Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/3138352e35382e3135372e302f32342d3234203d3e20323132333438.roa
File: 3138352e35382e3135372e302f32342d3234203d3e20323132333438.roa (raw, json)
Hash identifier: PJqchqcDu0h0EcPi1D5ya//wXOUcg51LCHqSFB3Qerk=
Subject key identifier: A3:30:57:C4:3A:8A:37:ED:FB:28:CC:D7:B0:A7:42:92:3B:D3:20:D4
Certificate issuer: /CN=38a93c81ecd308e6a7632717045b3d35150120f8
Certificate serial: 0CAE6059F460B4310BECE535979DCC2237BD5406
Authority key identifier: 38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/3138352e35382e3135372e302f32342d3234203d3e20323132333438.roa
Signing time: Sun 02 Mar 2025 20:44:29 +0000
ROA not before: Sun 02 Mar 2025 20:39:29 +0000
ROA not after: Sun 01 Mar 2026 20:44:29 +0000
asID: 212348
IP address blocks: 185.58.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.mft
rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:ae:60:59:f4:60:b4:31:0b:ec:e5:35:97:9d:cc:22:37:bd:54:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a93c81ecd308e6a7632717045b3d35150120f8
Validity
Not Before: Mar 2 20:39:29 2025 GMT
Not After : Mar 1 20:44:29 2026 GMT
Subject: CN=A33057C43A8A37EDFB28CCD7B0A742923BD320D4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c4:79:21:17:b2:a3:5c:bb:2a:2d:02:bf:a9:
03:0a:76:a9:16:90:23:66:78:0e:b7:cb:b1:f8:33:
34:78:23:b7:25:68:95:8b:cf:4f:fc:30:8d:3e:c9:
68:76:da:72:1a:aa:45:aa:6b:80:0a:13:a2:00:63:
68:36:5a:ac:3b:56:b4:38:11:96:d7:fd:ef:7c:0c:
06:77:98:a6:75:b8:f4:f4:c2:b3:b2:25:2a:88:b0:
56:f1:c5:6d:45:91:e3:bf:23:d3:d6:31:9a:9a:47:
a6:94:15:61:0e:62:2c:ea:6a:1f:b8:c3:2e:6d:93:
28:b9:67:98:7e:cd:a6:3e:e6:3b:8a:31:2d:0b:63:
50:9d:52:99:43:f0:5a:ae:8a:8b:15:b4:b8:f9:b1:
f8:20:d2:ce:56:2f:63:0b:11:5f:48:12:dd:cd:d6:
ed:44:e8:70:0d:65:ae:46:ef:1e:6f:bf:c3:cb:3c:
74:d0:10:63:44:1e:30:cf:71:f5:3b:19:a3:fd:e1:
f5:5d:e1:28:64:14:a8:f8:8a:c8:d4:37:a8:86:bc:
44:2e:57:a6:58:7e:0e:ff:ca:1e:bc:1c:f3:2e:e3:
ef:44:df:8d:b5:a7:a6:16:4e:ef:e0:3c:0e:c4:4b:
d4:bc:b0:01:47:9c:c2:1a:e0:8a:cd:6e:d7:31:c2:
f6:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:30:57:C4:3A:8A:37:ED:FB:28:CC:D7:B0:A7:42:92:3B:D3:20:D4
X509v3 Authority Key Identifier:
keyid:38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/3138352e35382e3135372e302f32342d3234203d3e20323132333438.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.58.157.0/24
Signature Algorithm: sha256WithRSAEncryption
62:69:53:9b:aa:cb:0a:d7:ee:e0:19:a2:ab:1d:8d:dd:86:d6:
36:15:b7:f7:90:24:f7:25:b0:34:b7:aa:8c:ad:1e:25:a2:9a:
d8:c4:fd:ba:94:b9:76:51:4a:86:03:a5:95:00:55:d7:01:18:
99:b3:52:69:36:b6:90:27:d0:91:2c:36:3f:da:99:13:5a:6e:
d5:47:70:be:a7:a4:ef:ec:ef:9d:fc:d1:9a:07:99:b8:b2:15:
ab:26:64:97:eb:15:ed:e7:08:f1:ca:76:2c:36:b2:5d:88:97:
65:5c:06:60:e6:58:08:f5:9d:a8:dd:fa:ac:df:ed:93:21:08:
72:24:80:07:9c:06:2e:db:50:96:c3:b2:7a:d1:c3:6d:4f:e3:
b5:c6:e1:40:34:7b:10:a6:07:e0:a1:ca:a5:8e:ec:a1:10:6f:
69:ce:11:4b:1c:b0:02:3c:67:59:e2:8c:24:e3:4f:91:28:21:
a7:ca:8d:18:4a:60:dc:fb:62:7c:ef:9b:69:49:3b:0b:59:75:
d6:ed:3b:da:cd:33:0f:11:4e:2e:83:b9:e0:cc:ba:47:a8:e1:
21:36:64:d7:c0:9c:b5:c0:03:c3:3d:c6:65:b3:3f:f5:31:a3:
75:b4:34:48:bd:08:3d:28:b1:77:86:dc:db:8a:2f:86:ef:61:
54:62:35:5f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUDK5gWfRgtDEL7OU1l53MIje9VAYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzhhOTNjODFlY2QzMDhlNmE3NjMyNzE3MDQ1YjNkMzUx
NTAxMjBmODAeFw0yNTAzMDIyMDM5MjlaFw0yNjAzMDEyMDQ0MjlaMDMxMTAvBgNV
BAMTKEEzMzA1N0M0M0E4QTM3RURGQjI4Q0NEN0IwQTc0MjkyM0JEMzIwRDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvxHkhF7KjXLsqLQK/qQMKdqkW
kCNmeA63y7H4MzR4I7claJWLz0/8MI0+yWh22nIaqkWqa4AKE6IAY2g2Wqw7VrQ4
EZbX/e98DAZ3mKZ1uPT0wrOyJSqIsFbxxW1FkeO/I9PWMZqaR6aUFWEOYizqah+4
wy5tkyi5Z5h+zaY+5juKMS0LY1CdUplD8FquiosVtLj5sfgg0s5WL2MLEV9IEt3N
1u1E6HANZa5G7x5vv8PLPHTQEGNEHjDPcfU7GaP94fVd4ShkFKj4isjUN6iGvEQu
V6ZYfg7/yh68HPMu4+9E3421p6YWTu/gPA7ES9S8sAFHnMIa4IrNbtcxwvZdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUozBXxDqKN+37KMzXsKdCkjvTINQwHwYDVR0j
BBgwFoAUOKk8gezTCOanYycXBFs9NRUBIPgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTgyYzY1YjktNzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZm
OWI4LzAvMzhBOTNDODFFQ0QzMDhFNkE3NjMyNzE3MDQ1QjNEMzUxNTAxMjBGOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL09LazhnZXpUQ09hbll5Y1hCRnM5TlJV
QklQZy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTgyYzY1Yjkt
NzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZmOWI4LzAvMzEzODM1MmUzNTM4MmUzMTM1
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMzM0Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5Op0wDQYJKoZIhvcNAQELBQADggEBAGJpU5uqywrX7uAZoqsdjd2G1jYVt/eQ
JPclsDS3qoytHiWimtjE/bqUuXZRSoYDpZUAVdcBGJmzUmk2tpAn0JEsNj/amRNa
btVHcL6npO/s75380ZoHmbiyFasmZJfrFe3nCPHKdiw2sl2Il2VcBmDmWAj1najd
+qzf7ZMhCHIkgAecBi7bUJbDsnrRw21P47XG4UA0exCmB+ChyqWO7KEQb2nOEUsc
sAI8Z1nijCTjT5EoIafKjRhKYNz7Ynzvm2lJOwtZddbtO9rNMw8RTi6DueDMukeo
4SE2ZNfAnLXAA8M9xmWzP/Uxo3W0NEi9CD0osXeG3NuKL4bvYVRiNV8=
-----END CERTIFICATE-----
Generated at Thu Apr 17 03:21:20 2025 by rpki-client