Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234302e302f32342d3234203d3e20323135373033.roa
File: 3138352e3231332e3234302e302f32342d3234203d3e20323135373033.roa (raw, json)
Hash identifier: 5U9kh/Q1+pD8ktgLTSH2rTlmtF2qNT/hbi1XnCHITmo=
Subject key identifier: B0:2B:2F:0C:18:14:AA:36:98:EB:69:2D:C8:BA:12:F7:13:D9:E6:31
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 3CD81F888B782BC3880DD964CA514DB4F84A9ABE
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234302e302f32342d3234203d3e20323135373033.roa
Signing time: Sun 11 May 2025 17:34:37 +0000
ROA not before: Sun 11 May 2025 17:29:37 +0000
ROA not after: Sun 10 May 2026 17:34:37 +0000
asID: 215703
IP address blocks: 185.213.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 02:44:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:d8:1f:88:8b:78:2b:c3:88:0d:d9:64:ca:51:4d:b4:f8:4a:9a:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: May 11 17:29:37 2025 GMT
Not After : May 10 17:34:37 2026 GMT
Subject: CN=B02B2F0C1814AA3698EB692DC8BA12F713D9E631
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:14:b9:dc:39:8b:cb:e4:46:9f:10:c4:9c:da:
37:df:03:8d:67:1c:15:a8:f4:b8:b6:1d:45:65:69:
73:e3:89:c2:95:33:67:53:ae:97:8b:3f:c4:a6:12:
cf:ef:3a:39:e9:e5:50:b1:46:79:ea:d5:33:64:ea:
fb:c8:60:2e:c9:e8:d4:db:dc:d4:aa:f1:6e:9d:4e:
d0:68:da:78:01:df:24:c9:8d:e2:c7:a4:a7:f3:8f:
aa:e1:e6:68:72:50:70:d1:56:d8:07:e3:e0:5c:ed:
77:f9:8b:81:b6:05:d4:5b:19:71:fc:df:95:42:b5:
b5:e5:f7:0e:96:3c:92:16:5a:25:4e:24:ea:e1:a8:
65:20:29:15:27:47:e7:90:c4:ce:ed:92:58:d7:ac:
fe:c7:04:e5:d5:7b:a9:c8:e8:f0:d9:a4:a6:0c:ea:
99:9f:0b:9b:a1:eb:cd:6e:d5:73:67:6f:fb:9b:97:
b3:20:a8:8e:92:9c:a4:51:6a:b4:55:6f:af:d9:13:
ab:83:b2:f2:5d:b2:33:53:7e:7a:5e:b6:1b:50:ff:
ae:da:2b:1d:ca:d9:8f:5d:e6:a5:44:5d:fa:6e:32:
cb:e0:3a:07:2b:a5:05:f0:cb:c1:60:04:10:3c:40:
73:dc:2c:e1:d7:0a:38:73:25:18:98:79:42:d9:3a:
2c:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:2B:2F:0C:18:14:AA:36:98:EB:69:2D:C8:BA:12:F7:13:D9:E6:31
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234302e302f32342d3234203d3e20323135373033.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.240.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:cc:a7:e2:5d:48:79:9a:f1:4b:ce:59:5b:fb:61:74:4c:ef:
0d:43:ed:20:a5:ae:65:82:8d:2e:35:8d:dc:bb:27:23:23:d8:
1c:e3:98:32:45:15:ba:0d:7b:2b:4c:ea:18:78:57:28:b7:1c:
5f:08:6f:ac:a3:af:b0:a2:55:6e:74:cb:7a:fc:df:27:e3:cf:
e2:fd:20:c3:71:52:2d:64:06:e1:b4:b6:9f:fc:13:cd:db:42:
31:13:c5:d8:6d:cc:0d:37:0b:f4:d5:91:26:8c:33:5f:f5:03:
a3:86:3a:99:ee:83:1b:b6:13:0e:aa:82:50:1d:07:bc:69:de:
19:42:fc:a3:c5:17:0b:85:b2:66:bd:0f:43:23:4c:bb:1b:ac:
a4:5b:cc:7c:cd:e7:a9:d1:55:cb:9a:5f:7f:54:5f:3f:16:8a:
c4:ac:b3:34:a0:08:14:8e:c6:47:72:26:de:97:15:cf:f1:9e:
d1:da:53:51:8c:76:19:86:c3:73:bf:c2:f6:89:fd:91:b0:51:
ab:2f:10:e1:1d:10:35:ee:92:dc:ce:e2:a6:93:1c:23:71:ad:
c7:55:3c:52:70:23:f2:11:15:d9:c0:12:e1:66:b1:b3:bb:77:
2f:fa:2d:c1:62:ab:be:9a:ae:ce:b7:00:56:03:ef:c8:af:ed:
03:8d:6d:96
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUPNgfiIt4K8OIDdlkylFNtPhKmr4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNTA1MTExNzI5MzdaFw0yNjA1MTAxNzM0MzdaMDMxMTAvBgNV
BAMTKEIwMkIyRjBDMTgxNEFBMzY5OEVCNjkyREM4QkExMkY3MTNEOUU2MzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRFLncOYvL5EafEMSc2jffA41n
HBWo9Li2HUVlaXPjicKVM2dTrpeLP8SmEs/vOjnp5VCxRnnq1TNk6vvIYC7J6NTb
3NSq8W6dTtBo2ngB3yTJjeLHpKfzj6rh5mhyUHDRVtgH4+Bc7Xf5i4G2BdRbGXH8
35VCtbXl9w6WPJIWWiVOJOrhqGUgKRUnR+eQxM7tkljXrP7HBOXVe6nI6PDZpKYM
6pmfC5uh681u1XNnb/ubl7MgqI6SnKRRarRVb6/ZE6uDsvJdsjNTfnpethtQ/67a
Kx3K2Y9d5qVEXfpuMsvgOgcrpQXwy8FgBBA8QHPcLOHXCjhzJRiYeULZOix7AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUsCsvDBgUqjaY62ktyLoS9xPZ5jEwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjMxMzMyZTMy
MzQzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNTM3MzAzMy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnV8DANBgkqhkiG9w0BAQsFAAOCAQEAa8yn4l1IeZrxS85ZW/thdEzvDUPt
IKWuZYKNLjWN3LsnIyPYHOOYMkUVug17K0zqGHhXKLccXwhvrKOvsKJVbnTLevzf
J+PP4v0gw3FSLWQG4bS2n/wTzdtCMRPF2G3MDTcL9NWRJowzX/UDo4Y6me6DG7YT
DqqCUB0HvGneGUL8o8UXC4WyZr0PQyNMuxuspFvMfM3nqdFVy5pff1RfPxaKxKyz
NKAIFI7GR3Im3pcVz/Ge0dpTUYx2GYbDc7/C9on9kbBRqy8Q4R0QNe6S3M7ippMc
I3Gtx1U8UnAj8hEV2cAS4Waxs7t3L/otwWKrvpquzrcAVgPvyK/tA41tlg==
-----END CERTIFICATE-----
Generated at Fri Jun 6 13:46:26 2025 by rpki-client