Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3131312e3138382e302f32342d3234203d3e203632353633.roa
File: 3138352e3131312e3138382e302f32342d3234203d3e203632353633.roa (raw, json)
Hash identifier: /OGL5Xocpa/mA4GEutGuQoiWc4p3DBj9VM0kpmdQZxo=
Subject key identifier: 20:27:29:03:AE:1A:6C:A0:D5:E2:A4:9B:DF:AA:76:46:42:50:2A:54
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 0E361718E09E33CFF0281523AAB358FEB0BB6521
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3131312e3138382e302f32342d3234203d3e203632353633.roa
Signing time: Mon 17 Feb 2025 18:53:55 +0000
ROA not before: Mon 17 Feb 2025 18:48:55 +0000
ROA not after: Mon 16 Feb 2026 18:53:55 +0000
asID: 62563
IP address blocks: 185.111.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:36:17:18:e0:9e:33:cf:f0:28:15:23:aa:b3:58:fe:b0:bb:65:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Feb 17 18:48:55 2025 GMT
Not After : Feb 16 18:53:55 2026 GMT
Subject: CN=20272903AE1A6CA0D5E2A49BDFAA764642502A54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:1a:7b:6b:e4:52:11:5b:14:0d:69:d0:a7:49:
5d:59:43:74:43:c7:a4:4a:3e:a4:f6:61:34:fe:d7:
02:92:a6:7f:ae:c2:49:f9:37:79:e0:e8:bd:1e:c0:
c0:03:59:52:28:d0:cd:61:41:78:8a:a1:cc:ea:9d:
97:13:18:d0:49:2d:64:3f:ec:5e:9c:01:4a:c6:95:
43:a5:0c:40:5a:e1:a9:83:d1:7f:5f:19:51:6e:88:
85:59:f9:b5:3c:94:af:cd:6b:df:c6:a0:fa:c3:82:
60:51:8e:93:5f:19:d4:f6:cc:8f:a5:a1:94:9e:42:
4a:11:ec:2a:40:08:14:66:92:a2:f4:97:f4:60:12:
e1:90:fb:0f:66:18:bf:02:a6:87:4d:08:df:91:47:
d6:8b:a2:8b:0e:7d:9b:e9:1c:e6:30:5a:08:99:a5:
3b:62:79:a4:92:dd:c6:4e:da:e1:08:a1:f0:33:eb:
b7:7c:c0:4c:29:97:1f:41:9e:3c:7d:5b:3a:bd:1f:
3a:e3:cb:60:b7:72:66:5a:d0:2b:13:b5:bc:29:85:
30:a0:5e:56:0f:19:df:8c:97:53:24:fc:52:74:16:
d1:44:7f:ee:0f:21:a5:ce:a4:09:33:70:bb:48:89:
87:0b:69:62:97:bd:64:30:a3:f7:75:2e:93:70:a3:
d5:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:27:29:03:AE:1A:6C:A0:D5:E2:A4:9B:DF:AA:76:46:42:50:2A:54
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3131312e3138382e302f32342d3234203d3e203632353633.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.188.0/24
Signature Algorithm: sha256WithRSAEncryption
36:67:cf:1b:9a:2d:f8:ee:bb:d6:12:40:bf:87:fb:86:ca:03:
d1:25:5d:c6:00:e2:9b:87:f4:46:a8:1d:90:8c:e1:43:bc:9b:
f5:19:77:32:39:e5:fe:c7:a2:f8:76:ce:12:c1:34:d0:bd:8f:
52:39:09:fa:18:eb:00:5c:d6:8f:5e:04:a6:ec:6b:d9:cb:62:
01:a7:44:bd:65:0d:84:ef:cc:ce:6e:78:5c:d8:f7:d5:36:b9:
ae:b8:d7:76:e0:05:15:ca:52:18:54:aa:49:74:f7:07:2d:17:
7d:96:79:40:0a:89:34:20:42:c9:7b:06:b9:1b:61:ba:9b:5c:
69:50:15:b7:11:0f:3b:fe:fc:a2:12:82:39:a7:0d:a1:1e:ef:
78:70:a1:63:f7:57:cd:98:cc:14:17:ae:fa:98:5b:0f:7d:30:
59:96:8c:db:c5:df:84:d6:b0:0d:00:f3:19:8d:f8:69:83:f3:
e2:0e:0b:3b:8d:b9:33:76:5a:b8:7c:aa:cd:c7:26:ad:f4:91:
73:07:7f:0e:e4:c2:50:67:52:fe:0f:8f:43:d8:75:ba:4b:03:
d8:c8:c7:4c:27:1e:0f:72:b0:5e:e8:d3:72:0e:c0:3e:4b:ca:
0d:15:39:27:88:a6:67:ac:59:c6:6e:27:a3:34:b5:9d:04:bc:
bf:69:e9:68
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUDjYXGOCeM8/wKBUjqrNY/rC7ZSEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNTAyMTcxODQ4NTVaFw0yNjAyMTYxODUzNTVaMDMxMTAvBgNV
BAMTKDIwMjcyOTAzQUUxQTZDQTBENUUyQTQ5QkRGQUE3NjQ2NDI1MDJBNTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrGntr5FIRWxQNadCnSV1ZQ3RD
x6RKPqT2YTT+1wKSpn+uwkn5N3ng6L0ewMADWVIo0M1hQXiKoczqnZcTGNBJLWQ/
7F6cAUrGlUOlDEBa4amD0X9fGVFuiIVZ+bU8lK/Na9/GoPrDgmBRjpNfGdT2zI+l
oZSeQkoR7CpACBRmkqL0l/RgEuGQ+w9mGL8CpodNCN+RR9aLoosOfZvpHOYwWgiZ
pTtieaSS3cZO2uEIofAz67d8wEwplx9Bnjx9Wzq9Hzrjy2C3cmZa0CsTtbwphTCg
XlYPGd+Ml1Mk/FJ0FtFEf+4PIaXOpAkzcLtIiYcLaWKXvWQwo/d1LpNwo9UjAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUICcpA64abKDV4qSb36p2RkJQKlQwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMTMxMzEyZTMx
MzgzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzIzNTM2MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5b7wwDQYJKoZIhvcNAQELBQADggEBADZnzxuaLfjuu9YSQL+H+4bKA9ElXcYA
4puH9EaoHZCM4UO8m/UZdzI55f7Hovh2zhLBNNC9j1I5CfoY6wBc1o9eBKbsa9nL
YgGnRL1lDYTvzM5ueFzY99U2ua6413bgBRXKUhhUqkl09wctF32WeUAKiTQgQsl7
BrkbYbqbXGlQFbcRDzv+/KISgjmnDaEe73hwoWP3V82YzBQXrvqYWw99MFmWjNvF
34TWsA0A8xmN+GmD8+IOCzuNuTN2Wrh8qs3HJq30kXMHfw7kwlBnUv4Pj0PYdbpL
A9jIx0wnHg9ysF7o03IOwD5Lyg0VOSeIpmesWcZuJ6M0tZ0EvL9p6Wg=
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:54:59 2025 by rpki-client