Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233302e3133392e302f32342d3234203d3e20313336373837.roa
File: 3138352e3233302e3133392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: dFq3s7iH9VfvN0PdJiQA6+sNHUcja4ei0P6zDqH2yaQ=
Subject key identifier: DF:84:71:BF:46:8C:CC:59:2B:B2:7C:3F:82:A9:59:FB:D3:1B:9A:C6
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 79CE2D93CE6827029E44B9D668DC85DD0DBEB76C
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233302e3133392e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 27 Jan 2025 09:45:05 +0000
ROA not before: Mon 27 Jan 2025 09:40:05 +0000
ROA not after: Mon 26 Jan 2026 09:45:05 +0000
asID: 136787
IP address blocks: 185.230.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:ce:2d:93:ce:68:27:02:9e:44:b9:d6:68:dc:85:dd:0d:be:b7:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:05 2025 GMT
Not After : Jan 26 09:45:05 2026 GMT
Subject: CN=DF8471BF468CCC592BB27C3F82A959FBD31B9AC6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:8c:36:5f:67:5e:fe:c0:45:13:f0:e6:1d:07:
75:fe:ab:21:ac:82:41:2b:4f:42:8e:4c:64:1e:0c:
c7:57:09:07:82:84:ad:3c:28:1c:e4:bb:c0:48:70:
2c:90:9a:82:ac:70:43:0b:d2:2e:52:ae:47:70:c8:
f8:15:56:e9:a5:7a:4f:9c:49:f5:9e:f8:de:51:3d:
0c:6e:b3:53:63:f5:f9:0d:51:c2:a2:e6:fa:a5:6b:
cf:a7:73:e1:7d:63:1a:62:59:c5:1e:b6:7c:fd:04:
0a:7c:c5:b2:fc:9e:9e:3d:64:a9:b7:c6:50:9c:7e:
14:c6:ed:84:0d:52:d3:e0:60:f7:b7:a1:5b:52:17:
26:40:83:dd:f4:52:a7:33:6e:11:4c:d3:c3:64:e1:
85:a2:a9:62:97:09:91:33:49:b4:2a:76:19:f3:09:
45:a5:a8:d8:4e:2a:36:21:80:e6:42:ee:35:67:f7:
0b:2a:e6:bb:0a:ad:e9:ca:fc:22:f8:32:7a:8e:d3:
7d:97:d7:43:b7:09:b6:be:31:97:5e:95:5a:ac:01:
5b:b9:e2:bd:ab:01:49:f6:4b:36:1a:e3:17:3e:02:
cf:e5:9b:81:30:87:48:54:b4:16:79:87:b0:51:53:
39:7c:37:8e:0c:7e:e6:18:03:69:a4:f5:ad:66:48:
d9:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:84:71:BF:46:8C:CC:59:2B:B2:7C:3F:82:A9:59:FB:D3:1B:9A:C6
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233302e3133392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.139.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:04:ac:c5:e4:17:1a:3a:87:38:3a:2c:0f:a8:32:bf:06:67:
16:66:e1:35:fe:a6:d4:aa:bc:09:9b:de:69:a0:cd:c0:ff:81:
cf:d1:54:05:bd:17:11:fb:fd:f1:59:04:c5:81:1d:1d:97:e1:
76:8a:70:de:8f:6b:4a:6c:d4:a6:f0:c2:1f:7f:68:db:c9:80:
a4:84:f5:5e:d7:85:6e:7a:ea:e1:ba:fd:02:e2:99:55:63:33:
16:bd:e6:78:92:f6:98:ce:34:62:ee:35:7b:e4:d5:e2:77:01:
86:61:bc:c2:4d:90:d3:e9:b2:4f:27:b0:41:c9:07:76:3e:82:
d1:b6:48:a9:bd:08:14:f2:a2:cc:2b:35:eb:8c:54:f4:0e:92:
45:16:7a:46:c1:74:ee:db:2e:cb:04:ac:f3:b6:ec:55:30:a9:
3c:a5:3b:22:df:af:f0:6e:1e:2d:61:69:da:10:31:a6:0f:5b:
30:33:12:f6:f2:45:9c:b6:12:52:e6:2f:40:bf:ab:2a:0f:6f:
54:a3:9f:61:a1:0f:91:4d:a9:f3:a9:4d:26:1a:41:72:c6:da:
c8:8f:3d:5b:b5:64:ae:e0:e0:98:e7:c2:67:ed:dc:b4:fa:85:
e7:9b:23:69:ab:77:9c:4c:a8:b7:08:21:e1:8d:0b:04:7b:3a:
b0:ec:1f:2c
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUec4tk85oJwKeRLnWaNyF3Q2+t2wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMDVaFw0yNjAxMjYwOTQ1MDVaMDMxMTAvBgNV
BAMTKERGODQ3MUJGNDY4Q0NDNTkyQkIyN0MzRjgyQTk1OUZCRDMxQjlBQzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrjDZfZ17+wEUT8OYdB3X+qyGs
gkErT0KOTGQeDMdXCQeChK08KBzku8BIcCyQmoKscEML0i5SrkdwyPgVVumlek+c
SfWe+N5RPQxus1Nj9fkNUcKi5vqla8+nc+F9YxpiWcUetnz9BAp8xbL8np49ZKm3
xlCcfhTG7YQNUtPgYPe3oVtSFyZAg930UqczbhFM08Nk4YWiqWKXCZEzSbQqdhnz
CUWlqNhOKjYhgOZC7jVn9wsq5rsKrenK/CL4MnqO032X10O3Cba+MZdelVqsAVu5
4r2rAUn2SzYa4xc+As/lm4Ewh0hUtBZ5h7BRUzl8N44MfuYYA2mk9a1mSNlFAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU34Rxv0aMzFkrsnw/gqlZ+9MbmsYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMzMzAyZTMx
MzMzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnmizANBgkqhkiG9w0BAQsFAAOCAQEAXQSsxeQXGjqHODosD6gyvwZnFmbh
Nf6m1Kq8CZveaaDNwP+Bz9FUBb0XEfv98VkExYEdHZfhdopw3o9rSmzUpvDCH39o
28mApIT1XteFbnrq4br9AuKZVWMzFr3meJL2mM40Yu41e+TV4ncBhmG8wk2Q0+my
TyewQckHdj6C0bZIqb0IFPKizCs164xU9A6SRRZ6RsF07tsuywSs87bsVTCpPKU7
It+v8G4eLWFp2hAxpg9bMDMS9vJFnLYSUuYvQL+rKg9vVKOfYaEPkU2p86lNJhpB
csbayI89W7VkruDgmOfCZ+3ctPqF55sjaat3nEyotwgh4Y0LBHs6sOwfLA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:31:45 2025 by rpki-client