Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138382e39342e3139312e302f32342d3234203d3e20323132323338.roa
File: 3138382e39342e3139312e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: lJS6FjRfp/v/aqfGndUnY41n3G9vC9jGU4Xn0UYt/CA=
Subject key identifier: 1A:F6:9E:6C:7F:10:A8:87:08:FF:42:CB:EE:31:4E:A6:3B:F0:C8:8B
Certificate issuer: /CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Certificate serial: 31E598824418CE842E302D6B6B6424AE846A1216
Authority key identifier: E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138382e39342e3139312e302f32342d3234203d3e20323132323338.roa
Signing time: Fri 23 May 2025 12:37:22 +0000
ROA not before: Fri 23 May 2025 12:32:22 +0000
ROA not after: Fri 22 May 2026 12:37:22 +0000
asID: 212238
IP address blocks: 188.94.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.mft
rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:e5:98:82:44:18:ce:84:2e:30:2d:6b:6b:64:24:ae:84:6a:12:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Validity
Not Before: May 23 12:32:22 2025 GMT
Not After : May 22 12:37:22 2026 GMT
Subject: CN=1AF69E6C7F10A88708FF42CBEE314EA63BF0C88B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:05:10:b2:da:a6:46:63:94:24:bf:09:36:4e:
85:41:60:2b:30:49:a4:12:6f:c8:5e:c6:db:4a:a7:
d1:af:da:64:b8:22:c5:cb:b6:e3:ac:07:30:27:b9:
8f:03:53:92:44:c2:b4:22:b5:42:80:5b:a0:83:6b:
3a:79:10:0b:d9:08:b8:4a:77:dc:9b:99:d9:38:16:
3d:5c:6f:2c:a6:14:6d:18:00:a1:0a:f3:27:fb:c1:
cc:38:c6:18:9d:61:5b:e0:67:94:ad:1c:42:df:32:
72:7e:5b:ef:11:89:be:7c:99:06:2f:f7:e8:e1:48:
fd:5a:31:00:b4:d0:0f:b8:d5:98:5b:20:4b:cb:91:
d8:41:d9:09:67:18:4e:13:d7:b2:39:0d:b3:1b:86:
77:9d:97:aa:bc:9c:37:0a:fd:72:1b:dc:13:42:2c:
88:43:1f:cc:16:d0:76:72:d9:9f:2b:79:2a:e7:57:
7b:c7:7a:28:f5:b7:f0:8c:8f:be:86:38:84:46:a2:
db:9f:c8:90:93:2a:74:ef:8f:74:b7:35:72:75:86:
0b:a9:3b:52:05:63:46:29:f0:23:34:6a:4b:5b:4b:
19:86:1b:ca:b6:a4:9a:f8:a0:b7:5c:a2:a5:ac:58:
98:09:b1:95:6e:c6:70:f5:b4:60:ee:40:28:48:35:
10:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:F6:9E:6C:7F:10:A8:87:08:FF:42:CB:EE:31:4E:A6:3B:F0:C8:8B
X509v3 Authority Key Identifier:
keyid:E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138382e39342e3139312e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.94.191.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:aa:7e:59:35:60:25:7a:f2:b0:af:d0:6b:60:df:06:08:2a:
51:eb:24:5f:bb:ae:42:cf:14:96:6b:a5:5e:af:12:66:61:a5:
14:bd:78:ec:dc:37:df:24:f6:84:17:fb:d3:bf:34:c0:84:99:
78:a7:4c:62:f3:94:e2:8d:15:97:aa:fa:e8:4c:19:d1:12:f9:
8e:cb:16:98:d4:cb:ac:03:fb:e0:b7:40:40:c3:f0:a8:d6:a7:
32:64:59:46:8a:00:8b:a4:bb:ad:b0:03:ac:78:0e:fa:b5:32:
00:35:28:be:59:f6:9e:b7:21:2a:75:9e:7f:a3:aa:21:0c:b5:
aa:2b:d3:1d:00:2d:95:0a:b7:3f:53:47:c6:bd:e5:81:d0:99:
ec:15:c3:bc:9f:eb:bd:f2:22:44:31:c5:e8:bc:0c:a9:7b:9a:
2c:72:1d:f5:51:3b:33:70:57:6a:fd:91:4a:fe:f3:4c:99:be:
4f:51:81:f0:64:dd:e4:a6:5d:2b:52:f1:0a:12:21:30:2a:a6:
3b:d9:de:59:92:03:75:b4:cd:70:5c:74:bc:46:5b:82:d8:00:
c8:73:72:e0:41:1f:23:de:07:86:68:9e:bb:01:a1:34:12:24:
8d:1f:df:4c:f5:fb:4b:fe:94:16:cc:d8:f9:37:b2:76:7d:8a:
dd:3b:db:1a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMeWYgkQYzoQuMC1ra2QkroRqEhYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTFmMzUxMmY1MWRjNDJiYjllYjEyYWJjMGJiNTI5NjY4
YjJlZGVlNDAeFw0yNTA1MjMxMjMyMjJaFw0yNjA1MjIxMjM3MjJaMDMxMTAvBgNV
BAMTKDFBRjY5RTZDN0YxMEE4ODcwOEZGNDJDQkVFMzE0RUE2M0JGMEM4OEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxBRCy2qZGY5Qkvwk2ToVBYCsw
SaQSb8hexttKp9Gv2mS4IsXLtuOsBzAnuY8DU5JEwrQitUKAW6CDazp5EAvZCLhK
d9ybmdk4Fj1cbyymFG0YAKEK8yf7wcw4xhidYVvgZ5StHELfMnJ+W+8Rib58mQYv
9+jhSP1aMQC00A+41ZhbIEvLkdhB2QlnGE4T17I5DbMbhnedl6q8nDcK/XIb3BNC
LIhDH8wW0HZy2Z8reSrnV3vHeij1t/CMj76GOIRGotufyJCTKnTvj3S3NXJ1hgup
O1IFY0Yp8CM0aktbSxmGG8q2pJr4oLdcoqWsWJgJsZVuxnD1tGDuQChINRDbAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUGvaebH8QqIcI/0LL7jFOpjvwyIswHwYDVR0j
BBgwFoAU4fNRL1HcQruesSq8C7UpZosu3uQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgtZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3
OWE3LzAvRTFGMzUxMkY1MURDNDJCQjlFQjEyQUJDMEJCNTI5NjY4QjJFREVFNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRmTlJMMUhjUXJ1ZXNTcThDN1VwWm9z
dTN1US5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgt
ZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3OWE3LzAvMzEzODM4MmUzOTM0MmUzMTM5
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMjMzMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC8Xr8wDQYJKoZIhvcNAQELBQADggEBAAyqflk1YCV68rCv0Gtg3wYIKlHrJF+7
rkLPFJZrpV6vEmZhpRS9eOzcN98k9oQX+9O/NMCEmXinTGLzlOKNFZeq+uhMGdES
+Y7LFpjUy6wD++C3QEDD8KjWpzJkWUaKAIuku62wA6x4Dvq1MgA1KL5Z9p63ISp1
nn+jqiEMtaor0x0ALZUKtz9TR8a95YHQmewVw7yf673yIkQxxei8DKl7mixyHfVR
OzNwV2r9kUr+80yZvk9RgfBk3eSmXStS8QoSITAqpjvZ3lmSA3W0zXBcdLxGW4LY
AMhzcuBBHyPeB4ZonrsBoTQSJI0f30z1+0v+lBbM2Pk3snZ9it072xo=
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:07:34 2025 by rpki-client