Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ed81477e-510b-4d37-a229-ed4e88fbe65a/0/3138352e3232392e3230372e302f32342d3234203d3e203538303631.roa
File: 3138352e3232392e3230372e302f32342d3234203d3e203538303631.roa (raw, json)
Hash identifier: eMEaJUhKjzifHfRSQ+k4fEgpWBIPjheGZTeseXumKH8=
Subject key identifier: B0:88:9C:D3:00:63:A7:F0:9A:31:CB:44:33:3F:7B:03:33:31:D5:0D
Certificate issuer: /CN=922085cff3657fa2aec6f91d91bbf0cd4dd24418
Certificate serial: 6F4C5B656C8F035804470277E1B00B1121DE1274
Authority key identifier: 92:20:85:CF:F3:65:7F:A2:AE:C6:F9:1D:91:BB:F0:CD:4D:D2:44:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiCFz_Nlf6KuxvkdkbvwzU3SRBg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ed81477e-510b-4d37-a229-ed4e88fbe65a/0/3138352e3232392e3230372e302f32342d3234203d3e203538303631.roa
Signing time: Mon 20 Jan 2025 14:53:51 +0000
ROA not before: Mon 20 Jan 2025 14:48:51 +0000
ROA not after: Mon 19 Jan 2026 14:53:51 +0000
asID: 58061
IP address blocks: 185.229.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ed81477e-510b-4d37-a229-ed4e88fbe65a/0/922085CFF3657FA2AEC6F91D91BBF0CD4DD24418.crl
rsync://rsync.paas.rpki.ripe.net/repository/ed81477e-510b-4d37-a229-ed4e88fbe65a/0/922085CFF3657FA2AEC6F91D91BBF0CD4DD24418.mft
rsync://rpki.ripe.net/repository/DEFAULT/kiCFz_Nlf6KuxvkdkbvwzU3SRBg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:4c:5b:65:6c:8f:03:58:04:47:02:77:e1:b0:0b:11:21:de:12:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922085cff3657fa2aec6f91d91bbf0cd4dd24418
Validity
Not Before: Jan 20 14:48:51 2025 GMT
Not After : Jan 19 14:53:51 2026 GMT
Subject: CN=B0889CD30063A7F09A31CB44333F7B033331D50D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:6d:82:4e:53:00:7f:5e:24:36:d4:9f:23:e7:
40:d0:5d:e6:6d:70:43:f2:4f:26:19:03:33:aa:46:
44:c3:94:e2:d6:ab:18:bc:62:c6:f5:85:f6:d4:64:
eb:52:4b:8f:a6:d8:c9:2c:71:d6:45:09:0c:90:38:
bd:c9:06:2f:51:af:94:34:6a:4d:38:6d:c7:69:69:
0c:63:02:a3:ea:01:14:1e:78:43:14:b7:e2:f1:f1:
fe:95:78:4a:b7:91:e4:97:9a:cc:51:7a:01:5f:c9:
c7:f5:cd:84:9e:08:f1:3b:69:76:ea:87:b7:ca:0d:
25:8f:a5:51:9a:ae:67:51:49:3d:bb:fb:52:ba:0f:
48:ac:ba:43:4e:ea:dd:9c:c0:9b:cf:6c:d7:b2:57:
56:67:30:72:4d:13:ba:7a:0f:7f:75:08:eb:1e:40:
a4:cf:18:0a:37:84:cf:5c:e2:40:33:e1:d2:82:42:
f8:3d:d5:17:dc:15:27:a6:3b:42:ae:c3:7a:47:e3:
6e:50:8f:64:d9:31:9c:02:41:cd:2f:a9:cd:78:91:
79:ae:c6:c6:1c:86:c7:1a:a3:b8:07:75:06:e1:4b:
a5:03:63:cb:23:9f:aa:40:db:f6:ac:42:a3:d2:1e:
80:ff:ee:46:2e:23:04:a9:a5:da:d6:51:f2:e2:04:
54:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:88:9C:D3:00:63:A7:F0:9A:31:CB:44:33:3F:7B:03:33:31:D5:0D
X509v3 Authority Key Identifier:
keyid:92:20:85:CF:F3:65:7F:A2:AE:C6:F9:1D:91:BB:F0:CD:4D:D2:44:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ed81477e-510b-4d37-a229-ed4e88fbe65a/0/922085CFF3657FA2AEC6F91D91BBF0CD4DD24418.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiCFz_Nlf6KuxvkdkbvwzU3SRBg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ed81477e-510b-4d37-a229-ed4e88fbe65a/0/3138352e3232392e3230372e302f32342d3234203d3e203538303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.207.0/24
Signature Algorithm: sha256WithRSAEncryption
08:1b:40:a2:19:90:0e:46:39:60:4b:1c:89:95:37:92:25:be:
27:eb:7b:43:5c:fb:be:5f:48:65:e0:5b:06:bb:21:6a:e4:92:
dd:aa:43:fa:14:a4:f6:e4:0e:0b:d7:ae:5d:32:b6:7e:98:dd:
3a:89:93:90:23:35:a0:7c:75:7d:ab:8a:3c:f3:25:90:b8:74:
d5:96:e2:22:02:d8:99:1c:90:50:68:a5:3a:10:f7:bc:fb:13:
74:a2:20:5e:ba:6e:fb:f0:68:c3:a0:57:a0:41:48:9b:f4:cf:
12:7a:ce:77:f6:ff:0a:14:f9:5c:2a:a6:75:35:44:3f:d0:26:
1d:2b:59:c5:f2:4f:7d:c5:37:53:00:45:2d:a3:66:7b:90:d6:
2a:c7:0c:95:34:67:e9:2a:54:8d:9b:87:b2:d1:2c:c9:23:77:
5f:ef:b8:b5:7d:cd:98:31:7e:02:e6:a5:f9:8b:b5:c6:a4:37:
a3:79:59:b7:01:24:14:4f:6c:60:b8:b1:71:de:38:bb:a3:04:
7c:9b:f9:e1:10:d0:3c:60:d5:7f:c2:ca:78:e2:77:19:d6:2b:
52:40:4c:98:e6:62:b1:0e:ae:f5:75:f5:5d:db:6b:7c:32:13:
58:40:22:83:6b:22:6a:d8:83:4f:38:86:e1:fc:6a:90:54:cc:
fa:90:a5:45
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUb0xbZWyPA1gERwJ34bALESHeEnQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTIyMDg1Y2ZmMzY1N2ZhMmFlYzZmOTFkOTFiYmYwY2Q0
ZGQyNDQxODAeFw0yNTAxMjAxNDQ4NTFaFw0yNjAxMTkxNDUzNTFaMDMxMTAvBgNV
BAMTKEIwODg5Q0QzMDA2M0E3RjA5QTMxQ0I0NDMzM0Y3QjAzMzMzMUQ1MEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9bYJOUwB/XiQ21J8j50DQXeZt
cEPyTyYZAzOqRkTDlOLWqxi8Ysb1hfbUZOtSS4+m2MkscdZFCQyQOL3JBi9Rr5Q0
ak04bcdpaQxjAqPqARQeeEMUt+Lx8f6VeEq3keSXmsxRegFfycf1zYSeCPE7aXbq
h7fKDSWPpVGarmdRST27+1K6D0isukNO6t2cwJvPbNeyV1ZnMHJNE7p6D391COse
QKTPGAo3hM9c4kAz4dKCQvg91RfcFSemO0Kuw3pH425Qj2TZMZwCQc0vqc14kXmu
xsYchscao7gHdQbhS6UDY8sjn6pA2/asQqPSHoD/7kYuIwSppdrWUfLiBFSDAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUsIic0wBjp/CaMctEMz97AzMx1Q0wHwYDVR0j
BBgwFoAUkiCFz/Nlf6KuxvkdkbvwzU3SRBgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWQ4MTQ3N2UtNTEwYi00ZDM3LWEyMjktZWQ0ZTg4ZmJl
NjVhLzAvOTIyMDg1Q0ZGMzY1N0ZBMkFFQzZGOTFEOTFCQkYwQ0Q0REQyNDQxOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2tpQ0Z6X05sZjZLdXh2a2RrYnZ3elUz
U1JCZy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWQ4MTQ3N2Ut
NTEwYi00ZDM3LWEyMjktZWQ0ZTg4ZmJlNjVhLzAvMzEzODM1MmUzMjMyMzkyZTMy
MzAzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzgzMDM2MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC55c8wDQYJKoZIhvcNAQELBQADggEBAAgbQKIZkA5GOWBLHImVN5Ilvifre0Nc
+75fSGXgWwa7IWrkkt2qQ/oUpPbkDgvXrl0ytn6Y3TqJk5AjNaB8dX2rijzzJZC4
dNWW4iIC2JkckFBopToQ97z7E3SiIF66bvvwaMOgV6BBSJv0zxJ6znf2/woU+Vwq
pnU1RD/QJh0rWcXyT33FN1MARS2jZnuQ1irHDJU0Z+kqVI2bh7LRLMkjd1/vuLV9
zZgxfgLmpfmLtcakN6N5WbcBJBRPbGC4sXHeOLujBHyb+eEQ0Dxg1X/CynjidxnW
K1JATJjmYrEOrvV19V3ba3wyE1hAIoNrImrYg084huH8apBUzPqQpUU=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:52:22 2025 by rpki-client