Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137322e302f32342d3234203d3e20313939373630.roa
File: 3138352e3137322e3137322e302f32342d3234203d3e20313939373630.roa (raw, json)
Hash identifier: xsJt4oTmPhCdAvrpx0antc9/UgRgzS7zjCCjxEq+PdQ=
Subject key identifier: 29:0B:4A:E7:E2:5F:DA:27:44:D7:D6:D1:6D:EB:C0:D1:E9:FC:73:43
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: D849411E7A6807BE2C5EDAD237AB1C8B2A113D
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137322e302f32342d3234203d3e20313939373630.roa
Signing time: Thu 13 Mar 2025 15:47:58 +0000
ROA not before: Thu 13 Mar 2025 15:42:58 +0000
ROA not after: Thu 12 Mar 2026 15:47:58 +0000
asID: 199760
IP address blocks: 185.172.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
d8:49:41:1e:7a:68:07:be:2c:5e:da:d2:37:ab:1c:8b:2a:11:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Mar 13 15:42:58 2025 GMT
Not After : Mar 12 15:47:58 2026 GMT
Subject: CN=290B4AE7E25FDA2744D7D6D16DEBC0D1E9FC7343
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:02:af:97:47:88:c8:14:f2:2d:d9:ef:58:5c:
b1:df:f4:37:9d:dd:6a:7d:2e:b6:d5:4e:dd:c9:67:
ed:c5:32:48:d1:3c:3f:ca:6b:59:2a:d3:56:27:e1:
bc:b1:5d:69:81:57:75:93:76:4e:70:d5:b1:77:47:
91:ac:69:8c:25:e1:38:8f:93:97:24:f0:aa:af:73:
e6:ae:5b:7e:a9:51:2e:19:a1:2c:9e:0e:76:3c:62:
ab:8b:f3:26:c7:e3:c2:5b:db:0d:81:a0:40:e9:3b:
0d:76:4d:a2:cb:cd:ac:ad:23:99:06:5d:6c:50:89:
8f:a0:06:04:b9:e2:21:63:86:37:9e:be:1a:d3:ed:
95:3a:ad:53:9f:7b:3f:4d:8d:78:96:55:d7:18:20:
d1:ec:77:5c:fe:25:6b:d2:bc:a8:d7:35:62:eb:b3:
9c:96:43:0d:8d:b6:2c:03:ff:bd:c3:fe:ef:7b:b7:
c2:6a:14:31:d3:e9:46:8f:b0:56:89:2e:c9:5a:0b:
f0:ec:61:76:4d:3c:f0:30:cd:0a:11:6c:f1:4b:b7:
ec:cc:d7:0d:02:1d:bd:83:8d:a1:5b:75:74:1b:52:
1b:30:c5:05:c4:2d:8d:f1:35:b6:9f:26:c0:0f:5a:
bf:4e:25:f9:10:fa:38:41:54:6a:a2:00:c6:ea:3b:
59:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:0B:4A:E7:E2:5F:DA:27:44:D7:D6:D1:6D:EB:C0:D1:E9:FC:73:43
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137322e302f32342d3234203d3e20313939373630.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.172.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:c8:27:34:5b:76:c4:47:4c:c6:02:13:bf:03:90:40:77:1d:
ab:16:3e:4c:a1:f9:69:f9:7c:22:c0:0a:ac:73:e3:56:99:f6:
92:b5:89:af:08:d6:35:cf:33:c9:31:ef:5f:a9:3f:b0:81:7a:
7a:39:22:58:4e:9f:1b:c8:6a:9d:e6:35:51:7f:7b:59:80:fa:
ac:de:72:d3:81:57:f9:6b:9c:1b:1a:07:f5:a2:d7:5e:97:fb:
70:e8:28:c6:ca:83:cc:1a:0e:0b:fc:02:59:0e:eb:aa:c0:f4:
0f:7e:0a:61:ff:56:e9:66:d9:d9:86:c9:27:14:6c:cf:00:8a:
eb:6b:10:5c:13:f9:ee:42:b8:c3:9f:14:85:29:11:b3:fa:c3:
a0:4b:4f:c6:28:28:92:7d:5c:14:2a:4d:bf:bf:53:4d:25:f7:
2f:ef:f0:25:84:ef:c7:74:9a:5b:e8:43:dd:9a:45:30:ea:c3:
d0:e5:88:db:a5:97:80:e4:7b:29:1a:cd:d3:50:00:5d:f5:5a:
67:e4:7b:7a:fa:b0:7d:6d:fd:64:bf:fd:96:0b:51:e6:64:6f:
7a:2f:8e:fe:ed:da:14:55:fc:7b:12:24:d6:b2:d3:2c:c7:f2:
d8:98:8c:18:38:63:fc:f5:d9:72:87:c7:55:ac:35:32:7c:74:
f7:ab:cf:c8
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUANhJQR56aAe+LF7a0jerHIsqET0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTAzMTMxNTQyNThaFw0yNjAzMTIxNTQ3NThaMDMxMTAvBgNV
BAMTKDI5MEI0QUU3RTI1RkRBMjc0NEQ3RDZEMTZERUJDMEQxRTlGQzczNDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsAq+XR4jIFPIt2e9YXLHf9Ded
3Wp9LrbVTt3JZ+3FMkjRPD/Ka1kq01Yn4byxXWmBV3WTdk5w1bF3R5GsaYwl4TiP
k5ck8Kqvc+auW36pUS4ZoSyeDnY8YquL8ybH48Jb2w2BoEDpOw12TaLLzaytI5kG
XWxQiY+gBgS54iFjhjeevhrT7ZU6rVOfez9NjXiWVdcYINHsd1z+JWvSvKjXNWLr
s5yWQw2NtiwD/73D/u97t8JqFDHT6UaPsFaJLslaC/DsYXZNPPAwzQoRbPFLt+zM
1w0CHb2DjaFbdXQbUhswxQXELY3xNbafJsAPWr9OJfkQ+jhBVGqiAMbqO1nhAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUKQtK5+Jf2idE19bRbevA0en8c0MwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzODM1MmUzMTM3MzIyZTMx
MzczMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzkzOTM3MzYzMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALmsrDANBgkqhkiG9w0BAQsFAAOCAQEAwcgnNFt2xEdMxgITvwOQQHcdqxY+
TKH5afl8IsAKrHPjVpn2krWJrwjWNc8zyTHvX6k/sIF6ejkiWE6fG8hqneY1UX97
WYD6rN5y04FX+WucGxoH9aLXXpf7cOgoxsqDzBoOC/wCWQ7rqsD0D34KYf9W6WbZ
2YbJJxRszwCK62sQXBP57kK4w58UhSkRs/rDoEtPxigokn1cFCpNv79TTSX3L+/w
JYTvx3SaW+hD3ZpFMOrD0OWI26WXgOR7KRrN01AAXfVaZ+R7evqwfW39ZL/9lgtR
5mRvei+O/u3aFFX8exIk1rLTLMfy2JiMGDhj/PXZcofHVaw1Mnx096vPyA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:56:08 2025 by rpki-client