Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230382e3230372e302f32342d3332203d3e203531313637.roa
File: 3138352e3230382e3230372e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: ltD9vhm49awUNH+ZPIWn5UcijZTvOQQ7glxT5ju2O2I=
Subject key identifier: 31:C7:8D:1B:D6:F9:25:35:EA:78:F5:35:0C:F0:3E:49:CB:59:B4:48
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 218CBEAB72E4A9B40A0C90F34C9E72DCB8FF4D36
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230382e3230372e302f32342d3332203d3e203531313637.roa
Signing time: Mon 27 Jan 2025 09:44:59 +0000
ROA not before: Mon 27 Jan 2025 09:39:59 +0000
ROA not after: Mon 26 Jan 2026 09:44:59 +0000
asID: 51167
IP address blocks: 185.208.207.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 15:34:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:8c:be:ab:72:e4:a9:b4:0a:0c:90:f3:4c:9e:72:dc:b8:ff:4d:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:39:59 2025 GMT
Not After : Jan 26 09:44:59 2026 GMT
Subject: CN=31C78D1BD6F92535EA78F5350CF03E49CB59B448
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:88:28:71:c3:8f:64:5a:b6:aa:b6:08:47:19:
37:ec:02:29:af:68:d7:71:df:4a:0f:a9:99:c4:db:
43:98:ac:6d:08:14:42:c2:55:a1:49:ad:48:53:89:
9a:a9:59:29:24:8d:33:99:16:d6:1b:69:fd:51:1a:
d2:3e:a9:02:69:6e:7b:70:c9:ce:d9:52:88:3d:01:
fe:89:16:94:20:a4:3b:8c:f4:75:87:68:8a:0e:f0:
36:ca:f9:2e:c4:0b:b6:a7:a1:1f:e3:37:54:1d:4a:
a1:64:b1:68:9b:53:92:d2:6a:35:73:21:69:3f:e1:
f5:76:b3:27:09:10:4e:89:93:02:f2:fe:91:c8:18:
99:e9:6d:e3:1c:b7:6f:4c:cb:73:3a:65:ae:c2:28:
f6:fb:dd:de:31:50:49:8d:0f:9c:e8:6d:00:ce:4a:
9b:a3:d2:4b:78:5e:a1:43:01:a8:c8:5c:ae:5d:14:
aa:82:23:14:2f:49:79:39:67:59:5d:c7:26:06:95:
20:2c:64:fa:53:6e:67:89:e0:21:38:28:20:90:47:
a9:4d:d7:15:b5:2a:f4:41:43:22:dc:0e:85:6a:7d:
34:02:61:15:cf:56:ed:f0:fd:23:96:7f:8e:e6:4c:
60:ec:0c:0f:ec:78:f2:96:d8:55:c9:05:8b:98:cf:
a8:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:C7:8D:1B:D6:F9:25:35:EA:78:F5:35:0C:F0:3E:49:CB:59:B4:48
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230382e3230372e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.207.0/24
Signature Algorithm: sha256WithRSAEncryption
87:7a:9e:a5:9a:66:29:e3:ac:84:37:3a:46:b2:4f:a4:1d:42:
89:af:da:67:36:04:10:a3:69:29:f3:82:15:63:bc:25:c0:bd:
c4:72:28:4d:27:1d:ac:e8:18:e5:d9:77:11:c4:e0:99:55:05:
ac:ec:e6:0f:1b:18:fb:4a:ad:f4:8f:69:e8:83:ce:5a:2b:f2:
f7:e9:74:48:e9:b5:e7:45:20:44:56:8c:d9:46:32:97:c2:de:
e7:75:d4:97:9b:76:f4:2e:06:07:6b:20:b0:4a:fc:00:71:c6:
00:01:39:cc:a0:bb:f6:d2:09:c7:7b:0f:f4:23:7a:c2:67:33:
d2:81:57:fe:11:cc:ff:d1:b3:2a:61:17:45:2a:8b:64:c0:56:
9a:f8:2d:d4:fa:0d:8d:0b:3d:57:aa:59:ac:17:9d:0c:97:c8:
97:bd:c1:e1:51:9b:f4:15:f9:24:64:66:92:cc:2d:cd:17:e5:
2c:13:ed:51:71:4e:35:40:48:04:e5:12:00:bb:c9:79:67:d2:
ba:cd:0d:1b:92:18:f9:0c:10:5d:d6:84:49:bc:e4:45:6b:4b:
fe:f8:49:fd:5f:da:0f:ce:1c:8f:3d:8d:e4:a0:fc:e4:14:55:
78:07:d8:2e:e7:df:70:65:07:fc:83:0e:56:0c:e4:44:e5:68:
3a:c7:50:f1
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUIYy+q3LkqbQKDJDzTJ5y3Lj/TTYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTM5NTlaFw0yNjAxMjYwOTQ0NTlaMDMxMTAvBgNV
BAMTKDMxQzc4RDFCRDZGOTI1MzVFQTc4RjUzNTBDRjAzRTQ5Q0I1OUI0NDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3iChxw49kWraqtghHGTfsAimv
aNdx30oPqZnE20OYrG0IFELCVaFJrUhTiZqpWSkkjTOZFtYbaf1RGtI+qQJpbntw
yc7ZUog9Af6JFpQgpDuM9HWHaIoO8DbK+S7EC7anoR/jN1QdSqFksWibU5LSajVz
IWk/4fV2sycJEE6JkwLy/pHIGJnpbeMct29My3M6Za7CKPb73d4xUEmND5zobQDO
Spuj0kt4XqFDAajIXK5dFKqCIxQvSXk5Z1ldxyYGlSAsZPpTbmeJ4CE4KCCQR6lN
1xW1KvRBQyLcDoVqfTQCYRXPVu3w/SOWf47mTGDsDA/sePKW2FXJBYuYz6hDAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUMceNG9b5JTXqePU1DPA+SctZtEgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzgyZTMy
MzAzNzJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC50M8wDQYJKoZIhvcNAQELBQADggEBAId6nqWaZinjrIQ3OkayT6QdQomv2mc2
BBCjaSnzghVjvCXAvcRyKE0nHazoGOXZdxHE4JlVBazs5g8bGPtKrfSPaeiDzlor
8vfpdEjptedFIERWjNlGMpfC3ud11JebdvQuBgdrILBK/ABxxgABOcygu/bSCcd7
D/QjesJnM9KBV/4RzP/RsyphF0Uqi2TAVpr4LdT6DY0LPVeqWawXnQyXyJe9weFR
m/QV+SRkZpLMLc0X5SwT7VFxTjVASATlEgC7yXln0rrNDRuSGPkMEF3WhEm85EVr
S/74Sf1f2g/OHI89jeSg/OQUVXgH2C7n33BlB/yDDlYM5ETlaDrHUPE=
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:28:42 2025 by rpki-client