Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e3230352e3232302e302f32342d3234203d3e20323132333335.roa
File: 3138352e3230352e3232302e302f32342d3234203d3e20323132333335.roa (raw, json)
Hash identifier: 81KTwhjiz40gqR8OJ+xRNSsXrfDuGkHdZJasv/mwJtY=
Subject key identifier: 66:FE:FB:95:75:EC:AB:90:D5:BF:30:6A:43:F3:A4:9C:C2:57:F5:1D
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 7EEC90FA036F5BDA14AB95FC48734D5ACBBB6119
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e3230352e3232302e302f32342d3234203d3e20323132333335.roa
Signing time: Fri 10 Jan 2025 14:53:51 +0000
ROA not before: Fri 10 Jan 2025 14:48:51 +0000
ROA not after: Fri 09 Jan 2026 14:53:51 +0000
asID: 212335
IP address blocks: 185.205.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:ec:90:fa:03:6f:5b:da:14:ab:95:fc:48:73:4d:5a:cb:bb:61:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Jan 10 14:48:51 2025 GMT
Not After : Jan 9 14:53:51 2026 GMT
Subject: CN=66FEFB9575ECAB90D5BF306A43F3A49CC257F51D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:24:19:4f:49:66:50:65:35:65:1b:c1:94:a8:
a3:1f:cc:9a:12:f3:3c:34:38:9c:3d:e9:ff:81:4d:
f6:63:63:b6:07:bb:54:4b:16:8b:01:5f:c6:01:72:
bf:cd:c9:76:ad:74:13:fc:75:28:95:40:bd:b0:d4:
8e:c5:13:91:f8:d4:bb:39:8a:81:8a:74:3a:2b:45:
d4:4c:78:d2:e7:ed:d6:c1:87:1a:27:97:e2:3b:96:
08:fb:53:03:cc:40:4e:d6:38:1f:c7:90:74:0b:24:
d0:65:9b:99:6a:95:66:d3:65:78:c6:b7:28:11:6f:
cf:d4:53:2e:90:ff:5d:46:1f:96:f6:96:34:d0:9b:
e2:c3:97:d0:4b:d0:ec:28:07:7b:f5:39:79:d0:75:
60:78:c6:29:21:63:1b:7f:8f:2c:e9:98:61:9c:05:
6a:b9:d8:35:17:27:34:1c:08:b3:42:79:5c:fb:cf:
d9:4d:7a:45:9d:81:9e:d2:70:fa:e5:2f:b2:6b:8d:
ef:f2:c9:b0:44:68:a8:83:f9:e3:54:ba:a1:f7:9b:
1f:f8:49:f5:26:c8:87:55:78:b0:8e:6a:62:99:f9:
c6:98:f7:41:c4:d2:08:24:2d:a0:fc:77:e6:6e:8a:
7f:1e:10:df:5d:6e:12:5c:10:89:42:33:45:84:dd:
9b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:FE:FB:95:75:EC:AB:90:D5:BF:30:6A:43:F3:A4:9C:C2:57:F5:1D
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e3230352e3232302e302f32342d3234203d3e20323132333335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.205.220.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:72:91:f7:a3:07:10:4e:19:33:dd:42:06:7f:3f:2f:25:2c:
de:da:10:b8:20:91:26:ad:bc:ea:cf:2f:71:d1:e9:0b:c5:f6:
15:c4:de:68:72:bf:66:04:ab:4a:04:6b:30:30:54:b9:0d:2e:
62:0b:02:0b:39:85:be:4f:7b:c2:c1:f4:f9:66:37:5d:44:ff:
73:13:7e:19:e3:ee:eb:94:41:4f:7e:04:ac:5f:dd:70:34:af:
8d:a8:0d:9b:0a:e6:6e:bc:1e:2f:5e:16:20:ea:b4:d8:95:d2:
61:79:99:e8:d4:5b:31:3f:be:0b:89:9c:fa:2a:56:6b:ca:49:
04:d5:7b:c0:92:b0:99:d2:31:48:c8:44:a4:e8:ac:9e:e4:79:
d9:39:5d:c7:97:7a:7f:04:69:8f:5a:cf:29:83:b8:f6:1b:af:
42:5b:9d:3d:9f:63:ba:f8:08:f6:c7:c6:1e:6d:81:17:73:5e:
56:68:68:24:8f:27:d6:a0:9a:41:90:56:b5:38:ea:98:dc:05:
4b:5b:bd:a8:80:59:b9:46:0f:ef:df:30:c6:d9:6a:b4:2f:15:
e2:9b:02:84:76:0c:04:09:41:5c:96:2b:33:21:58:a3:99:c7:
0c:ea:1f:03:0f:73:66:02:60:2a:11:77:d0:de:66:5d:ce:96:
a9:44:1e:19
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUfuyQ+gNvW9oUq5X8SHNNWsu7YRkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNTAxMTAxNDQ4NTFaFw0yNjAxMDkxNDUzNTFaMDMxMTAvBgNV
BAMTKDY2RkVGQjk1NzVFQ0FCOTBENUJGMzA2QTQzRjNBNDlDQzI1N0Y1MUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZJBlPSWZQZTVlG8GUqKMfzJoS
8zw0OJw96f+BTfZjY7YHu1RLFosBX8YBcr/NyXatdBP8dSiVQL2w1I7FE5H41Ls5
ioGKdDorRdRMeNLn7dbBhxonl+I7lgj7UwPMQE7WOB/HkHQLJNBlm5lqlWbTZXjG
tygRb8/UUy6Q/11GH5b2ljTQm+LDl9BL0OwoB3v1OXnQdWB4xikhYxt/jyzpmGGc
BWq52DUXJzQcCLNCeVz7z9lNekWdgZ7ScPrlL7Jrje/yybBEaKiD+eNUuqH3mx/4
SfUmyIdVeLCOamKZ+caY90HE0ggkLaD8d+Zuin8eEN9dbhJcEIlCM0WE3ZuVAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUZv77lXXsq5DVvzBqQ/OknMJX9R0wHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzODM1MmUzMjMwMzUyZTMy
MzIzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMzMzMzNS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnN3DANBgkqhkiG9w0BAQsFAAOCAQEATHKR96MHEE4ZM91CBn8/LyUs3toQ
uCCRJq286s8vcdHpC8X2FcTeaHK/ZgSrSgRrMDBUuQ0uYgsCCzmFvk97wsH0+WY3
XUT/cxN+GePu65RBT34ErF/dcDSvjagNmwrmbrweL14WIOq02JXSYXmZ6NRbMT++
C4mc+ipWa8pJBNV7wJKwmdIxSMhEpOisnuR52Tldx5d6fwRpj1rPKYO49huvQlud
PZ9juvgI9sfGHm2BF3NeVmhoJI8n1qCaQZBWtTjqmNwFS1u9qIBZuUYP798wxtlq
tC8V4psChHYMBAlBXJYrMyFYo5nHDOofAw9zZgJgKhF30N5mXc6WqUQeGQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 05:22:22 2025 by rpki-client