Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231352e3136342e302f32332d3332203d3e203531313637.roa
File: 3138352e3231352e3136342e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: 8gMzypEN9uccwIglJNZwwunl6wz3/tSg2VgPuh1ULDo=
Subject key identifier: 9A:F3:C3:C6:18:C5:60:1B:D9:F3:11:35:AD:B3:B5:AC:CF:4F:6E:FF
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 01D925291F1BF5893D5C0860AF0D2FFE249AA962
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231352e3136342e302f32332d3332203d3e203531313637.roa
Signing time: Mon 27 Jan 2025 09:45:27 +0000
ROA not before: Mon 27 Jan 2025 09:40:27 +0000
ROA not after: Mon 26 Jan 2026 09:45:27 +0000
asID: 51167
IP address blocks: 185.215.164.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 15:34:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:d9:25:29:1f:1b:f5:89:3d:5c:08:60:af:0d:2f:fe:24:9a:a9:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:27 2025 GMT
Not After : Jan 26 09:45:27 2026 GMT
Subject: CN=9AF3C3C618C5601BD9F31135ADB3B5ACCF4F6EFF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:5b:12:32:c4:d1:5b:fa:70:91:47:7a:dd:eb:
c4:97:d8:48:c6:af:b7:5a:88:3f:47:2a:ed:52:5b:
95:78:d3:6b:80:78:5f:e5:32:25:c7:df:9a:9e:67:
7a:a2:e7:0a:25:73:ae:d4:61:f9:41:00:ae:b8:77:
61:eb:d5:d4:3a:84:27:f6:6f:5a:4f:d0:9a:0d:ef:
e4:81:0e:6e:a1:48:76:a4:34:8d:6c:70:ea:91:71:
73:81:eb:d8:ed:0f:cc:6d:f6:60:6b:5a:7f:5b:30:
89:ab:7f:0c:e3:e4:de:97:a5:2f:58:00:be:ca:40:
39:51:72:b6:54:b0:f1:68:11:2b:43:0c:a0:05:e0:
2a:35:dc:36:bb:42:75:80:0b:b9:29:9e:bd:f9:fb:
f8:9f:a9:bf:c5:d8:f7:c9:4a:8c:d9:68:87:d2:60:
63:a9:2e:de:06:1c:c4:fa:90:83:ae:f9:87:f0:b3:
29:14:61:fb:e2:b9:db:6e:52:7b:bf:70:72:c3:ad:
5e:78:88:8b:e7:e7:4e:5e:f0:27:84:9b:03:68:79:
ea:9a:bd:a9:c1:78:f4:43:fb:53:7b:77:49:c4:c5:
67:f6:51:2a:b4:e1:d1:52:76:86:cb:5b:58:ce:49:
1f:fe:7a:e8:61:81:92:21:ce:67:85:1d:e4:1d:0d:
d7:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:F3:C3:C6:18:C5:60:1B:D9:F3:11:35:AD:B3:B5:AC:CF:4F:6E:FF
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231352e3136342e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.215.164.0/23
Signature Algorithm: sha256WithRSAEncryption
30:ed:e9:ed:f3:69:74:aa:2b:cc:0d:cf:24:d1:3d:48:a6:93:
5e:87:52:7e:05:eb:c0:30:1f:02:3d:b5:da:af:0d:85:72:fd:
42:f0:e7:78:0d:b8:6d:9f:5c:b4:3e:f2:2d:32:1c:98:78:e2:
30:a7:9a:41:46:fa:ab:22:f5:24:9b:8c:9c:9e:68:93:fc:da:
84:51:02:d9:3c:e6:b0:5b:df:4a:96:0f:f6:0c:f0:0f:ea:16:
78:be:ea:ad:96:f7:ac:9e:c4:cd:1f:5b:1e:0f:0f:a3:e1:4e:
db:8b:71:53:69:05:ee:79:2a:62:d6:45:0f:46:74:c1:b0:82:
fe:0a:38:2d:3f:1e:4b:9d:79:6a:e5:97:a4:7c:ae:3a:73:05:
9f:90:b4:b7:1c:db:e3:a7:33:3a:fd:86:bf:a6:43:94:4e:03:
f1:aa:3b:23:fe:d4:b8:13:d5:d6:4c:e1:eb:6a:ec:9f:0c:90:
e4:f4:55:ce:5a:eb:a6:b7:4f:ca:4c:4e:89:b3:74:c9:ce:86:
92:a0:d9:a0:d7:c1:48:ae:fe:71:d2:17:08:e8:05:e3:82:bc:
af:5d:18:fc:88:73:9f:1a:ec:1d:c4:81:10:eb:d9:10:91:ae:
4a:2f:3e:c0:87:cf:c7:5c:47:66:4c:5d:c9:77:10:90:24:94:
76:33:38:75
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUAdklKR8b9Yk9XAhgrw0v/iSaqWIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMjdaFw0yNjAxMjYwOTQ1MjdaMDMxMTAvBgNV
BAMTKDlBRjNDM0M2MThDNTYwMUJEOUYzMTEzNUFEQjNCNUFDQ0Y0RjZFRkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdWxIyxNFb+nCRR3rd68SX2EjG
r7daiD9HKu1SW5V402uAeF/lMiXH35qeZ3qi5wolc67UYflBAK64d2Hr1dQ6hCf2
b1pP0JoN7+SBDm6hSHakNI1scOqRcXOB69jtD8xt9mBrWn9bMImrfwzj5N6XpS9Y
AL7KQDlRcrZUsPFoEStDDKAF4Co13Da7QnWAC7kpnr35+/ifqb/F2PfJSozZaIfS
YGOpLt4GHMT6kIOu+YfwsykUYfviudtuUnu/cHLDrV54iIvn505e8CeEmwNoeeqa
vanBePRD+1N7d0nExWf2USq04dFSdobLW1jOSR/+euhhgZIhzmeFHeQdDdevAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUmvPDxhjFYBvZ8xE1rbO1rM9Pbv8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzUyZTMx
MzYzNDJlMzAyZjMyMzMyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG516QwDQYJKoZIhvcNAQELBQADggEBADDt6e3zaXSqK8wNzyTRPUimk16HUn4F
68AwHwI9tdqvDYVy/ULw53gNuG2fXLQ+8i0yHJh44jCnmkFG+qsi9SSbjJyeaJP8
2oRRAtk85rBb30qWD/YM8A/qFni+6q2W96yexM0fWx4PD6PhTtuLcVNpBe55KmLW
RQ9GdMGwgv4KOC0/HkudeWrll6R8rjpzBZ+QtLcc2+OnMzr9hr+mQ5ROA/GqOyP+
1LgT1dZM4etq7J8MkOT0Vc5a66a3T8pMTomzdMnOhpKg2aDXwUiu/nHSFwjoBeOC
vK9dGPyIc58a7B3EgRDr2RCRrkovPsCHz8dcR2ZMXcl3EJAklHYzOHU=
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:05:01 2025 by rpki-client