Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3234342e39342e302f32342d3234203d3e20333937343233.roa
File: 3138352e3234342e39342e302f32342d3234203d3e20333937343233.roa (raw, json)
Hash identifier: RdOuxQjMUqkQryMcrXonWYYeJva5RY8rohAdG2ITJdw=
Subject key identifier: 99:E2:02:0A:E8:F2:B9:3E:21:23:DC:07:F4:B3:99:B3:58:05:17:D1
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 5E73696FE959EA790031C07D3D66A23618B46B78
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3234342e39342e302f32342d3234203d3e20333937343233.roa
Signing time: Tue 11 Feb 2025 13:53:55 +0000
ROA not before: Tue 11 Feb 2025 13:48:55 +0000
ROA not after: Tue 10 Feb 2026 13:53:55 +0000
asID: 397423
IP address blocks: 185.244.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 21:19:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:73:69:6f:e9:59:ea:79:00:31:c0:7d:3d:66:a2:36:18:b4:6b:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Feb 11 13:48:55 2025 GMT
Not After : Feb 10 13:53:55 2026 GMT
Subject: CN=99E2020AE8F2B93E2123DC07F4B399B3580517D1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d3:17:32:41:88:23:41:9d:e5:f8:5e:97:f2:
e7:4e:fa:26:fb:ab:23:dd:37:58:11:5b:7e:c7:62:
61:07:28:15:ad:8c:4f:e5:f5:c7:94:8e:11:41:d4:
f3:1c:30:64:79:f5:18:de:00:91:ee:a4:05:94:f9:
29:b5:9d:b0:93:12:f2:81:27:d6:94:af:ea:63:72:
ea:89:9c:97:ce:ba:1c:ce:18:48:da:28:a8:48:da:
49:f0:79:26:1e:7c:62:06:f2:9f:c3:d9:07:0b:79:
c4:80:98:88:79:76:2d:c1:ad:2d:74:a9:b8:0d:1a:
c6:2a:ea:90:9d:6a:ae:69:a9:7e:bc:1a:50:32:26:
05:b7:c5:21:e7:28:bb:8e:ca:77:9a:23:4b:36:4e:
dc:ea:12:d7:6a:e9:13:f1:d7:90:c8:e8:77:2d:9d:
21:36:3e:11:d3:52:a4:b1:93:08:2d:c6:86:ba:de:
45:04:f7:6d:4b:8d:84:50:26:7f:d8:2a:e7:7a:20:
7d:92:38:0c:be:7e:ed:00:86:f1:61:19:5d:4b:c8:
35:4d:5d:c2:5b:98:13:d1:c1:46:69:de:8d:ba:c7:
8e:e7:d3:c3:cc:99:c9:1d:89:b0:04:46:c5:e3:fa:
81:e8:14:bc:c1:bb:17:f8:d3:b3:05:93:c6:35:ff:
2d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:E2:02:0A:E8:F2:B9:3E:21:23:DC:07:F4:B3:99:B3:58:05:17:D1
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3234342e39342e302f32342d3234203d3e20333937343233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.244.94.0/24
Signature Algorithm: sha256WithRSAEncryption
d0:0c:e4:30:72:05:01:6b:96:9e:21:aa:85:1f:a5:ad:93:15:
e8:89:b7:e2:03:c3:25:dd:eb:e9:03:c4:7d:9b:ec:f6:89:a1:
78:ca:75:cd:4d:a6:d4:83:13:57:55:26:f7:26:35:7a:83:1c:
82:33:e5:c0:93:12:31:19:e2:2c:38:85:07:fe:34:81:e2:ce:
96:63:e4:98:15:4d:cc:89:b8:01:c5:4e:06:23:f2:0c:95:5c:
22:40:3f:f6:cb:cb:2b:77:2c:f2:91:d4:09:48:0d:95:0c:51:
80:e1:5e:94:90:26:e5:f9:6f:ec:47:1f:47:88:22:9a:1f:45:
02:d4:09:37:d4:4b:2b:d1:f1:22:85:f3:75:ce:87:6b:21:bb:
97:2c:91:4a:dc:cc:a7:5b:4e:ab:66:48:d4:b4:08:ce:22:ee:
77:a8:04:b4:f6:79:04:f1:89:90:3a:cd:ae:5c:b2:c3:32:0f:
79:3b:ff:dc:0a:8b:67:db:3f:79:cf:cf:bd:3d:7e:3b:02:0f:
19:aa:f7:3d:f0:fe:ab:4b:7c:ce:87:19:e4:0f:af:f5:91:27:
bf:ee:2e:98:11:70:49:1b:4d:70:43:14:78:41:3e:29:ef:6d:
fc:74:65:58:19:ee:2b:ce:ce:6b:7b:20:a5:c0:21:ba:c4:98:
13:db:d4:91
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUXnNpb+lZ6nkAMcB9PWaiNhi0a3gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNTAyMTExMzQ4NTVaFw0yNjAyMTAxMzUzNTVaMDMxMTAvBgNV
BAMTKDk5RTIwMjBBRThGMkI5M0UyMTIzREMwN0Y0QjM5OUIzNTgwNTE3RDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCV0xcyQYgjQZ3l+F6X8udO+ib7
qyPdN1gRW37HYmEHKBWtjE/l9ceUjhFB1PMcMGR59RjeAJHupAWU+Sm1nbCTEvKB
J9aUr+pjcuqJnJfOuhzOGEjaKKhI2knweSYefGIG8p/D2QcLecSAmIh5di3BrS10
qbgNGsYq6pCdaq5pqX68GlAyJgW3xSHnKLuOyneaI0s2TtzqEtdq6RPx15DI6Hct
nSE2PhHTUqSxkwgtxoa63kUE921LjYRQJn/YKud6IH2SOAy+fu0AhvFhGV1LyDVN
XcJbmBPRwUZp3o26x47n08PMmckdibAERsXj+oHoFLzBuxf407MFk8Y1/y0jAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUmeICCujyuT4hI9wH9LOZs1gFF9EwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjM0MzQyZTM5
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzczNDMyMzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC59F4wDQYJKoZIhvcNAQELBQADggEBANAM5DByBQFrlp4hqoUfpa2TFeiJt+ID
wyXd6+kDxH2b7PaJoXjKdc1NptSDE1dVJvcmNXqDHIIz5cCTEjEZ4iw4hQf+NIHi
zpZj5JgVTcyJuAHFTgYj8gyVXCJAP/bLyyt3LPKR1AlIDZUMUYDhXpSQJuX5b+xH
H0eIIpofRQLUCTfUSyvR8SKF83XOh2shu5cskUrczKdbTqtmSNS0CM4i7neoBLT2
eQTxiZA6za5cssMyD3k7/9wKi2fbP3nPz709fjsCDxmq9z3w/qtLfM6HGeQPr/WR
J7/uLpgRcEkbTXBDFHhBPinvbfx0ZVgZ7ivOzmt7IKXAIbrEmBPb1JE=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:26:22 2025 by rpki-client