Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233302e3133382e302f32342d3332203d3e203531313637.roa
File: 3138352e3233302e3133382e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: N6Mj1IP+BN6h8/B/zettmdNTY0xl4o+ZIu8rmihoMtg=
Subject key identifier: BC:AA:FE:2A:B1:0F:F6:05:FD:C6:89:3A:DB:0A:83:0D:3D:78:5F:D2
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 62C50D75C200B08B2595544BD69042B4538FCBC8
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233302e3133382e302f32342d3332203d3e203531313637.roa
Signing time: Mon 27 Jan 2025 09:45:14 +0000
ROA not before: Mon 27 Jan 2025 09:40:14 +0000
ROA not after: Mon 26 Jan 2026 09:45:14 +0000
asID: 51167
IP address blocks: 185.230.138.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 15:34:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:c5:0d:75:c2:00:b0:8b:25:95:54:4b:d6:90:42:b4:53:8f:cb:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:14 2025 GMT
Not After : Jan 26 09:45:14 2026 GMT
Subject: CN=BCAAFE2AB10FF605FDC6893ADB0A830D3D785FD2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:11:a6:69:b3:4e:db:f8:97:f4:d9:3d:be:4b:
e1:c4:af:34:b8:89:47:61:ad:2c:3a:2d:e0:f8:d2:
7c:21:f3:e0:b1:90:83:2c:8d:78:b5:3e:2c:78:df:
63:16:a9:68:e0:03:4b:7b:de:96:76:59:cf:79:92:
68:bf:12:48:c5:07:05:4c:52:13:be:c9:1b:60:51:
9f:4b:22:1f:96:aa:d5:09:a1:6b:17:4b:59:bc:01:
e4:d3:77:ae:e7:2b:f6:1a:f8:40:5a:a4:c3:d5:26:
19:f5:23:d3:e1:02:65:37:0e:5d:99:eb:b8:cc:0f:
c9:54:13:a1:1b:e1:b9:35:aa:09:4f:8b:23:bc:8a:
63:39:b6:c1:e5:5c:e1:db:ba:ce:4c:a5:f4:31:a6:
66:57:e9:08:7d:22:82:26:f4:f0:2a:8b:06:0e:a4:
23:1d:27:a3:90:de:55:b2:b3:c5:d6:a3:b6:dd:7a:
bd:67:89:63:0f:fb:8a:69:0d:09:a6:c9:e5:af:74:
83:2f:7c:14:0e:bd:fc:4b:2c:1a:1a:06:1f:c4:35:
29:dd:3a:30:0b:d0:f7:8e:8f:36:dc:1c:ed:14:8e:
2e:3a:19:60:9e:1b:cd:ba:11:12:e1:ea:d7:d2:08:
9f:82:b9:31:d2:72:49:97:4c:9d:39:4d:e5:ee:b8:
3b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:AA:FE:2A:B1:0F:F6:05:FD:C6:89:3A:DB:0A:83:0D:3D:78:5F:D2
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233302e3133382e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.138.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:99:2b:7e:3d:d4:7c:2f:d2:9e:14:37:c5:4b:8b:53:73:9a:
11:ec:44:da:04:a8:3d:46:dc:cc:29:29:f7:1e:d3:f2:d1:c1:
e8:17:9d:06:7d:5a:91:52:21:c6:29:da:a0:97:8d:e8:63:a6:
43:94:56:26:d6:fc:00:af:e2:98:da:45:1a:73:1a:75:2d:81:
6c:a4:93:50:b3:85:a8:69:4a:dd:e3:a9:14:c0:d9:93:b4:ab:
ce:67:68:18:bb:48:b8:6a:22:90:ad:8c:3f:6e:b6:f2:60:53:
dd:39:b0:e5:92:6d:3c:f8:f2:e4:5f:4d:13:e9:66:5c:94:14:
ae:aa:21:37:9b:35:a9:6a:84:53:9a:6a:4b:0f:2d:8f:aa:42:
8a:4e:4f:12:90:c0:49:65:0e:02:33:57:d6:b7:09:e7:50:b9:
9d:94:ba:0e:5d:1e:28:c3:e0:f8:d5:ca:90:be:da:68:d9:38:
a3:00:5e:70:03:6c:8d:65:20:6b:dd:38:e2:b6:65:b3:43:f3:
17:da:48:b5:f2:12:2d:43:1a:fd:92:c1:8d:ad:08:bc:15:04:
e3:c8:61:ed:39:bc:61:25:16:60:d0:e8:55:6f:40:5c:87:7c:
f5:b9:a5:34:7b:a2:73:25:88:82:33:7e:cd:9a:af:c5:84:88:
0a:89:e4:d7
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUYsUNdcIAsIsllVRL1pBCtFOPy8gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMTRaFw0yNjAxMjYwOTQ1MTRaMDMxMTAvBgNV
BAMTKEJDQUFGRTJBQjEwRkY2MDVGREM2ODkzQURCMEE4MzBEM0Q3ODVGRDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8EaZps07b+Jf02T2+S+HErzS4
iUdhrSw6LeD40nwh8+CxkIMsjXi1Pix432MWqWjgA0t73pZ2Wc95kmi/EkjFBwVM
UhO+yRtgUZ9LIh+WqtUJoWsXS1m8AeTTd67nK/Ya+EBapMPVJhn1I9PhAmU3Dl2Z
67jMD8lUE6Eb4bk1qglPiyO8imM5tsHlXOHbus5MpfQxpmZX6Qh9IoIm9PAqiwYO
pCMdJ6OQ3lWys8XWo7bder1niWMP+4ppDQmmyeWvdIMvfBQOvfxLLBoaBh/ENSnd
OjAL0PeOjzbcHO0Uji46GWCeG826ERLh6tfSCJ+CuTHSckmXTJ05TeXuuDsvAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUvKr+KrEP9gX9xok62wqDDT14X9IwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMzMzAyZTMx
MzMzODJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC55oowDQYJKoZIhvcNAQELBQADggEBAIyZK3491Hwv0p4UN8VLi1NzmhHsRNoE
qD1G3MwpKfce0/LRwegXnQZ9WpFSIcYp2qCXjehjpkOUVibW/ACv4pjaRRpzGnUt
gWykk1CzhahpSt3jqRTA2ZO0q85naBi7SLhqIpCtjD9utvJgU905sOWSbTz48uRf
TRPpZlyUFK6qITebNalqhFOaaksPLY+qQopOTxKQwEllDgIzV9a3CedQuZ2Uug5d
HijD4PjVypC+2mjZOKMAXnADbI1lIGvdOOK2ZbND8xfaSLXyEi1DGv2SwY2tCLwV
BOPIYe05vGElFmDQ6FVvQFyHfPW5pTR7onMliIIzfs2ar8WEiAqJ5Nc=
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:23:46 2025 by rpki-client