Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231362e3230332e302f32342d3332203d3e203531313637.roa
File: 3138352e3231362e3230332e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: IIEGYb04iwktbJ1VkZ7KglCqt+0HpD6iM3i8qXH0F/0=
Subject key identifier: A5:A0:93:47:79:FF:9E:84:DB:F4:DC:3F:1B:0B:B1:C1:BB:F1:72:B9
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0D263131117C4EDFA316A99E2A94E3A8B60A5507
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231362e3230332e302f32342d3332203d3e203531313637.roa
Signing time: Mon 27 Jan 2025 09:45:00 +0000
ROA not before: Mon 27 Jan 2025 09:40:00 +0000
ROA not after: Mon 26 Jan 2026 09:45:00 +0000
asID: 51167
IP address blocks: 185.216.203.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 15:34:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:26:31:31:11:7c:4e:df:a3:16:a9:9e:2a:94:e3:a8:b6:0a:55:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:00 2025 GMT
Not After : Jan 26 09:45:00 2026 GMT
Subject: CN=A5A0934779FF9E84DBF4DC3F1B0BB1C1BBF172B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:7c:e0:3f:54:d9:5d:6f:8f:5e:e9:fc:3d:0d:
01:f5:f3:7a:c9:5c:37:22:d5:ec:37:fb:8c:7b:a0:
e0:32:3d:f5:51:08:f7:d6:a6:c3:89:31:11:3e:8f:
51:ac:d0:64:6d:f1:1c:c0:e8:ea:c7:11:c6:04:8c:
fd:a8:ef:f4:66:73:03:0f:5d:75:21:35:8e:e3:14:
9e:90:e6:04:62:d4:93:40:6a:ea:48:6b:67:18:f2:
d3:51:9f:64:0e:e6:7c:66:4c:68:a7:10:d9:b9:dc:
09:98:48:bb:65:51:87:1d:57:80:bf:fa:dc:66:f9:
69:5b:8d:5f:d4:de:a0:93:b8:35:1e:d1:f7:9e:9d:
93:29:c9:1e:70:42:78:9b:8b:3b:fe:85:4e:94:24:
bb:51:bb:ed:d0:5f:4a:04:c6:7f:73:a1:5b:8b:50:
bb:54:b0:85:cf:51:94:87:f2:e8:1d:7a:9d:8c:b3:
28:b9:77:15:42:83:ea:62:b3:17:7f:17:b5:d4:0b:
9f:f0:ad:7c:2a:83:3c:78:97:61:7a:6c:60:98:d7:
a5:13:23:17:a9:2e:8a:ef:24:7a:d5:2c:2b:9c:6a:
92:4c:4c:9c:ef:7c:41:45:15:74:b4:33:f0:92:10:
0e:9e:57:ee:cf:9c:a2:4f:3f:8d:af:f9:90:44:27:
67:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:A0:93:47:79:FF:9E:84:DB:F4:DC:3F:1B:0B:B1:C1:BB:F1:72:B9
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231362e3230332e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.203.0/24
Signature Algorithm: sha256WithRSAEncryption
73:6b:4d:63:e2:0c:06:09:68:83:a9:86:aa:f2:2b:55:fe:9f:
20:d8:60:15:2d:f0:ad:c3:97:58:a6:01:f1:36:68:f1:fa:ce:
14:8a:f6:56:14:b6:5b:9c:77:2a:f1:30:e3:11:1f:a4:bf:3a:
84:88:e9:54:51:be:ac:33:95:aa:8e:7b:3f:5e:0b:7d:6e:87:
ad:75:17:f0:b3:7f:35:30:4a:87:3f:aa:cd:60:0f:55:5b:29:
62:04:f7:47:23:de:1e:6d:b0:a6:fe:8d:28:cb:12:88:c5:72:
25:73:0f:d3:4c:0a:7b:77:96:07:b6:bb:71:fe:05:db:ce:64:
c1:ed:8e:2a:70:eb:a0:e2:7b:73:51:46:3f:45:89:63:90:82:
9c:c4:3b:73:91:31:53:c0:18:34:96:6a:59:ea:34:44:8b:06:
7d:36:9a:a7:c6:29:f4:39:60:e5:11:b5:77:2f:50:e2:8b:46:
03:fa:84:67:a8:b7:ee:98:cf:ee:87:53:80:e3:9f:a2:97:7a:
8a:c1:76:59:08:a2:43:d4:6e:2a:f1:1b:5a:92:c3:31:32:08:
da:e1:e0:4f:20:7c:12:f7:ec:5f:d9:bc:d3:74:ee:89:66:e9:
d2:07:bd:b0:22:fa:96:c9:ae:e6:a5:67:95:39:5c:88:79:05:
25:2a:35:5a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUDSYxMRF8Tt+jFqmeKpTjqLYKVQcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMDBaFw0yNjAxMjYwOTQ1MDBaMDMxMTAvBgNV
BAMTKEE1QTA5MzQ3NzlGRjlFODREQkY0REMzRjFCMEJCMUMxQkJGMTcyQjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJfOA/VNldb49e6fw9DQH183rJ
XDci1ew3+4x7oOAyPfVRCPfWpsOJMRE+j1Gs0GRt8RzA6OrHEcYEjP2o7/RmcwMP
XXUhNY7jFJ6Q5gRi1JNAaupIa2cY8tNRn2QO5nxmTGinENm53AmYSLtlUYcdV4C/
+txm+WlbjV/U3qCTuDUe0feenZMpyR5wQnibizv+hU6UJLtRu+3QX0oExn9zoVuL
ULtUsIXPUZSH8ugdep2Msyi5dxVCg+pisxd/F7XUC5/wrXwqgzx4l2F6bGCY16UT
IxepLorvJHrVLCucapJMTJzvfEFFFXS0M/CSEA6eV+7PnKJPP42v+ZBEJ2flAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUpaCTR3n/noTb9Nw/GwuxwbvxcrkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzYyZTMy
MzAzMzJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC52MswDQYJKoZIhvcNAQELBQADggEBAHNrTWPiDAYJaIOphqryK1X+nyDYYBUt
8K3Dl1imAfE2aPH6zhSK9lYUtlucdyrxMOMRH6S/OoSI6VRRvqwzlaqOez9eC31u
h611F/CzfzUwSoc/qs1gD1VbKWIE90cj3h5tsKb+jSjLEojFciVzD9NMCnt3lge2
u3H+BdvOZMHtjipw66Die3NRRj9FiWOQgpzEO3ORMVPAGDSWalnqNESLBn02mqfG
KfQ5YOURtXcvUOKLRgP6hGeot+6Yz+6HU4Djn6KXeorBdlkIokPUbirxG1qSwzEy
CNrh4E8gfBL37F/ZvNN07olm6dIHvbAi+pbJrualZ5U5XIh5BSUqNVo=
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:27:53 2025 by rpki-client