Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231392e3134302e302f32342d3234203d3e20323132323338.roa
File: 3138352e3231392e3134302e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: z4wvle2LgL1j+R5GoHBiFaLRLA0mOiWzihWP6kPD8f4=
Subject key identifier: 8B:FF:F0:64:F5:3B:96:E1:23:91:2B:5B:1D:CF:51:19:AD:EA:D9:A3
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5B874FBE816EA71D27D2E11B7DE15C2424340869
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231392e3134302e302f32342d3234203d3e20323132323338.roa
Signing time: Fri 16 May 2025 09:46:22 +0000
ROA not before: Fri 16 May 2025 09:41:22 +0000
ROA not after: Fri 15 May 2026 09:46:22 +0000
asID: 212238
IP address blocks: 185.219.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 12:43:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:87:4f:be:81:6e:a7:1d:27:d2:e1:1b:7d:e1:5c:24:24:34:08:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 16 09:41:22 2025 GMT
Not After : May 15 09:46:22 2026 GMT
Subject: CN=8BFFF064F53B96E123912B5B1DCF5119ADEAD9A3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:6d:94:3d:89:a6:d1:21:bc:77:66:dc:9f:bf:
b3:c8:f2:81:3f:23:9f:ee:51:4f:22:d1:4b:b4:94:
17:ef:1a:cc:fb:30:2c:c7:f3:d3:99:7c:7c:f3:9e:
d7:2e:e5:94:d7:98:52:7a:e0:3f:84:1a:a3:16:70:
89:00:57:d3:fc:14:76:bd:b9:b9:e4:50:e8:7b:bc:
f3:41:be:39:42:de:91:de:3e:e3:e9:28:08:c7:54:
49:4b:52:06:e2:5a:ce:15:3d:85:e7:48:79:69:ff:
2a:fd:72:5d:c4:8e:0f:bc:6d:ff:74:a3:6f:26:e2:
41:d0:e9:a2:de:b2:98:71:64:8d:90:66:9e:03:ea:
b0:0c:ea:84:de:70:94:71:06:d3:e0:a3:c5:77:f9:
01:2e:a7:3d:0e:15:c0:f1:51:6c:e4:56:9e:a0:3a:
b1:01:d8:6e:8f:65:70:97:a8:06:61:a2:47:a2:a2:
00:58:14:77:cb:a9:c1:3b:a3:f8:a2:c1:62:08:a0:
d4:93:01:56:12:c8:ba:26:68:14:f5:6f:ed:42:77:
41:e2:72:81:b4:8d:83:be:07:9f:af:94:5c:25:4a:
a5:b7:66:22:6e:cf:81:e2:a1:40:db:8f:c8:9d:14:
eb:24:04:6f:56:50:5a:ae:38:35:1c:c3:f6:ca:3d:
b1:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:FF:F0:64:F5:3B:96:E1:23:91:2B:5B:1D:CF:51:19:AD:EA:D9:A3
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231392e3134302e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.219.140.0/24
Signature Algorithm: sha256WithRSAEncryption
29:f7:2f:5e:f9:85:ed:7a:38:8b:5e:b7:33:48:fb:a2:03:f1:
40:b1:01:15:8b:4f:cd:d3:27:03:81:13:6c:d2:23:ed:33:84:
54:d1:d8:db:b4:07:e2:98:b3:71:9f:90:05:f2:dc:dd:20:da:
97:87:b2:44:8f:ef:c0:5d:de:58:24:95:3f:d9:b8:aa:d7:ff:
1b:da:f9:88:47:e9:49:0a:e5:1b:1a:56:9f:88:7b:74:27:60:
1b:3a:6d:8d:37:8d:b5:c7:33:33:d4:24:e9:5d:77:b5:b1:e0:
84:4e:fe:23:e0:27:3c:10:14:d4:66:5f:59:56:15:34:01:5d:
de:f2:15:7a:cc:eb:23:03:7a:dc:15:17:ce:0e:e9:28:4d:7e:
53:da:1f:c8:5d:a0:e2:27:f9:30:be:a1:23:63:3a:44:24:79:
9f:2d:37:4d:d8:0f:42:53:a5:eb:00:df:97:66:27:81:6a:20:
1e:6a:08:f6:8a:02:40:99:90:7a:97:3f:b5:ad:db:dc:ee:a9:
22:61:4f:24:b2:df:df:e3:7c:f6:30:6b:65:36:98:c1:41:cd:
13:41:06:1e:db:71:66:2e:ea:c8:bf:e2:e3:c1:23:42:06:40:
64:13:d2:6c:4d:3c:5b:c2:bc:78:81:62:46:66:d3:45:1c:a5:
e5:8d:76:30
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUW4dPvoFupx0n0uEbfeFcJCQ0CGkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA1MTYwOTQxMjJaFw0yNjA1MTUwOTQ2MjJaMDMxMTAvBgNV
BAMTKDhCRkZGMDY0RjUzQjk2RTEyMzkxMkI1QjFEQ0Y1MTE5QURFQUQ5QTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtbZQ9iabRIbx3Ztyfv7PI8oE/
I5/uUU8i0Uu0lBfvGsz7MCzH89OZfHzzntcu5ZTXmFJ64D+EGqMWcIkAV9P8FHa9
ubnkUOh7vPNBvjlC3pHePuPpKAjHVElLUgbiWs4VPYXnSHlp/yr9cl3Ejg+8bf90
o28m4kHQ6aLesphxZI2QZp4D6rAM6oTecJRxBtPgo8V3+QEupz0OFcDxUWzkVp6g
OrEB2G6PZXCXqAZhokeiogBYFHfLqcE7o/iiwWIIoNSTAVYSyLomaBT1b+1Cd0Hi
coG0jYO+B5+vlFwlSqW3ZiJuz4HioUDbj8idFOskBG9WUFquODUcw/bKPbEjAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUi//wZPU7luEjkStbHc9RGa3q2aMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzkyZTMx
MzQzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMyMzMzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnbjDANBgkqhkiG9w0BAQsFAAOCAQEAKfcvXvmF7Xo4i163M0j7ogPxQLEB
FYtPzdMnA4ETbNIj7TOEVNHY27QH4pizcZ+QBfLc3SDal4eyRI/vwF3eWCSVP9m4
qtf/G9r5iEfpSQrlGxpWn4h7dCdgGzptjTeNtcczM9Qk6V13tbHghE7+I+AnPBAU
1GZfWVYVNAFd3vIVeszrIwN63BUXzg7pKE1+U9ofyF2g4if5ML6hI2M6RCR5ny03
TdgPQlOl6wDfl2YngWogHmoI9ooCQJmQepc/ta3b3O6pImFPJLLf3+N89jBrZTaY
wUHNE0EGHttxZi7qyL/i48EjQgZAZBPSbE08W8K8eIFiRmbTRRyl5Y12MA==
-----END CERTIFICATE-----
Generated at Fri Jun 6 19:29:53 2025 by rpki-client