Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3138352e33392e3138332e302f32342d3234203d3e203438353932.roa
File: 3138352e33392e3138332e302f32342d3234203d3e203438353932.roa (raw, json)
Hash identifier: 1itaUJD6MM9qJoykl2AD3Me7plWTAUPMb45hv4KS1Is=
Subject key identifier: 68:E6:88:E2:11:14:F7:7D:B7:7C:8A:00:73:63:A8:F6:03:3E:A3:36
Certificate issuer: /CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Certificate serial: 1A1394CA35E4C29576A1C1485AAB339A24F66B8E
Authority key identifier: 45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3138352e33392e3138332e302f32342d3234203d3e203438353932.roa
Signing time: Tue 25 Mar 2025 06:20:13 +0000
ROA not before: Tue 25 Mar 2025 06:15:13 +0000
ROA not after: Tue 24 Mar 2026 06:20:13 +0000
asID: 48592
IP address blocks: 185.39.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 21:19:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:13:94:ca:35:e4:c2:95:76:a1:c1:48:5a:ab:33:9a:24:f6:6b:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Validity
Not Before: Mar 25 06:15:13 2025 GMT
Not After : Mar 24 06:20:13 2026 GMT
Subject: CN=68E688E21114F77DB77C8A007363A8F6033EA336
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:68:65:3e:5e:b8:e3:bf:b0:f7:80:cf:96:12:
ee:c9:81:3f:7a:7c:41:d4:00:4b:aa:b6:f8:80:a9:
72:5c:54:f0:6b:06:41:3b:0f:96:80:8e:ce:a9:6f:
08:f1:9e:25:42:42:cc:ab:93:e0:96:01:d6:7a:4c:
22:59:06:38:23:0e:21:8e:bf:c8:d4:04:41:11:0a:
5d:c9:84:31:8e:8b:1d:c6:ea:b8:fa:00:6e:d8:0d:
a9:d2:97:4c:5e:51:3c:0c:0b:fe:59:37:35:fd:66:
b3:84:fb:23:7e:b5:7a:12:37:5c:b0:36:b1:91:40:
26:db:26:54:f0:8f:2a:5e:33:c8:73:a4:f2:4e:9b:
69:4a:9a:89:e0:19:fc:b2:0c:ea:bf:4f:be:53:84:
e0:cf:8c:0c:b4:a0:2c:eb:3d:9f:b0:2c:4a:a2:7f:
7b:df:c2:4a:6d:35:76:5b:7a:dd:61:85:ef:22:23:
00:1b:6f:79:ce:5e:00:a9:60:a8:0e:44:e4:b5:d1:
30:35:22:ba:52:31:aa:1c:c8:0a:ec:b7:38:05:2d:
84:e6:db:4c:fe:b0:77:59:a5:4a:2a:c4:bc:bc:cd:
85:ba:d6:86:01:ad:02:b2:e0:e1:81:f6:9e:44:6f:
2e:fc:b0:2b:2b:e8:fd:59:83:fb:fe:79:5d:fc:2a:
d9:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:E6:88:E2:11:14:F7:7D:B7:7C:8A:00:73:63:A8:F6:03:3E:A3:36
X509v3 Authority Key Identifier:
keyid:45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3138352e33392e3138332e302f32342d3234203d3e203438353932.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.183.0/24
Signature Algorithm: sha256WithRSAEncryption
97:10:09:1e:1b:a7:b0:82:3a:21:65:02:cc:25:21:60:27:04:
5b:15:08:0f:41:a0:40:f9:bd:a9:de:f6:a4:ea:33:ee:8c:4a:
f1:ec:4c:34:45:dd:d3:52:ed:1b:e1:40:39:61:ec:6d:a2:c2:
6e:d7:80:5e:0d:ec:f9:0e:a3:dd:ca:c5:58:ac:60:a5:63:bb:
15:17:ea:3f:b0:63:51:2c:2f:29:d9:6d:07:78:7a:0e:3a:e3:
4e:c9:bc:01:15:15:3d:8c:56:49:d1:5b:c9:69:a8:a5:e2:bf:
73:8d:da:a2:6e:13:c3:8e:02:76:a6:be:f8:43:f1:3c:72:65:
f0:e8:64:9b:9b:88:5f:7a:05:18:4e:c3:0f:54:b0:03:11:06:
63:43:91:c9:cd:bf:96:d6:36:71:ee:e6:5d:ff:82:d2:97:c9:
a4:b4:36:10:9a:b8:90:c2:5c:64:ef:69:82:d5:e3:a4:fa:8a:
76:83:82:5e:bd:39:97:12:0f:a8:e3:8a:ad:28:a2:7d:2d:b6:
69:5d:c8:f8:23:47:fa:21:60:e0:a2:9a:9d:cb:79:0d:af:68:
78:dc:3d:d5:18:d6:d5:7c:fa:1e:27:5a:50:58:6d:75:ed:e3:
29:74:f1:05:58:0d:7d:03:42:fa:d6:ee:02:3e:04:7f:ea:96:
ee:a5:ae:2d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUGhOUyjXkwpV2ocFIWqszmiT2a44wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDVlODY0OGU0NDVkY2NkMGQ4ZWU2OTlmNTE0MGJiODE0
ZTQzYWUxYjAeFw0yNTAzMjUwNjE1MTNaFw0yNjAzMjQwNjIwMTNaMDMxMTAvBgNV
BAMTKDY4RTY4OEUyMTExNEY3N0RCNzdDOEEwMDczNjNBOEY2MDMzRUEzMzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCraGU+Xrjjv7D3gM+WEu7JgT96
fEHUAEuqtviAqXJcVPBrBkE7D5aAjs6pbwjxniVCQsyrk+CWAdZ6TCJZBjgjDiGO
v8jUBEERCl3JhDGOix3G6rj6AG7YDanSl0xeUTwMC/5ZNzX9ZrOE+yN+tXoSN1yw
NrGRQCbbJlTwjypeM8hzpPJOm2lKmongGfyyDOq/T75ThODPjAy0oCzrPZ+wLEqi
f3vfwkptNXZbet1hhe8iIwAbb3nOXgCpYKgOROS10TA1IrpSMaocyArstzgFLYTm
20z+sHdZpUoqxLy8zYW61oYBrQKy4OGB9p5Eby78sCsr6P1Zg/v+eV38Ktk7AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUaOaI4hEU9323fIoAc2Oo9gM+ozYwHwYDVR0j
BBgwFoAURehkjkRdzNDY7mmfUUC7gU5DrhswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTMzYjJmZDctMzFjMS00NTFjLTgyODgtYzFhYTBhYTEy
NzUwLzAvNDVFODY0OEU0NDVEQ0NEMEQ4RUU2OTlGNTE0MEJCODE0RTQzQUUxQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JlaGtqa1Jkek5EWTdtbWZVVUM3Z1U1
RHJocy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTMzYjJmZDct
MzFjMS00NTFjLTgyODgtYzFhYTBhYTEyNzUwLzAvMzEzODM1MmUzMzM5MmUzMTM4
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM4MzUzOTMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uSe3MA0GCSqGSIb3DQEBCwUAA4IBAQCXEAkeG6ewgjohZQLMJSFgJwRbFQgPQaBA
+b2p3vak6jPujErx7Ew0Rd3TUu0b4UA5YextosJu14BeDez5DqPdysVYrGClY7sV
F+o/sGNRLC8p2W0HeHoOOuNOybwBFRU9jFZJ0VvJaail4r9zjdqibhPDjgJ2pr74
Q/E8cmXw6GSbm4hfegUYTsMPVLADEQZjQ5HJzb+W1jZx7uZd/4LSl8mktDYQmriQ
wlxk72mC1eOk+op2g4JevTmXEg+o44qtKKJ9LbZpXcj4I0f6IWDgopqdy3kNr2h4
3D3VGNbVfPoeJ1pQWG117eMpdPEFWA19A0L61u4CPgR/6pbupa4t
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:31:25 2025 by rpki-client