Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3136382e302f32342d3234203d3e20313336373837.roa
File: 3138352e3138372e3136382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: TFxsXDs+2/HRcoNZywCeEt+0d7s8SXSCUU1+UThohXA=
Subject key identifier: E5:22:BF:6B:3F:2A:47:36:FA:72:14:0D:0A:9A:BF:78:E1:76:EF:B9
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 556B621337664E9BFABEDDAA3E53C18110F602FF
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3136382e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 27 Jan 2025 09:44:59 +0000
ROA not before: Mon 27 Jan 2025 09:39:59 +0000
ROA not after: Mon 26 Jan 2026 09:44:59 +0000
asID: 136787
IP address blocks: 185.187.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:6b:62:13:37:66:4e:9b:fa:be:dd:aa:3e:53:c1:81:10:f6:02:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:39:59 2025 GMT
Not After : Jan 26 09:44:59 2026 GMT
Subject: CN=E522BF6B3F2A4736FA72140D0A9ABF78E176EFB9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:80:ff:50:e3:b7:8d:95:bc:65:3a:a1:c2:96:
1f:0b:2d:f1:c2:0d:e6:89:33:83:23:3b:b5:aa:56:
5b:d5:6d:34:4b:30:8d:39:d7:47:20:9a:c7:9c:44:
e8:41:2b:25:2c:dc:6c:fd:5f:6e:06:c9:e4:70:d3:
59:d0:8a:28:59:4c:c1:b9:cc:31:77:65:89:49:f2:
48:ac:be:d9:a8:c4:7f:c8:a3:2f:a4:52:56:5d:7d:
b7:24:23:71:8c:5f:af:6e:0e:0a:c1:df:d9:6c:87:
e0:da:4b:4e:e7:0f:3f:72:c3:85:bd:38:e3:46:a3:
40:b2:45:56:79:a9:cc:31:e0:6c:4d:7e:24:aa:e7:
59:60:f9:dc:d7:01:12:83:5e:76:96:6f:f3:4d:da:
c7:4b:7a:ee:43:1f:51:64:2e:92:71:26:d5:f1:74:
c8:21:f7:65:59:ad:93:30:02:76:65:dc:56:6f:cf:
86:15:c5:3b:ed:69:ba:63:69:ec:85:9e:f7:0c:75:
84:00:66:30:a9:41:de:af:8d:5a:02:f0:b4:8b:57:
d6:ae:c8:5b:89:da:c3:d2:95:81:39:07:50:ce:e8:
6e:38:fe:e4:2a:4c:54:b2:43:5d:c5:b4:11:f3:7e:
cc:d2:a9:d4:d8:f0:91:a2:93:71:f2:ab:c0:42:25:
4b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:22:BF:6B:3F:2A:47:36:FA:72:14:0D:0A:9A:BF:78:E1:76:EF:B9
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3136382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.187.168.0/24
Signature Algorithm: sha256WithRSAEncryption
41:8f:b5:13:0f:c8:33:60:2a:9f:28:cc:09:71:0b:8e:cc:3e:
5e:4a:29:b4:03:b7:bc:a2:70:fc:4d:d3:cf:a2:71:3f:40:e8:
d6:1e:74:ba:c6:27:3e:d6:bd:f9:d8:14:6d:7c:e8:fe:16:7d:
17:66:1c:2a:3f:fd:84:aa:98:0e:86:a3:b2:bd:68:5d:8f:be:
58:6f:fe:51:0b:f7:9b:73:fc:30:29:5b:87:81:72:6a:24:0f:
f5:97:9b:19:a4:de:7e:88:96:53:87:39:00:81:b4:c3:28:0c:
fe:11:6c:10:aa:ec:52:4a:a1:2d:15:67:41:9c:f4:f4:9f:31:
88:0e:f8:59:73:c2:4f:92:eb:86:60:bf:4b:2b:3a:95:f1:b7:
7c:75:66:c0:9d:e1:5a:c6:61:48:23:de:e1:03:ea:b1:fa:d4:
60:78:20:4e:1b:33:a5:73:5f:ca:b5:c1:2e:d1:32:97:d2:4c:
7f:ed:4c:c6:c0:d0:b9:4d:41:70:0f:2d:f8:78:7e:7c:58:12:
8b:a2:8a:41:b9:21:9b:14:1d:7c:af:51:33:d9:95:eb:02:eb:
04:6f:1f:3d:a2:98:42:47:24:08:48:1c:49:fd:d3:ac:6d:85:
ca:76:88:ed:b1:67:da:10:fc:4c:39:a6:f1:47:09:f1:52:c3:
80:f4:5f:6c
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUVWtiEzdmTpv6vt2qPlPBgRD2Av8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTM5NTlaFw0yNjAxMjYwOTQ0NTlaMDMxMTAvBgNV
BAMTKEU1MjJCRjZCM0YyQTQ3MzZGQTcyMTQwRDBBOUFCRjc4RTE3NkVGQjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChgP9Q47eNlbxlOqHClh8LLfHC
DeaJM4MjO7WqVlvVbTRLMI0510cgmsecROhBKyUs3Gz9X24GyeRw01nQiihZTMG5
zDF3ZYlJ8kisvtmoxH/Ioy+kUlZdfbckI3GMX69uDgrB39lsh+DaS07nDz9yw4W9
OONGo0CyRVZ5qcwx4GxNfiSq51lg+dzXARKDXnaWb/NN2sdLeu5DH1FkLpJxJtXx
dMgh92VZrZMwAnZl3FZvz4YVxTvtabpjaeyFnvcMdYQAZjCpQd6vjVoC8LSLV9au
yFuJ2sPSlYE5B1DO6G44/uQqTFSyQ13FtBHzfszSqdTY8JGik3Hyq8BCJUtDAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU5SK/az8qRzb6chQNCpq/eOF277kwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM4MzcyZTMx
MzYzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALm7qDANBgkqhkiG9w0BAQsFAAOCAQEAQY+1Ew/IM2AqnyjMCXELjsw+Xkop
tAO3vKJw/E3Tz6JxP0Do1h50usYnPta9+dgUbXzo/hZ9F2YcKj/9hKqYDoajsr1o
XY++WG/+UQv3m3P8MClbh4FyaiQP9ZebGaTefoiWU4c5AIG0wygM/hFsEKrsUkqh
LRVnQZz09J8xiA74WXPCT5LrhmC/Sys6lfG3fHVmwJ3hWsZhSCPe4QPqsfrUYHgg
ThszpXNfyrXBLtEyl9JMf+1MxsDQuU1BcA8t+Hh+fFgSi6KKQbkhmxQdfK9RM9mV
6wLrBG8fPaKYQkckCEgcSf3TrG2FynaI7bFn2hD8TDmm8UcJ8VLDgPRfbA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:08:17 2025 by rpki-client