Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/3138352e3138312e332e302f32342d3234203d3e20323030303137.roa
File: 3138352e3138312e332e302f32342d3234203d3e20323030303137.roa (raw, json)
Hash identifier: yu4VS8d4SOotNR90wp+Yzh042rOQsTRk/ltNPBkKiBs=
Subject key identifier: D3:07:AB:27:BD:0C:BD:1D:D6:96:24:A9:48:BD:83:5C:DD:68:A2:A7
Certificate issuer: /CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Certificate serial: 578E986CBA2C944764D819C2D779B99CB9681B88
Authority key identifier: 8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/3138352e3138312e332e302f32342d3234203d3e20323030303137.roa
Signing time: Tue 25 Mar 2025 13:53:58 +0000
ROA not before: Tue 25 Mar 2025 13:48:58 +0000
ROA not after: Tue 24 Mar 2026 13:53:58 +0000
asID: 200017
IP address blocks: 185.181.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.mft
rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 18:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:8e:98:6c:ba:2c:94:47:64:d8:19:c2:d7:79:b9:9c:b9:68:1b:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Validity
Not Before: Mar 25 13:48:58 2025 GMT
Not After : Mar 24 13:53:58 2026 GMT
Subject: CN=D307AB27BD0CBD1DD69624A948BD835CDD68A2A7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:65:3e:9f:6c:86:99:de:4f:f3:4a:48:51:4c:
7c:6c:4d:e2:10:a5:49:01:d2:0a:c3:60:59:cb:08:
79:0f:ba:e4:b3:6f:b4:93:00:9d:2e:81:91:43:11:
4a:a6:f7:35:b2:03:1b:89:6f:f1:88:fc:bb:13:cc:
ba:c2:02:7f:7e:a3:5d:48:3b:aa:5d:2e:c3:53:16:
9b:00:1f:48:b6:25:52:cc:c4:26:23:ec:4b:30:6f:
a7:59:cb:d6:ee:51:92:b5:9d:6c:9e:1d:a4:96:30:
5c:74:c3:25:87:c1:ac:87:df:07:98:10:c9:c3:06:
ee:7d:5f:45:58:2e:d7:3c:1d:51:b4:36:8e:32:07:
39:7e:1b:a4:d9:75:16:f0:c3:a8:6f:a1:e0:04:22:
11:a7:e9:0b:e4:62:93:2c:4a:ec:38:26:86:88:39:
89:07:22:e2:bf:8e:5e:66:90:71:76:45:73:89:1d:
cc:e1:ce:70:03:ba:0c:80:cb:62:37:60:ab:76:d7:
22:23:61:62:93:8a:57:94:7b:cc:ab:7c:13:0f:dc:
8b:78:c3:df:91:fa:b5:88:15:75:f6:9b:a8:cd:53:
5e:37:9d:89:c8:87:10:8a:76:8d:1b:ff:d5:96:b0:
19:f7:bf:d2:97:77:95:cd:21:86:d1:ad:25:23:db:
36:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:07:AB:27:BD:0C:BD:1D:D6:96:24:A9:48:BD:83:5C:DD:68:A2:A7
X509v3 Authority Key Identifier:
keyid:8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/3138352e3138312e332e302f32342d3234203d3e20323030303137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.181.3.0/24
Signature Algorithm: sha256WithRSAEncryption
29:a2:e7:07:5d:e6:26:18:07:60:75:dd:d0:1d:e3:68:be:44:
5c:2c:95:dd:44:fc:28:af:9a:a1:9f:bf:14:87:cc:cd:3f:da:
81:57:b4:f4:25:fd:8e:4f:47:16:0e:cc:5a:1d:1d:89:93:76:
ef:29:81:e6:d2:14:d1:44:ff:cf:fd:84:2a:64:6e:83:0e:f7:
8c:64:a8:4b:fe:2e:51:4f:c2:8f:bc:d6:09:22:fe:6e:cc:d4:
2b:d0:02:e3:60:a7:e4:62:13:42:34:1f:9b:6d:90:52:8f:88:
38:f4:70:d8:2a:f2:98:43:73:ad:99:ad:d0:98:93:39:d9:2b:
67:f3:4b:9b:a4:33:27:50:8d:b8:c9:cb:b5:fd:ad:3e:6a:ce:
b8:b4:27:f6:5b:30:a9:12:87:9d:2e:9d:fb:b2:46:84:34:60:
8a:0e:08:38:a7:18:80:0a:5d:bf:65:9f:b3:23:8c:73:00:43:
71:3b:ff:1e:e5:45:2a:09:1e:7d:ef:4f:f3:52:36:b5:e4:f5:
ad:32:b8:b7:9f:d7:fd:99:ed:93:8f:50:e6:f2:a1:85:e5:bd:
97:04:20:55:47:3a:8a:58:1a:45:c0:f7:fe:36:07:3f:b9:ff:
c7:01:bd:6f:17:52:3a:7a:72:36:31:eb:52:5f:ed:85:d4:f8:
e2:36:dd:52
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUV46YbLoslEdk2BnC13m5nLloG4gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGY0Y2U3NzIyZjk5MDc1ZDk0NzM4YjdlNjEwNzA0MDEy
NjllYjNkNjAeFw0yNTAzMjUxMzQ4NThaFw0yNjAzMjQxMzUzNThaMDMxMTAvBgNV
BAMTKEQzMDdBQjI3QkQwQ0JEMURENjk2MjRBOTQ4QkQ4MzVDREQ2OEEyQTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzZT6fbIaZ3k/zSkhRTHxsTeIQ
pUkB0grDYFnLCHkPuuSzb7STAJ0ugZFDEUqm9zWyAxuJb/GI/LsTzLrCAn9+o11I
O6pdLsNTFpsAH0i2JVLMxCYj7Eswb6dZy9buUZK1nWyeHaSWMFx0wyWHwayH3weY
EMnDBu59X0VYLtc8HVG0No4yBzl+G6TZdRbww6hvoeAEIhGn6QvkYpMsSuw4JoaI
OYkHIuK/jl5mkHF2RXOJHczhznADugyAy2I3YKt21yIjYWKTileUe8yrfBMP3It4
w9+R+rWIFXX2m6jNU143nYnIhxCKdo0b/9WWsBn3v9KXd5XNIYbRrSUj2zbbAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU0werJ70MvR3WliSpSL2DXN1ooqcwHwYDVR0j
BBgwFoAUj0znci+ZB12Uc4t+YQcEASaes9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUtNTExMC00MjU3LTk0ZWYtNGQyYjQzODg0
MDQwLzAvOEY0Q0U3NzIyRjk5MDc1RDk0NzM4QjdFNjEwNzA0MDEyNjlFQjNENi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2owem5jaS1aQjEyVWM0dC1ZUWNFQVNh
ZXM5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUt
NTExMC00MjU3LTk0ZWYtNGQyYjQzODg0MDQwLzAvMzEzODM1MmUzMTM4MzEyZTMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMwMzAzMTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ubUDMA0GCSqGSIb3DQEBCwUAA4IBAQApoucHXeYmGAdgdd3QHeNovkRcLJXdRPwo
r5qhn78Uh8zNP9qBV7T0Jf2OT0cWDsxaHR2Jk3bvKYHm0hTRRP/P/YQqZG6DDveM
ZKhL/i5RT8KPvNYJIv5uzNQr0ALjYKfkYhNCNB+bbZBSj4g49HDYKvKYQ3Otma3Q
mJM52Stn80ubpDMnUI24ycu1/a0+as64tCf2WzCpEoedLp37skaENGCKDgg4pxiA
Cl2/ZZ+zI4xzAENxO/8e5UUqCR5970/zUja15PWtMri3n9f9me2Tj1Dm8qGF5b2X
BCBVRzqKWBpFwPf+Ngc/uf/HAb1vF1I6enI2MetSX+2F1PjiNt1S
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:20:22 2025 by rpki-client