Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3131312e3135362e302f32342d3332203d3e203430303231.roa
File: 3138352e3131312e3135362e302f32342d3332203d3e203430303231.roa (raw, json)
Hash identifier: +mBydsz4p+orMPGeDOwRca/yLbKi5CVtoKGmhZ29UK4=
Subject key identifier: 1E:E4:D4:7F:7C:5C:9B:9B:72:5F:42:49:DB:00:81:55:BE:DF:F1:8F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 73AE5B3F4E9C220CB34DD8CAFBD81302D32EB22E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3131312e3135362e302f32342d3332203d3e203430303231.roa
Signing time: Mon 27 Jan 2025 09:45:30 +0000
ROA not before: Mon 27 Jan 2025 09:40:30 +0000
ROA not after: Mon 26 Jan 2026 09:45:30 +0000
asID: 40021
IP address blocks: 185.111.156.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:ae:5b:3f:4e:9c:22:0c:b3:4d:d8:ca:fb:d8:13:02:d3:2e:b2:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:30 2025 GMT
Not After : Jan 26 09:45:30 2026 GMT
Subject: CN=1EE4D47F7C5C9B9B725F4249DB008155BEDFF18F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a1:c1:72:19:6c:f4:b5:5c:e4:15:da:59:18:
c8:8e:12:ec:35:5d:a3:9f:bc:03:4d:99:a1:75:cf:
a0:95:e7:66:fc:a3:34:40:33:e0:64:e4:43:25:85:
76:7f:68:ab:cc:22:9d:13:bf:5e:66:44:f4:65:f4:
df:69:6a:7a:64:d2:83:5a:21:c7:65:a8:79:9d:42:
3b:e3:c7:ac:fb:6d:77:2b:aa:98:c3:47:79:81:d6:
ad:6f:53:c5:45:aa:21:db:d7:27:2f:4a:a4:c7:12:
7a:5b:5c:f5:ff:4b:b1:28:9d:d0:12:40:de:19:4e:
3d:de:13:9e:27:6f:cc:f2:e2:aa:75:d9:52:a8:a2:
b3:5c:60:5e:00:cf:0f:bc:45:77:51:2f:cb:1f:bb:
25:ca:88:df:eb:0c:cd:87:10:e3:5a:44:55:60:f9:
ba:70:b9:fa:c1:26:86:73:4a:52:df:e1:1e:2b:9b:
17:09:44:cb:ed:c7:f9:6f:28:60:1a:55:6b:32:f6:
07:43:68:10:d2:3e:7d:90:0a:26:59:9b:75:fe:ff:
30:9d:5b:42:2b:55:03:eb:31:92:74:5f:6b:99:0e:
8b:2e:b1:2e:4c:10:cb:7c:c8:59:35:81:a1:63:41:
aa:4c:d6:3d:60:fc:53:d7:4d:7c:3d:d7:22:3f:98:
04:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:E4:D4:7F:7C:5C:9B:9B:72:5F:42:49:DB:00:81:55:BE:DF:F1:8F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3131312e3135362e302f32342d3332203d3e203430303231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.156.0/24
Signature Algorithm: sha256WithRSAEncryption
44:6a:c4:4c:5f:23:48:f5:9d:e4:cb:27:1c:c3:c0:71:74:1a:
43:c7:c9:3c:59:6e:fd:8f:75:95:24:1a:bd:0e:10:20:eb:13:
cb:47:3c:03:20:b3:cf:5c:71:a8:06:d6:51:e1:59:dd:03:3f:
ac:af:1c:34:5a:d9:ec:53:2e:3b:90:db:90:66:0b:9c:bf:db:
6b:4d:fa:50:8e:b3:38:e5:f7:73:86:6e:8c:50:0a:28:88:02:
de:34:0f:ab:b4:a2:f2:c9:c5:d0:98:b2:06:3d:da:5d:74:62:
1f:fc:6e:29:e4:42:98:90:e0:27:10:fc:ae:a9:34:ec:dd:4a:
bb:33:dc:5a:8f:14:b4:5b:96:ae:ff:a1:4c:05:bc:e6:81:8d:
b9:5a:1a:50:ac:f2:91:72:02:8b:ef:06:9a:e0:02:ce:b9:fa:
07:f3:52:c5:95:71:da:81:70:0c:48:70:5e:02:0d:bd:73:23:
9a:19:93:75:ed:3f:ff:d3:6a:b8:ac:00:ec:97:bc:9a:5d:54:
0d:14:cf:d6:67:bd:87:0b:91:ca:a5:05:ca:47:5d:4d:9c:cc:
49:28:0d:d5:1e:d1:67:6a:11:e7:27:c9:a1:4a:66:42:82:66:
02:9f:06:c0:99:f7:f2:fd:01:5d:13:4f:d3:18:98:70:06:d2:
e1:2c:c0:ff
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUc65bP06cIgyzTdjK+9gTAtMusi4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMzBaFw0yNjAxMjYwOTQ1MzBaMDMxMTAvBgNV
BAMTKDFFRTRENDdGN0M1QzlCOUI3MjVGNDI0OURCMDA4MTU1QkVERkYxOEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeocFyGWz0tVzkFdpZGMiOEuw1
XaOfvANNmaF1z6CV52b8ozRAM+Bk5EMlhXZ/aKvMIp0Tv15mRPRl9N9panpk0oNa
IcdlqHmdQjvjx6z7bXcrqpjDR3mB1q1vU8VFqiHb1ycvSqTHEnpbXPX/S7EondAS
QN4ZTj3eE54nb8zy4qp12VKoorNcYF4Azw+8RXdRL8sfuyXKiN/rDM2HEONaRFVg
+bpwufrBJoZzSlLf4R4rmxcJRMvtx/lvKGAaVWsy9gdDaBDSPn2QCiZZm3X+/zCd
W0IrVQPrMZJ0X2uZDosusS5MEMt8yFk1gaFjQapM1j1g/FPXTXw91yI/mAT1AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUHuTUf3xcm5tyX0JJ2wCBVb7f8Y8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTMxMzEyZTMx
MzUzNjJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM0MzAzMDMyMzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5b5wwDQYJKoZIhvcNAQELBQADggEBAERqxExfI0j1neTLJxzDwHF0GkPHyTxZ
bv2PdZUkGr0OECDrE8tHPAMgs89ccagG1lHhWd0DP6yvHDRa2exTLjuQ25BmC5y/
22tN+lCOszjl93OGboxQCiiIAt40D6u0ovLJxdCYsgY92l10Yh/8binkQpiQ4CcQ
/K6pNOzdSrsz3FqPFLRblq7/oUwFvOaBjblaGlCs8pFyAovvBprgAs65+gfzUsWV
cdqBcAxIcF4CDb1zI5oZk3XtP//TarisAOyXvJpdVA0Uz9ZnvYcLkcqlBcpHXU2c
zEkoDdUe0WdqEecnyaFKZkKCZgKfBsCZ9/L9AV0TT9MYmHAG0uEswP8=
-----END CERTIFICATE-----
Generated at Fri Apr 4 15:58:24 2025 by rpki-client