Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230322e302f32342d3234203d3e20323130303330.roa
File: 3138352e3232392e3230322e302f32342d3234203d3e20323130303330.roa (raw, json)
Hash identifier: fyEm36B55a1pd4HLESzxtTjALoxzu4leetK2j/pzqHY=
Subject key identifier: AF:C1:34:52:E7:5C:43:20:8D:E9:B6:D5:8E:BA:BB:30:94:EE:E7:75
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 02FD38A2445A73D3434823D78CAD798DD4B8105C
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230322e302f32342d3234203d3e20323130303330.roa
Signing time: Fri 07 Feb 2025 19:53:53 +0000
ROA not before: Fri 07 Feb 2025 19:48:53 +0000
ROA not after: Fri 06 Feb 2026 19:53:53 +0000
asID: 210030
IP address blocks: 185.229.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:fd:38:a2:44:5a:73:d3:43:48:23:d7:8c:ad:79:8d:d4:b8:10:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Feb 7 19:48:53 2025 GMT
Not After : Feb 6 19:53:53 2026 GMT
Subject: CN=AFC13452E75C43208DE9B6D58EBABB3094EEE775
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d1:9b:bb:2d:67:34:70:d8:74:0b:80:4d:f5:
83:ab:f3:97:50:27:71:0d:dd:7f:81:4d:61:81:de:
be:05:7a:b3:21:d9:74:87:b5:30:c9:fd:4d:05:27:
73:8d:a2:22:45:6b:ca:2d:91:60:3e:01:6b:17:5f:
5e:3a:12:ad:33:42:ec:75:24:82:cd:30:7c:00:da:
47:e5:3c:91:d4:3c:9b:42:37:0f:f1:bb:e9:15:ec:
50:52:2d:d6:b7:4e:95:f4:ac:c1:75:c4:d8:b6:b3:
1b:44:83:52:60:4a:61:05:e7:40:35:ac:11:29:ff:
36:4b:e1:a0:47:3b:82:44:d1:1b:df:41:8c:d2:18:
9d:dc:4f:05:22:4b:b3:95:c2:f9:2a:7d:04:22:17:
b3:38:29:b2:fc:83:87:d2:69:cc:08:ad:7a:ef:01:
77:62:20:61:db:3a:ff:94:2e:ef:6d:d9:93:0d:95:
58:94:b2:e4:1b:c9:57:f9:ab:2c:dd:fd:60:7c:03:
14:eb:ab:bd:38:64:b8:da:53:91:a7:a1:45:95:1c:
fc:88:58:bd:11:3a:f3:cf:dc:de:7c:c5:2f:10:b1:
89:70:e3:24:3e:62:8a:0f:a2:ae:79:19:1d:13:97:
81:c3:98:4b:24:c8:a2:a0:e9:f9:13:b9:ff:69:10:
61:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:C1:34:52:E7:5C:43:20:8D:E9:B6:D5:8E:BA:BB:30:94:EE:E7:75
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230322e302f32342d3234203d3e20323130303330.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.202.0/24
Signature Algorithm: sha256WithRSAEncryption
96:21:cf:69:c6:65:e6:8a:60:b8:fa:25:06:c6:b8:56:67:19:
2c:32:e9:89:cc:a3:ae:1d:4d:32:2a:2c:a2:47:33:aa:85:47:
89:f3:1f:96:6f:2b:9d:e1:d6:60:fa:68:72:be:07:e8:de:1d:
5a:89:62:07:25:e6:70:89:83:c2:e6:b6:90:38:d2:78:5f:05:
d5:23:78:cd:0d:a0:cd:33:a2:b2:f1:63:08:3f:af:76:17:63:
85:98:47:28:9d:c9:d9:75:42:ec:f1:a2:44:ee:ec:3a:dd:c9:
5a:e8:3e:70:5f:b3:05:ba:98:92:0e:1e:00:1d:a9:87:e8:d3:
e2:80:66:ab:5a:1d:e8:5f:f3:02:df:a9:cb:2e:2a:72:bb:68:
e7:e9:c6:ec:1e:bd:b5:9b:2c:66:81:a8:b6:64:4d:10:e6:20:
ad:be:66:fa:4c:72:19:ce:3c:e9:1a:5d:80:d4:a8:81:97:89:
7c:31:8d:e6:37:70:ee:5f:52:eb:1f:92:93:65:fa:73:ce:bd:
0d:cc:ea:71:bc:42:36:2c:85:24:df:53:7d:e3:5d:78:c9:47:
01:65:09:12:10:41:06:3d:bd:e8:07:32:13:ca:d7:c5:d2:ac:
79:2f:d2:ce:15:d5:3f:b2:59:58:5d:56:20:80:b5:aa:73:75:
71:a0:23:2a
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUAv04okRac9NDSCPXjK15jdS4EFwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNTAyMDcxOTQ4NTNaFw0yNjAyMDYxOTUzNTNaMDMxMTAvBgNV
BAMTKEFGQzEzNDUyRTc1QzQzMjA4REU5QjZENThFQkFCQjMwOTRFRUU3NzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDF0Zu7LWc0cNh0C4BN9YOr85dQ
J3EN3X+BTWGB3r4FerMh2XSHtTDJ/U0FJ3ONoiJFa8otkWA+AWsXX146Eq0zQux1
JILNMHwA2kflPJHUPJtCNw/xu+kV7FBSLda3TpX0rMF1xNi2sxtEg1JgSmEF50A1
rBEp/zZL4aBHO4JE0RvfQYzSGJ3cTwUiS7OVwvkqfQQiF7M4KbL8g4fSacwIrXrv
AXdiIGHbOv+ULu9t2ZMNlViUsuQbyVf5qyzd/WB8AxTrq704ZLjaU5GnoUWVHPyI
WL0ROvPP3N58xS8QsYlw4yQ+YooPoq55GR0Tl4HDmEskyKKg6fkTuf9pEGGXAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUr8E0UudcQyCN6bbVjrq7MJTu53UwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjMyMzkyZTMy
MzAzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMDMwMzMzMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnlyjANBgkqhkiG9w0BAQsFAAOCAQEAliHPacZl5opguPolBsa4VmcZLDLp
icyjrh1NMiosokczqoVHifMflm8rneHWYPpocr4H6N4dWoliByXmcImDwua2kDjS
eF8F1SN4zQ2gzTOisvFjCD+vdhdjhZhHKJ3J2XVC7PGiRO7sOt3JWug+cF+zBbqY
kg4eAB2ph+jT4oBmq1od6F/zAt+pyy4qcrto5+nG7B69tZssZoGotmRNEOYgrb5m
+kxyGc486RpdgNSogZeJfDGN5jdw7l9S6x+Sk2X6c869DczqcbxCNiyFJN9TfeNd
eMlHAWUJEhBBBj296AcyE8rXxdKseS/SzhXVP7JZWF1WIIC1qnN1caAjKg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:37:33 2025 by rpki-client