Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/3138352e35382e3135362e302f32342d3234203d3e20323135323837.roa
File: 3138352e35382e3135362e302f32342d3234203d3e20323135323837.roa (raw, json)
Hash identifier: JSJ3/ENvpANYjaheCIKzscokMYkR+INgVpao6rDrGj0=
Subject key identifier: AD:B8:C9:28:D4:E1:BE:1D:4D:24:CE:C9:4C:91:BA:DB:29:85:CF:85
Certificate issuer: /CN=38a93c81ecd308e6a7632717045b3d35150120f8
Certificate serial: 7DB0CC70AD7F898FDD8BD52ACF45B016DA67BD7A
Authority key identifier: 38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/3138352e35382e3135362e302f32342d3234203d3e20323135323837.roa
Signing time: Sat 01 Feb 2025 14:55:34 +0000
ROA not before: Sat 01 Feb 2025 14:50:34 +0000
ROA not after: Sat 31 Jan 2026 14:55:34 +0000
asID: 215287
IP address blocks: 185.58.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.mft
rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 18:17:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:b0:cc:70:ad:7f:89:8f:dd:8b:d5:2a:cf:45:b0:16:da:67:bd:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a93c81ecd308e6a7632717045b3d35150120f8
Validity
Not Before: Feb 1 14:50:34 2025 GMT
Not After : Jan 31 14:55:34 2026 GMT
Subject: CN=ADB8C928D4E1BE1D4D24CEC94C91BADB2985CF85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:bc:8e:f8:63:75:1c:40:ce:5b:73:2b:4b:ee:
83:3c:09:49:3c:b5:1f:4b:99:8d:04:6b:32:cb:1b:
3a:9b:d9:bc:f8:ee:09:8e:d2:8f:da:5f:99:1e:f4:
ad:ad:a2:f2:35:62:db:8f:df:4f:4f:7a:45:03:7c:
40:68:10:96:51:83:f5:78:75:8e:d4:79:35:01:b7:
be:65:67:e0:5b:14:08:2f:d0:b7:45:15:cf:de:f9:
6a:97:37:05:8f:7f:a5:92:34:33:b6:9a:f2:38:c5:
c9:c3:90:7f:15:01:69:d0:b7:c5:61:7f:fc:21:a1:
07:1b:7d:eb:25:99:df:7d:e7:1f:d0:f1:71:95:5d:
64:f2:a7:44:b0:eb:ed:3d:ad:21:bd:2d:28:5e:ec:
f6:61:42:38:78:5d:20:ee:e5:f6:35:f8:2c:91:64:
9d:9b:27:4b:32:b9:80:ec:58:23:18:25:1f:36:24:
b7:dd:a3:c0:7f:06:31:d1:dc:a2:3d:0a:d5:eb:c9:
d6:59:7a:44:ee:9c:9d:2f:19:09:21:09:aa:28:03:
24:d0:a6:ac:57:17:a4:b2:72:dc:e1:2d:36:7e:29:
79:a0:8b:ee:c6:b9:8a:4f:8b:3c:a5:1c:3a:2b:98:
f7:39:da:21:6d:ec:67:4f:6f:df:63:52:a8:a4:55:
c2:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:B8:C9:28:D4:E1:BE:1D:4D:24:CE:C9:4C:91:BA:DB:29:85:CF:85
X509v3 Authority Key Identifier:
keyid:38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/3138352e35382e3135362e302f32342d3234203d3e20323135323837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.58.156.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:54:fa:73:1e:1a:ff:e1:b2:04:ac:1e:78:61:d7:42:18:53:
b7:a3:d6:ee:62:87:dd:49:21:4e:54:1f:e6:9e:ef:02:46:68:
34:70:9b:d6:81:22:2b:94:6a:6a:64:96:69:22:42:52:a7:9b:
9a:e5:ca:f2:d9:0f:5c:bf:d5:ed:7d:d0:6e:1f:3d:9e:b6:50:
e4:92:27:e4:52:95:d2:2b:de:cc:0d:96:18:fe:6a:85:25:a9:
64:47:0f:cc:08:fc:b1:e9:49:aa:dc:03:71:2f:24:59:6a:d4:
eb:97:0b:61:ae:10:a5:f1:11:b9:40:84:59:c9:48:cd:73:a5:
9e:85:e0:f7:36:62:5e:66:f9:13:8d:9d:3f:ab:74:e9:03:08:
d7:d2:e4:e5:d2:64:72:9f:1f:f9:44:b7:05:bd:1e:9d:da:74:
80:bb:48:28:99:62:5e:c5:a2:59:b5:2a:ab:f3:41:9c:bc:df:
60:b7:65:c0:92:05:5b:1c:61:48:03:5f:9c:c0:a0:18:39:f4:
3f:b0:19:24:76:02:d1:fe:cb:90:39:c1:1b:3b:16:7f:8e:6c:
58:6f:89:70:f8:93:26:a9:a2:06:83:90:0c:37:7d:c1:80:19:
9f:19:2b:c2:9b:66:bf:41:c4:44:1f:a6:97:1f:61:4b:11:08:
52:30:83:f2
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUfbDMcK1/iY/di9Uqz0WwFtpnvXowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzhhOTNjODFlY2QzMDhlNmE3NjMyNzE3MDQ1YjNkMzUx
NTAxMjBmODAeFw0yNTAyMDExNDUwMzRaFw0yNjAxMzExNDU1MzRaMDMxMTAvBgNV
BAMTKEFEQjhDOTI4RDRFMUJFMUQ0RDI0Q0VDOTRDOTFCQURCMjk4NUNGODUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCKvI74Y3UcQM5bcytL7oM8CUk8
tR9LmY0EazLLGzqb2bz47gmO0o/aX5ke9K2tovI1YtuP309PekUDfEBoEJZRg/V4
dY7UeTUBt75lZ+BbFAgv0LdFFc/e+WqXNwWPf6WSNDO2mvI4xcnDkH8VAWnQt8Vh
f/whoQcbfeslmd995x/Q8XGVXWTyp0Sw6+09rSG9LShe7PZhQjh4XSDu5fY1+CyR
ZJ2bJ0syuYDsWCMYJR82JLfdo8B/BjHR3KI9CtXrydZZekTunJ0vGQkhCaooAyTQ
pqxXF6SyctzhLTZ+KXmgi+7GuYpPizylHDormPc52iFt7GdPb99jUqikVcI7AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUrbjJKNThvh1NJM7JTJG62ymFz4UwHwYDVR0j
BBgwFoAUOKk8gezTCOanYycXBFs9NRUBIPgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTgyYzY1YjktNzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZm
OWI4LzAvMzhBOTNDODFFQ0QzMDhFNkE3NjMyNzE3MDQ1QjNEMzUxNTAxMjBGOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL09LazhnZXpUQ09hbll5Y1hCRnM5TlJV
QklQZy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTgyYzY1Yjkt
NzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZmOWI4LzAvMzEzODM1MmUzNTM4MmUzMTM1
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzUzMjM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5OpwwDQYJKoZIhvcNAQELBQADggEBAKdU+nMeGv/hsgSsHnhh10IYU7ej1u5i
h91JIU5UH+ae7wJGaDRwm9aBIiuUampklmkiQlKnm5rlyvLZD1y/1e190G4fPZ62
UOSSJ+RSldIr3swNlhj+aoUlqWRHD8wI/LHpSarcA3EvJFlq1OuXC2GuEKXxEblA
hFnJSM1zpZ6F4Pc2Yl5m+RONnT+rdOkDCNfS5OXSZHKfH/lEtwW9Hp3adIC7SCiZ
Yl7Folm1KqvzQZy832C3ZcCSBVscYUgDX5zAoBg59D+wGSR2AtH+y5A5wRs7Fn+O
bFhviXD4kyapogaDkAw3fcGAGZ8ZK8KbZr9BxEQfppcfYUsRCFIwg/I=
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:07:34 2025 by rpki-client