Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e3132332e3135372e302f32342d3234203d3e203539343332.roa
File: 3138352e3132332e3135372e302f32342d3234203d3e203539343332.roa (raw, json)
Hash identifier: gIsOY/Rt5itSjR6UBfQr0akoBho0OQVg1aF/BeCGDiQ=
Subject key identifier: 6C:40:4C:2B:15:CB:93:A3:44:09:19:78:F9:EC:9C:C1:F2:41:6C:33
Certificate issuer: /CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Certificate serial: 65B94E1B247DBA2E911203104A95235242E85352
Authority key identifier: E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e3132332e3135372e302f32342d3234203d3e203539343332.roa
Signing time: Tue 03 Jun 2025 07:31:25 +0000
ROA not before: Tue 03 Jun 2025 07:26:25 +0000
ROA not after: Tue 02 Jun 2026 07:31:25 +0000
asID: 59432
IP address blocks: 185.123.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.mft
rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:b9:4e:1b:24:7d:ba:2e:91:12:03:10:4a:95:23:52:42:e8:53:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Validity
Not Before: Jun 3 07:26:25 2025 GMT
Not After : Jun 2 07:31:25 2026 GMT
Subject: CN=6C404C2B15CB93A344091978F9EC9CC1F2416C33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:86:03:77:13:f1:74:16:d2:ee:04:cf:4f:32:
0f:aa:20:c7:dc:e0:76:d5:93:05:6a:69:92:8b:70:
bb:d3:17:6c:34:03:a5:dd:92:2d:84:94:9f:fa:a0:
73:70:3a:3e:18:ff:96:a9:df:30:31:2c:c3:48:b7:
0e:5c:b0:f0:ca:d7:23:54:64:ab:f8:53:96:f4:e0:
6d:85:10:39:13:b8:7a:7a:31:c9:54:44:a0:6f:6e:
e1:2a:b9:c2:88:74:ac:59:e5:41:93:e6:8b:43:dd:
1e:96:0f:1e:bd:6f:80:81:00:17:e6:83:f3:03:37:
fd:17:db:a0:7f:fa:82:53:fe:ab:48:75:7f:cf:b5:
17:ca:23:14:22:09:ab:21:6d:76:b1:ec:20:c0:86:
04:7e:d8:ce:54:91:9d:5f:21:c3:65:bc:ab:60:e6:
fa:63:2c:98:c7:ae:41:10:dc:16:91:db:8f:b8:2d:
61:b0:f3:02:55:a1:da:20:50:5c:5d:75:f3:db:e1:
06:cf:0d:62:3e:09:56:59:a3:5f:ba:51:53:4d:03:
d1:e3:12:b4:5b:8d:3e:29:05:d0:4e:8e:4c:0b:42:
4b:42:90:32:84:ce:68:d3:98:16:fd:4d:ee:c9:d2:
c1:3d:1c:c3:0a:bc:22:87:eb:d2:10:3a:24:d0:78:
c0:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:40:4C:2B:15:CB:93:A3:44:09:19:78:F9:EC:9C:C1:F2:41:6C:33
X509v3 Authority Key Identifier:
keyid:E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e3132332e3135372e302f32342d3234203d3e203539343332.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.157.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:3b:a9:ea:eb:e6:de:10:5e:78:81:be:2e:14:52:c4:d1:fa:
df:7b:2c:18:ca:60:61:c2:93:3f:97:cc:49:de:c0:68:94:e4:
7d:e7:db:fe:dd:b3:d6:f7:24:5f:ed:03:8e:f9:32:a9:37:ff:
77:43:bd:7b:71:9e:f3:80:61:35:6a:7f:08:01:55:a2:55:36:
fd:65:d8:b6:b6:68:73:08:d3:01:7e:7b:b1:f7:73:d6:2f:07:
40:5d:1c:d4:de:de:ec:30:d7:7f:d2:9c:52:b2:e4:c6:b3:f1:
da:74:83:d2:e6:4c:24:e9:6c:0b:1a:7c:87:90:d9:b4:6b:dc:
42:5c:8a:1c:3e:f2:cc:ce:d2:e6:30:a0:96:f8:46:5e:ab:81:
1d:d1:ef:97:6d:b2:84:c7:84:21:cf:d6:b4:d6:ff:c9:27:b9:
a3:e0:a5:3d:65:84:63:91:2d:8c:17:42:ae:71:93:24:d1:22:
48:05:ff:d5:60:1d:b9:26:5f:37:60:a5:e3:35:d0:6f:d3:98:
c0:6d:9e:71:da:a9:87:42:c3:d7:87:5f:e3:99:9b:55:eb:33:
44:40:38:36:b4:60:f7:eb:3f:1f:2a:01:7e:b9:77:b4:9b:7d:
d7:41:1c:45:a2:07:a3:56:65:5f:92:e1:09:dc:2d:80:f2:5a:
a6:a8:28:c2
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZblOGyR9ui6REgMQSpUjUkLoU1IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTFmMzUxMmY1MWRjNDJiYjllYjEyYWJjMGJiNTI5NjY4
YjJlZGVlNDAeFw0yNTA2MDMwNzI2MjVaFw0yNjA2MDIwNzMxMjVaMDMxMTAvBgNV
BAMTKDZDNDA0QzJCMTVDQjkzQTM0NDA5MTk3OEY5RUM5Q0MxRjI0MTZDMzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2hgN3E/F0FtLuBM9PMg+qIMfc
4HbVkwVqaZKLcLvTF2w0A6Xdki2ElJ/6oHNwOj4Y/5ap3zAxLMNItw5csPDK1yNU
ZKv4U5b04G2FEDkTuHp6MclURKBvbuEqucKIdKxZ5UGT5otD3R6WDx69b4CBABfm
g/MDN/0X26B/+oJT/qtIdX/PtRfKIxQiCashbXax7CDAhgR+2M5UkZ1fIcNlvKtg
5vpjLJjHrkEQ3BaR24+4LWGw8wJVodogUFxddfPb4QbPDWI+CVZZo1+6UVNNA9Hj
ErRbjT4pBdBOjkwLQktCkDKEzmjTmBb9Te7J0sE9HMMKvCKH69IQOiTQeMBJAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUbEBMKxXLk6NECRl4+eycwfJBbDMwHwYDVR0j
BBgwFoAU4fNRL1HcQruesSq8C7UpZosu3uQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgtZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3
OWE3LzAvRTFGMzUxMkY1MURDNDJCQjlFQjEyQUJDMEJCNTI5NjY4QjJFREVFNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRmTlJMMUhjUXJ1ZXNTcThDN1VwWm9z
dTN1US5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgt
ZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3OWE3LzAvMzEzODM1MmUzMTMyMzMyZTMx
MzUzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzkzNDMzMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5e50wDQYJKoZIhvcNAQELBQADggEBADs7qerr5t4QXniBvi4UUsTR+t97LBjK
YGHCkz+XzEnewGiU5H3n2/7ds9b3JF/tA475Mqk3/3dDvXtxnvOAYTVqfwgBVaJV
Nv1l2La2aHMI0wF+e7H3c9YvB0BdHNTe3uww13/SnFKy5Maz8dp0g9LmTCTpbAsa
fIeQ2bRr3EJcihw+8szO0uYwoJb4Rl6rgR3R75dtsoTHhCHP1rTW/8knuaPgpT1l
hGORLYwXQq5xkyTRIkgF/9VgHbkmXzdgpeM10G/TmMBtnnHaqYdCw9eHX+OZm1Xr
M0RAODa0YPfrPx8qAX65d7SbfddBHEWiB6NWZV+S4QncLYDyWqaoKMI=
-----END CERTIFICATE-----
Generated at Sat Jun 7 00:05:33 2025 by rpki-client