2rReSxSbQ4lTXNtK9el8+dS3qHe5/RGfGZYZR
KIpCYzgPLNz04BiV8GcHdtkw0ccAiQo+1mg1PujUd0UZgkcRILTHC/lVxBRUBroG
XkXnBvuvWameivsK/NEJW56KLogqxY8wVZz7OdXH5jiqJqw6LIFBrkGld5WzAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUKienmEAslAH642UzQTre6WyCPqkwHwYDVR0j
BBgwFoAUjBK0JzgytBVv4Akvaufls84jrYswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGJmZDY4ODItZDZiMy00YWE4LWJjMGEtNzExZDY4YmQx
OThiLzAvOEMxMkI0MjczODMyQjQxNTZGRTAwOTJGNkFFN0U1QjNDRTIzQUQ4Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2pCSzBKemd5dEJWdjRBa3ZhdWZsczg0
anJZcy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGJmZDY4ODIt
ZDZiMy00YWE4LWJjMGEtNzExZDY4YmQxOThiLzAvMzEzODM1MmUzMjM0MzAyZTMx
MzAzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzYzNTMzMzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC58GswDQYJKoZIhvcNAQELBQADggEBAJreyi8gffgeQPWsw54nBGsCS+0HqLXP
OxqRZ8SaLx0RmlsKbXjZ5zI7J2h8yPTtac+XtVsuO3DiCrwZJyiMnrde6P/jYHGh
YC31R8Q9GQJbXUgDUX/svceWq3pIc0O7Ky222Y+FMegIIdVyCpl7DD/EISndfGVy
gd7yUFjFNuBTj/7E0Ske7kc/kCEZQOxM65Pi1x+JfPPa2pWzP49f+Tx7qPWPPX2S
3vPS9B6iUbC5us8pr1XFE99FLyXnDuvpy4PI5pM9VMqVQ9amwsRjMfJ/p9HE6d4Y
Pq71rYa1SI5aa4i8m4bRIT75sc3Mf3tObG3gA/r60si7szicGdXntio=
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:05:06 2025 by rpki-client