Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232382e302f32332d3332203d3e203531313637.roa
File: 3138352e3230392e3232382e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: i/b0fgtG9zc4jDeaYnk2+MNcLbKeY/IgxWIVHshvQf4=
Subject key identifier: D7:54:91:E8:65:59:AD:E4:86:B2:CC:A8:5A:AB:EA:42:7A:24:AA:D7
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7956DD6CFCEEA1DAB40331B4E29B4725FB281E6A
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232382e302f32332d3332203d3e203531313637.roa
Signing time: Mon 27 Jan 2025 09:44:59 +0000
ROA not before: Mon 27 Jan 2025 09:39:59 +0000
ROA not after: Mon 26 Jan 2026 09:44:59 +0000
asID: 51167
IP address blocks: 185.209.228.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 15:34:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:56:dd:6c:fc:ee:a1:da:b4:03:31:b4:e2:9b:47:25:fb:28:1e:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:39:59 2025 GMT
Not After : Jan 26 09:44:59 2026 GMT
Subject: CN=D75491E86559ADE486B2CCA85AABEA427A24AAD7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:5f:9e:f3:b0:75:97:a1:26:89:17:00:1a:8b:
d9:7f:77:33:aa:06:40:0e:31:4b:5a:88:42:a4:9f:
41:51:f8:29:78:fb:5a:9c:fa:4b:bf:cc:50:8d:91:
f2:f0:e9:5e:3d:b8:f3:3d:7e:71:ef:8a:3a:7c:e0:
57:c3:c8:49:ed:36:c9:b9:dc:fa:4e:44:f9:52:17:
8c:68:fc:d1:e7:7b:b6:49:b1:e0:c1:2c:39:b2:ad:
55:c9:ba:01:86:45:16:74:76:31:2d:7e:91:d1:4e:
0a:99:1c:1a:b3:d5:52:3f:7d:40:0c:e9:86:40:c8:
80:0d:35:9f:e9:0b:46:94:18:e3:67:d1:82:52:91:
58:e7:25:dd:e8:9a:8c:e9:b2:b8:b8:ed:b3:1c:15:
02:b5:79:ee:8a:ca:87:1c:c5:0c:de:3c:4c:ec:61:
24:aa:05:a9:22:1b:19:be:07:e6:a9:a0:8e:45:bc:
3d:6d:54:e6:c6:6b:75:64:22:17:d3:09:8e:1b:89:
45:8c:34:3e:32:32:c8:df:96:85:92:28:37:12:6f:
a7:28:b5:d8:a6:31:cc:99:4c:96:37:f3:b0:4e:d7:
98:14:1b:ff:56:5e:58:dd:ba:4d:96:d0:86:d8:11:
19:d2:f5:4d:dc:70:1a:05:f3:ed:03:00:c6:de:11:
86:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:54:91:E8:65:59:AD:E4:86:B2:CC:A8:5A:AB:EA:42:7A:24:AA:D7
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232382e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.228.0/23
Signature Algorithm: sha256WithRSAEncryption
7e:c8:9d:1f:23:ed:b3:35:c4:d4:82:6d:cc:ac:b3:a9:ff:3e:
72:f4:01:a0:aa:50:9a:19:a7:08:68:ff:89:1f:99:a2:0e:2e:
26:b4:a0:c0:5e:d3:fb:d8:63:64:1f:46:cb:35:34:8b:2d:cc:
6f:55:68:77:e0:9d:4f:69:e3:18:12:71:c8:ab:21:d4:c8:44:
39:07:3d:83:72:7b:ee:2a:37:15:05:e6:13:31:59:e7:1c:de:
8b:90:6c:4f:54:f2:aa:6b:94:97:52:19:1e:58:b1:96:ec:23:
83:8f:6f:28:0c:e3:59:e6:c8:67:2b:d4:f0:86:22:06:20:c7:
a7:59:89:26:37:a6:2c:ed:5e:e0:31:ff:23:db:fc:48:34:4a:
be:32:32:50:af:0c:c0:f4:1c:5f:62:4e:58:1c:93:4b:74:b0:
f6:c8:7a:6e:58:39:40:d7:fd:9b:65:83:ce:b5:57:d4:76:01:
0e:69:c9:61:1d:8a:4a:17:d9:ef:c6:c3:51:bf:e0:36:04:13:
26:03:83:d1:c6:4d:8c:48:ec:b4:4c:f5:ff:5e:73:a4:5a:b8:
a2:21:c9:de:ba:73:f0:1a:7d:15:17:97:d7:90:94:e1:d9:cc:
97:4d:0b:1c:fa:4e:b2:53:71:a5:84:8c:25:a0:1b:b6:f3:ad:
3b:2f:44:37
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUeVbdbPzuodq0AzG04ptHJfsoHmowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTM5NTlaFw0yNjAxMjYwOTQ0NTlaMDMxMTAvBgNV
BAMTKEQ3NTQ5MUU4NjU1OUFERTQ4NkIyQ0NBODVBQUJFQTQyN0EyNEFBRDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBX57zsHWXoSaJFwAai9l/dzOq
BkAOMUtaiEKkn0FR+Cl4+1qc+ku/zFCNkfLw6V49uPM9fnHvijp84FfDyEntNsm5
3PpORPlSF4xo/NHne7ZJseDBLDmyrVXJugGGRRZ0djEtfpHRTgqZHBqz1VI/fUAM
6YZAyIANNZ/pC0aUGONn0YJSkVjnJd3omozpsri47bMcFQK1ee6KyoccxQzePEzs
YSSqBakiGxm+B+apoI5FvD1tVObGa3VkIhfTCY4biUWMND4yMsjfloWSKDcSb6co
tdimMcyZTJY387BO15gUG/9WXljduk2W0IbYERnS9U3ccBoF8+0DAMbeEYbNAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU11SR6GVZreSGssyoWqvqQnokqtcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzkyZTMy
MzIzODJlMzAyZjMyMzMyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG50eQwDQYJKoZIhvcNAQELBQADggEBAH7InR8j7bM1xNSCbcyss6n/PnL0AaCq
UJoZpwho/4kfmaIOLia0oMBe0/vYY2QfRss1NIstzG9VaHfgnU9p4xgSccirIdTI
RDkHPYNye+4qNxUF5hMxWecc3ouQbE9U8qprlJdSGR5YsZbsI4OPbygM41nmyGcr
1PCGIgYgx6dZiSY3piztXuAx/yPb/Eg0Sr4yMlCvDMD0HF9iTlgck0t0sPbIem5Y
OUDX/Ztlg861V9R2AQ5pyWEdikoX2e/Gw1G/4DYEEyYDg9HGTYxI7LRM9f9ec6Ra
uKIhyd66c/AafRUXl9eQlOHZzJdNCxz6TrJTcaWEjCWgG7bzrTsvRDc=
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:27:53 2025 by rpki-client