Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231362e3230312e302f32342d3234203d3e203632323430.roa
File: 3138352e3231362e3230312e302f32342d3234203d3e203632323430.roa (raw, json)
Hash identifier: IyTkLA+jm0v9uMCpaKduZ4oojJyQOYE5PbeJfvUCS8g=
Subject key identifier: D4:AC:E6:77:39:22:53:A0:7F:6F:37:3D:69:C0:6D:BD:41:A4:8D:98
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0F3448B0A48DDA46494947F6D0050DD34AEF3605
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231362e3230312e302f32342d3234203d3e203632323430.roa
Signing time: Mon 27 Jan 2025 09:44:58 +0000
ROA not before: Mon 27 Jan 2025 09:39:58 +0000
ROA not after: Mon 26 Jan 2026 09:44:58 +0000
asID: 62240
IP address blocks: 185.216.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Apr 2025 11:02:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:34:48:b0:a4:8d:da:46:49:49:47:f6:d0:05:0d:d3:4a:ef:36:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:39:58 2025 GMT
Not After : Jan 26 09:44:58 2026 GMT
Subject: CN=D4ACE677392253A07F6F373D69C06DBD41A48D98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:89:1f:b6:ac:6d:73:9e:28:88:94:3a:49:9c:
fe:24:e5:dd:dc:6a:38:d4:47:a5:7e:a9:9a:cb:cd:
4d:f5:30:c4:74:b0:a9:04:44:d6:60:61:16:4a:51:
90:33:92:d7:a5:16:36:80:7b:d6:89:70:6b:ac:3f:
78:96:52:91:56:55:13:49:f6:c0:62:2d:ab:65:0f:
4a:ea:a9:2a:0d:a3:e8:eb:7b:64:39:58:0d:c0:db:
45:35:89:e7:63:6c:6b:0c:72:ca:ea:df:39:dc:35:
1f:96:79:ff:cc:59:71:21:a3:7c:4d:96:80:c7:61:
93:3b:74:70:14:62:80:7a:3f:a5:dd:5a:cb:e3:bc:
a6:74:aa:1d:77:32:33:14:27:9d:08:6f:a1:c8:d8:
de:4b:0b:64:8f:9e:f1:b8:aa:cd:3d:a9:14:88:98:
ad:ab:cc:4a:3b:ad:c3:5b:96:27:b7:a4:ab:73:20:
49:ac:13:b0:23:02:da:aa:d3:c4:b0:c3:64:3a:b6:
61:75:30:45:75:71:4c:66:e6:14:47:b0:e5:c9:68:
6d:8f:a2:36:d9:1d:29:d1:95:50:24:bd:f2:04:a9:
c6:cd:55:90:11:56:96:25:5d:9e:79:bf:73:ed:96:
19:e9:d5:08:09:63:f3:52:d6:c5:50:12:26:be:c0:
3e:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:AC:E6:77:39:22:53:A0:7F:6F:37:3D:69:C0:6D:BD:41:A4:8D:98
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231362e3230312e302f32342d3234203d3e203632323430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.201.0/24
Signature Algorithm: sha256WithRSAEncryption
49:9e:eb:09:4c:03:e2:d3:7a:2c:dc:43:c7:91:5d:a4:71:5e:
ad:d9:b7:fa:52:bc:51:78:45:5b:22:1e:4d:60:e3:82:18:fa:
34:50:85:08:1e:73:0e:02:04:fe:74:e8:11:60:b1:36:de:d5:
51:74:98:74:aa:df:40:60:bd:a4:fe:6e:db:05:79:de:7b:46:
cd:d3:b4:fb:0f:49:59:80:b5:4d:4a:c6:ab:11:f8:2b:01:f1:
b9:a8:3b:ec:63:aa:64:3d:73:21:98:71:f6:48:f9:44:e8:50:
43:b2:32:3b:d3:30:45:f9:c3:c5:c1:39:9c:ff:6f:b1:29:d0:
73:90:ec:bb:93:f0:82:b7:a6:17:34:d8:3a:00:97:58:87:2a:
f9:94:ea:65:66:67:b5:03:cf:d3:aa:7a:04:33:3a:16:2d:50:
d4:34:e8:d3:71:ac:e9:14:c6:fe:60:e4:ce:31:dc:f0:62:40:
ff:45:59:14:da:b8:e8:21:00:b2:75:af:85:1e:7a:f8:1b:d4:
37:a9:7e:67:91:7c:e3:c7:d8:98:80:4e:60:15:7f:34:ec:fb:
c0:23:d4:01:92:a2:b2:12:bc:a0:ea:31:56:2d:bf:1d:0d:c3:
8f:1c:18:48:45:f0:45:83:a7:13:d1:98:39:82:60:65:57:c8:
84:a4:df:7f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUDzRIsKSN2kZJSUf20AUN00rvNgUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTM5NThaFw0yNjAxMjYwOTQ0NThaMDMxMTAvBgNV
BAMTKEQ0QUNFNjc3MzkyMjUzQTA3RjZGMzczRDY5QzA2REJENDFBNDhEOTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDiR+2rG1zniiIlDpJnP4k5d3c
ajjUR6V+qZrLzU31MMR0sKkERNZgYRZKUZAzktelFjaAe9aJcGusP3iWUpFWVRNJ
9sBiLatlD0rqqSoNo+jre2Q5WA3A20U1iedjbGsMcsrq3zncNR+Wef/MWXEho3xN
loDHYZM7dHAUYoB6P6XdWsvjvKZ0qh13MjMUJ50Ib6HI2N5LC2SPnvG4qs09qRSI
mK2rzEo7rcNblie3pKtzIEmsE7AjAtqq08Sww2Q6tmF1MEV1cUxm5hRHsOXJaG2P
ojbZHSnRlVAkvfIEqcbNVZARVpYlXZ55v3Ptlhnp1QgJY/NS1sVQEia+wD43AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU1KzmdzkiU6B/bzc9acBtvUGkjZgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzYyZTMy
MzAzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzIzMjM0MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC52MkwDQYJKoZIhvcNAQELBQADggEBAEme6wlMA+LTeizcQ8eRXaRxXq3Zt/pS
vFF4RVsiHk1g44IY+jRQhQgecw4CBP506BFgsTbe1VF0mHSq30BgvaT+btsFed57
Rs3TtPsPSVmAtU1KxqsR+CsB8bmoO+xjqmQ9cyGYcfZI+UToUEOyMjvTMEX5w8XB
OZz/b7Ep0HOQ7LuT8IK3phc02DoAl1iHKvmU6mVmZ7UDz9OqegQzOhYtUNQ06NNx
rOkUxv5g5M4x3PBiQP9FWRTauOghALJ1r4Ueevgb1DepfmeRfOPH2JiATmAVfzTs
+8Aj1AGSorISvKDqMVYtvx0Nw48cGEhF8EWDpxPRmDmCYGVXyISk338=
-----END CERTIFICATE-----
Generated at Thu Apr 3 22:22:46 2025 by rpki-client