Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3138352e3231322e3131332e302f32342d3234203d3e20323132303237.roa
File: 3138352e3231322e3131332e302f32342d3234203d3e20323132303237.roa (raw, json)
Hash identifier: CXTB+Xvv7Mw4O2W49b5KNvf+wB88BlABbTF0ZEqQeh8=
Subject key identifier: BD:C0:60:DD:8C:22:A0:B4:FA:0D:C2:6A:C0:68:8C:2E:B7:86:32:E9
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 105198E23D683345D1962092AECE5716DDF6F04C
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3138352e3231322e3131332e302f32342d3234203d3e20323132303237.roa
Signing time: Tue 13 May 2025 08:13:44 +0000
ROA not before: Tue 13 May 2025 08:08:44 +0000
ROA not after: Tue 12 May 2026 08:13:44 +0000
asID: 212027
IP address blocks: 185.212.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:51:98:e2:3d:68:33:45:d1:96:20:92:ae:ce:57:16:dd:f6:f0:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: May 13 08:08:44 2025 GMT
Not After : May 12 08:13:44 2026 GMT
Subject: CN=BDC060DD8C22A0B4FA0DC26AC0688C2EB78632E9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:ef:17:f5:a7:66:09:c0:c1:21:65:f3:2b:34:
53:92:d6:13:37:da:1f:37:5f:4c:a6:a0:92:0a:e4:
8a:21:46:88:a6:3e:7a:12:23:7a:bc:d6:a8:70:17:
85:93:80:80:3a:72:8b:a8:8a:f0:c7:b6:20:6d:26:
8f:f9:99:84:5c:76:ef:0b:b5:57:e0:14:3f:38:1a:
d2:49:a2:b6:ff:49:8d:7c:76:60:e8:e6:51:33:b4:
14:be:3a:69:4b:f3:9b:87:44:06:0f:7d:5c:db:76:
43:91:63:30:c9:cc:44:0c:d0:c0:93:b9:f3:f1:c3:
e9:60:4e:8a:ef:46:24:da:b2:20:68:e4:75:fb:68:
4f:92:c9:95:50:ff:d4:66:8e:69:f0:38:16:d2:ba:
42:19:dd:a9:79:c5:94:54:61:d4:06:42:03:19:30:
66:6c:17:c8:78:21:31:b6:6e:3f:a1:64:48:ba:fd:
8f:26:dc:0e:11:42:a1:ae:cf:b9:a3:2e:30:57:b8:
68:49:5f:36:71:98:1e:6d:1f:5b:85:8c:de:f6:a5:
11:82:3b:2d:f2:de:46:6d:08:11:c5:67:29:f1:80:
70:36:ad:1c:50:db:90:62:d1:96:87:02:ba:8c:90:
da:60:18:4b:c8:e6:f0:db:ac:36:3e:b5:a6:b5:67:
32:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:C0:60:DD:8C:22:A0:B4:FA:0D:C2:6A:C0:68:8C:2E:B7:86:32:E9
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3138352e3231322e3131332e302f32342d3234203d3e20323132303237.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.212.113.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:88:19:19:08:70:11:ea:5f:0e:64:5b:72:a7:3b:22:2d:11:
66:c6:56:7d:d6:01:1a:b2:04:17:df:13:70:02:1d:43:b8:27:
4a:6c:5c:26:f4:8a:84:b9:35:14:d3:50:88:9a:d5:8e:b6:fb:
c9:21:96:e9:f9:58:91:24:6d:0e:32:1a:d1:5c:ac:6b:14:ea:
4a:71:b4:55:0a:7d:7c:cc:41:d2:15:e6:30:d6:5e:88:ce:2f:
53:10:8c:15:f9:41:6f:bf:87:36:ee:4c:e1:d9:f8:f5:e1:aa:
1d:26:a6:63:51:c4:dd:f6:fa:5a:76:3b:c7:bd:55:12:5c:9b:
77:9c:01:8e:d5:d0:d8:f7:71:53:bd:d7:85:c8:d7:9f:65:f7:
14:5c:1c:fb:bf:d7:39:7d:50:46:52:f2:6f:28:e6:4c:6e:2e:
b7:7b:ee:7d:13:c4:32:c4:01:d8:95:24:fe:15:bf:02:c7:dd:
0d:e2:e0:9f:0a:1a:7b:d5:83:ff:7c:dd:d2:ac:ef:d9:98:a8:
15:1a:a4:5a:c8:eb:f7:bc:8e:6e:79:5a:79:5f:c0:91:6f:d3:
0d:b8:11:b8:41:dc:e4:b2:44:4d:a6:e3:cd:8a:31:78:37:72:
73:d3:43:e8:2c:60:c4:f0:32:8f:a1:e7:4d:64:3c:75:bc:c1:
9d:fc:61:17
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUEFGY4j1oM0XRliCSrs5XFt328EwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNTA1MTMwODA4NDRaFw0yNjA1MTIwODEzNDRaMDMxMTAvBgNV
BAMTKEJEQzA2MEREOEMyMkEwQjRGQTBEQzI2QUMwNjg4QzJFQjc4NjMyRTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDl7xf1p2YJwMEhZfMrNFOS1hM3
2h83X0ymoJIK5IohRoimPnoSI3q81qhwF4WTgIA6couoivDHtiBtJo/5mYRcdu8L
tVfgFD84GtJJorb/SY18dmDo5lEztBS+OmlL85uHRAYPfVzbdkORYzDJzEQM0MCT
ufPxw+lgTorvRiTasiBo5HX7aE+SyZVQ/9RmjmnwOBbSukIZ3al5xZRUYdQGQgMZ
MGZsF8h4ITG2bj+hZEi6/Y8m3A4RQqGuz7mjLjBXuGhJXzZxmB5tH1uFjN72pRGC
Oy3y3kZtCBHFZynxgHA2rRxQ25Bi0ZaHArqMkNpgGEvI5vDbrDY+taa1ZzItAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUvcBg3YwioLT6DcJqwGiMLreGMukwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzEzODM1MmUzMjMxMzIyZTMx
MzEzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMwMzIzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnUcTANBgkqhkiG9w0BAQsFAAOCAQEALogZGQhwEepfDmRbcqc7Ii0RZsZW
fdYBGrIEF98TcAIdQ7gnSmxcJvSKhLk1FNNQiJrVjrb7ySGW6flYkSRtDjIa0Vys
axTqSnG0VQp9fMxB0hXmMNZeiM4vUxCMFflBb7+HNu5M4dn49eGqHSamY1HE3fb6
WnY7x71VElybd5wBjtXQ2PdxU73XhcjXn2X3FFwc+7/XOX1QRlLybyjmTG4ut3vu
fRPEMsQB2JUk/hW/AsfdDeLgnwoae9WD/3zd0qzv2ZioFRqkWsjr97yObnlaeV/A
kW/TDbgRuEHc5LJETabjzYoxeDdyc9ND6CxgxPAyj6HnTWQ8dbzBnfxhFw==
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:27:35 2025 by rpki-client