Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/3138352e3138312e322e302f32342d3234203d3e20323132363639.roa
File: 3138352e3138312e322e302f32342d3234203d3e20323132363639.roa (raw, json)
Hash identifier: AO/2wQxFVW1dCHNtgSdMO8qdA9TP6KJffP27Y2ywVzk=
Subject key identifier: 1E:6F:94:84:0B:17:C8:8D:8A:19:5E:00:98:5F:4D:3B:88:43:BD:39
Certificate issuer: /CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Certificate serial: 1B63B06ED29B642A9747ABA4BCA593566953A32D
Authority key identifier: 8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/3138352e3138312e322e302f32342d3234203d3e20323132363639.roa
Signing time: Tue 25 Mar 2025 13:53:58 +0000
ROA not before: Tue 25 Mar 2025 13:48:58 +0000
ROA not after: Tue 24 Mar 2026 13:53:58 +0000
asID: 212669
IP address blocks: 185.181.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.mft
rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:63:b0:6e:d2:9b:64:2a:97:47:ab:a4:bc:a5:93:56:69:53:a3:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Validity
Not Before: Mar 25 13:48:58 2025 GMT
Not After : Mar 24 13:53:58 2026 GMT
Subject: CN=1E6F94840B17C88D8A195E00985F4D3B8843BD39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:54:b2:a4:7d:b5:28:71:2d:60:76:33:75:17:
e6:3a:30:80:4a:1e:73:a4:89:b2:bb:19:75:72:27:
2c:cb:4d:c0:8c:34:71:1d:42:e9:19:5d:30:f9:bc:
a6:ab:6d:ab:cf:2f:1e:0b:fe:05:af:cb:55:2a:aa:
58:25:a3:67:16:69:d8:e0:b4:0f:f8:52:13:5c:d9:
ee:79:bf:63:80:f7:75:69:d1:47:6a:c8:08:10:30:
08:0d:c5:5a:8f:18:f1:77:87:8e:42:93:95:7a:3e:
a3:f4:22:f5:db:40:f4:e5:d1:8f:aa:4c:10:87:89:
f8:77:61:00:14:5d:6f:df:5e:13:5f:e2:79:6b:09:
c4:5f:c0:14:c2:db:ab:e7:e5:12:5f:00:66:2e:58:
07:49:66:7e:55:06:3f:20:48:98:db:25:1c:6c:cf:
fd:b6:46:67:be:cb:fd:7e:9e:17:5d:99:96:a0:25:
c9:8e:67:63:b3:65:51:31:83:80:3e:3e:f7:55:4b:
13:a8:bf:ed:38:e2:88:4d:c4:bd:e9:8e:de:d8:9a:
77:0f:13:ad:90:0a:13:d4:07:2d:71:ed:a9:e8:b4:
20:1d:ca:99:b7:87:9f:87:65:85:08:01:e1:eb:73:
90:26:8b:25:6f:68:fe:2c:c6:c8:5c:51:a3:53:bf:
fe:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:6F:94:84:0B:17:C8:8D:8A:19:5E:00:98:5F:4D:3B:88:43:BD:39
X509v3 Authority Key Identifier:
keyid:8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/3138352e3138312e322e302f32342d3234203d3e20323132363639.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.181.2.0/24
Signature Algorithm: sha256WithRSAEncryption
14:1f:54:50:29:ce:62:d7:3f:41:ea:4c:07:03:4f:a9:c1:01:
c8:81:00:93:55:c0:53:de:fd:f4:7f:93:c2:89:4d:e6:f0:7e:
50:71:96:f6:22:9a:9c:73:f8:46:8b:00:27:b1:f6:b9:be:aa:
1a:a7:87:d3:c2:e5:c4:60:3d:2e:e1:ed:00:9e:16:f8:6c:31:
47:de:94:b1:e6:01:c6:c8:7b:c6:04:25:b6:18:d1:32:45:61:
d7:b5:78:ae:a3:67:cb:4e:87:24:c6:0e:b7:78:5a:0d:d3:54:
f0:cb:7e:64:28:2c:99:f9:48:b7:8a:72:10:df:38:77:38:d5:
fb:2e:4e:19:f6:30:1f:39:2c:ab:22:ce:30:a4:32:89:03:74:
cd:42:94:4e:73:ce:a6:a0:9a:cd:5a:4a:b9:8e:b0:5b:af:62:
04:37:93:89:2a:9f:f5:22:b9:b9:2f:67:6f:63:dc:c6:33:28:
99:ba:69:c1:50:b4:c9:70:9f:47:65:b6:ef:c7:cb:c9:13:f0:
7d:05:a8:31:ff:a6:ea:ec:57:33:6b:50:df:68:fd:97:4f:08:
2b:9c:c9:43:f5:83:03:ea:ba:8c:26:ca:23:0a:95:0e:da:54:
68:94:01:3d:fe:46:89:d3:ba:28:76:1a:fd:5e:b6:a0:f3:d4:
69:5f:bf:0e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUG2OwbtKbZCqXR6ukvKWTVmlToy0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGY0Y2U3NzIyZjk5MDc1ZDk0NzM4YjdlNjEwNzA0MDEy
NjllYjNkNjAeFw0yNTAzMjUxMzQ4NThaFw0yNjAzMjQxMzUzNThaMDMxMTAvBgNV
BAMTKDFFNkY5NDg0MEIxN0M4OEQ4QTE5NUUwMDk4NUY0RDNCODg0M0JEMzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8VLKkfbUocS1gdjN1F+Y6MIBK
HnOkibK7GXVyJyzLTcCMNHEdQukZXTD5vKarbavPLx4L/gWvy1Uqqlglo2cWadjg
tA/4UhNc2e55v2OA93Vp0UdqyAgQMAgNxVqPGPF3h45Ck5V6PqP0IvXbQPTl0Y+q
TBCHifh3YQAUXW/fXhNf4nlrCcRfwBTC26vn5RJfAGYuWAdJZn5VBj8gSJjbJRxs
z/22Rme+y/1+nhddmZagJcmOZ2OzZVExg4A+PvdVSxOov+044ohNxL3pjt7YmncP
E62QChPUBy1x7anotCAdypm3h5+HZYUIAeHrc5AmiyVvaP4sxshcUaNTv/6tAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUHm+UhAsXyI2KGV4AmF9NO4hDvTkwHwYDVR0j
BBgwFoAUj0znci+ZB12Uc4t+YQcEASaes9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUtNTExMC00MjU3LTk0ZWYtNGQyYjQzODg0
MDQwLzAvOEY0Q0U3NzIyRjk5MDc1RDk0NzM4QjdFNjEwNzA0MDEyNjlFQjNENi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2owem5jaS1aQjEyVWM0dC1ZUWNFQVNh
ZXM5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUt
NTExMC00MjU3LTk0ZWYtNGQyYjQzODg0MDQwLzAvMzEzODM1MmUzMTM4MzEyZTMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzYzNjM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ubUCMA0GCSqGSIb3DQEBCwUAA4IBAQAUH1RQKc5i1z9B6kwHA0+pwQHIgQCTVcBT
3v30f5PCiU3m8H5QcZb2Ipqcc/hGiwAnsfa5vqoap4fTwuXEYD0u4e0Anhb4bDFH
3pSx5gHGyHvGBCW2GNEyRWHXtXiuo2fLTockxg63eFoN01Twy35kKCyZ+Ui3inIQ
3zh3ONX7Lk4Z9jAfOSyrIs4wpDKJA3TNQpROc86moJrNWkq5jrBbr2IEN5OJKp/1
Irm5L2dvY9zGMyiZumnBULTJcJ9HZbbvx8vJE/B9Bagx/6bq7Fcza1DfaP2XTwgr
nMlD9YMD6rqMJsojCpUO2lRolAE9/kaJ07oodhr9Xrag89RpX78O
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:17:30 2025 by rpki-client