Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3234342e39352e302f32342d3234203d3e203230343733.roa
File: 3138352e3234342e39352e302f32342d3234203d3e203230343733.roa (raw, json)
Hash identifier: wcPx+O7KmTHA1Z17UF9VIIdo6IS06Ij+d7NLeipHdoU=
Subject key identifier: 53:A3:40:14:1A:06:D1:D9:42:BC:59:CD:B5:1B:89:97:8D:64:D4:6E
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 4A951A3FDC40C3ABC834FC76A4C6B2FEEC7D6DA8
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3234342e39352e302f32342d3234203d3e203230343733.roa
Signing time: Sat 05 Jul 2025 04:10:49 +0000
ROA not before: Sat 05 Jul 2025 04:05:49 +0000
ROA not after: Sat 04 Jul 2026 04:10:49 +0000
asID: 20473
IP address blocks: 185.244.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Jul 2025 15:36:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:95:1a:3f:dc:40:c3:ab:c8:34:fc:76:a4:c6:b2:fe:ec:7d:6d:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Jul 5 04:05:49 2025 GMT
Not After : Jul 4 04:10:49 2026 GMT
Subject: CN=53A340141A06D1D942BC59CDB51B89978D64D46E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c8:98:7a:4f:e7:e1:c4:c7:a1:ca:a0:87:04:
ad:c2:7c:20:c6:3f:71:a7:3a:d3:55:26:63:01:28:
87:3e:f7:e4:09:30:ed:ab:8a:83:87:3d:53:f3:64:
67:4e:04:ac:3b:d9:c3:6e:c4:70:ac:da:7c:69:47:
a8:9e:99:be:6c:56:75:00:1e:c9:26:d4:2a:32:d6:
9e:ff:27:a1:67:2b:45:12:f6:c1:2c:08:68:ca:9c:
ea:be:7f:fb:e4:0c:51:af:b2:f2:ba:b4:c8:35:3a:
66:f8:37:60:2e:66:d5:e5:04:54:33:10:3b:86:a3:
1c:08:52:4a:1f:b0:14:b3:d8:a9:bd:a1:8e:06:74:
17:50:3c:e3:eb:f0:74:f3:30:2e:1f:e9:e6:56:96:
a0:8c:6d:3d:eb:c9:a3:f6:d2:53:b1:8b:6d:af:37:
5a:c8:5e:13:3b:be:1f:c1:e1:90:2c:bd:51:4d:ab:
35:54:6c:43:43:73:46:16:5b:9c:28:14:df:d9:c6:
a6:59:f0:3c:19:d7:66:6f:5d:4d:e9:cc:05:94:5a:
3c:e7:45:0b:6c:77:3d:68:ed:c9:95:b0:ae:2c:81:
b7:25:0c:96:bd:f5:b6:23:a3:37:43:96:c9:19:23:
4e:c9:2a:3f:d4:5c:15:2b:fc:78:c9:6e:8c:9c:6f:
32:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:A3:40:14:1A:06:D1:D9:42:BC:59:CD:B5:1B:89:97:8D:64:D4:6E
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3234342e39352e302f32342d3234203d3e203230343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.244.95.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:53:69:2d:ca:8d:52:f9:26:e2:11:de:21:85:eb:5d:27:27:
f3:ea:a0:12:e9:1b:d8:d1:51:e7:16:fd:98:3a:b6:0b:30:f0:
b3:1e:e9:55:97:e7:61:07:7f:6d:98:7a:b2:04:40:72:48:91:
b3:32:eb:d4:08:b3:aa:a5:b0:00:c2:42:30:8c:4e:67:bf:b3:
13:09:d9:d7:ef:54:cb:dc:c0:d2:1c:81:1c:0c:ed:77:c9:1d:
c7:17:53:94:99:89:05:06:46:00:e6:da:e6:ce:fd:54:da:79:
42:fd:62:30:33:7d:d4:39:88:25:d0:6b:f5:ce:cc:e6:f2:bf:
50:d8:17:28:ee:a9:a7:10:a3:78:64:2e:ff:90:a0:1d:cb:ac:
57:f4:94:e2:48:3a:28:1b:3b:a9:0d:df:69:6d:13:9e:4c:54:
24:68:15:ab:ca:9d:13:25:c6:b0:da:40:8b:03:21:e6:eb:82:
42:77:90:a6:04:6c:be:75:e1:71:a5:49:9b:3e:73:0f:3a:62:
59:46:22:89:5a:20:ec:21:00:ed:90:8d:21:a3:ac:14:86:b4:
90:27:b6:9c:de:2a:9a:3b:e3:b9:e7:96:b4:51:65:1d:11:24:
47:13:b2:c2:c6:00:40:7f:3c:97:78:df:00:fa:a5:04:c1:7d:
81:62:2b:50
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUSpUaP9xAw6vINPx2pMay/ux9bagwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNTA3MDUwNDA1NDlaFw0yNjA3MDQwNDEwNDlaMDMxMTAvBgNV
BAMTKDUzQTM0MDE0MUEwNkQxRDk0MkJDNTlDREI1MUI4OTk3OEQ2NEQ0NkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiyJh6T+fhxMehyqCHBK3CfCDG
P3GnOtNVJmMBKIc+9+QJMO2rioOHPVPzZGdOBKw72cNuxHCs2nxpR6iemb5sVnUA
Hskm1Coy1p7/J6FnK0US9sEsCGjKnOq+f/vkDFGvsvK6tMg1Omb4N2AuZtXlBFQz
EDuGoxwIUkofsBSz2Km9oY4GdBdQPOPr8HTzMC4f6eZWlqCMbT3ryaP20lOxi22v
N1rIXhM7vh/B4ZAsvVFNqzVUbENDc0YWW5woFN/ZxqZZ8DwZ12ZvXU3pzAWUWjzn
RQtsdz1o7cmVsK4sgbclDJa99bYjozdDlskZI07JKj/UXBUr/HjJboycbzKtAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUU6NAFBoG0dlCvFnNtRuJl41k1G4wHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjM0MzQyZTM5
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ufRfMA0GCSqGSIb3DQEBCwUAA4IBAQB+U2ktyo1S+SbiEd4hhetdJyfz6qAS6RvY
0VHnFv2YOrYLMPCzHulVl+dhB39tmHqyBEBySJGzMuvUCLOqpbAAwkIwjE5nv7MT
CdnX71TL3MDSHIEcDO13yR3HF1OUmYkFBkYA5trmzv1U2nlC/WIwM33UOYgl0Gv1
zszm8r9Q2Bco7qmnEKN4ZC7/kKAdy6xX9JTiSDooGzupDd9pbROeTFQkaBWryp0T
Jcaw2kCLAyHm64JCd5CmBGy+deFxpUmbPnMPOmJZRiKJWiDsIQDtkI0ho6wUhrSQ
J7ac3iqaO+O555a0UWUdESRHE7LCxgBAfzyXeN8A+qUEwX2BYitQ
-----END CERTIFICATE-----
Generated at Mon Jul 7 03:16:15 2025 by rpki-client