Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3234302e302f32322d3332203d3e203531313637.roa
File: 38352e3139302e3234302e302f32322d3332203d3e203531313637.roa (raw, json)
Hash identifier: HlwNVHsbFvnZ5+6G0K9SWMNUsBlJ0OPEgRS0woHW2ac=
Subject key identifier: 87:83:00:06:F2:E5:F9:18:A8:9F:32:46:F4:15:76:3D:81:E9:32:8F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7B14528F1DB8A2C52489E0135ED2F53DF5C51DE0
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3234302e302f32322d3332203d3e203531313637.roa
Signing time: Tue 11 Mar 2025 07:45:52 +0000
ROA not before: Tue 11 Mar 2025 07:40:52 +0000
ROA not after: Tue 10 Mar 2026 07:45:52 +0000
asID: 51167
IP address blocks: 85.190.240.0/22 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 15:34:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:14:52:8f:1d:b8:a2:c5:24:89:e0:13:5e:d2:f5:3d:f5:c5:1d:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 11 07:40:52 2025 GMT
Not After : Mar 10 07:45:52 2026 GMT
Subject: CN=87830006F2E5F918A89F3246F415763D81E9328F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e4:41:81:87:53:b0:3f:4a:af:a3:3a:82:2a:
1e:8b:cd:53:45:4c:36:c7:ae:f7:51:b1:9b:ab:bd:
ad:8a:17:a6:f4:78:a4:bc:1d:f1:8e:c6:0d:db:6a:
9a:8d:bf:97:61:6c:c9:82:56:26:f5:71:14:71:61:
6b:b1:43:85:ff:96:5f:99:fd:70:da:b4:d2:57:86:
95:4e:b5:91:18:27:16:35:c0:50:bc:9a:d0:45:9a:
0b:bb:db:08:bb:45:8d:9f:64:b5:18:18:ad:d5:8b:
32:d1:43:4e:68:80:88:d9:5c:60:38:54:b8:bf:99:
05:30:10:a4:ba:f9:8b:1b:80:d6:0e:2b:a4:b9:2e:
c8:88:e3:31:e0:8b:70:17:c9:c2:b4:38:60:f4:a1:
28:b5:0f:00:9b:da:bf:45:81:47:0f:61:9e:05:ed:
37:91:18:91:18:57:64:f9:fa:03:83:69:69:22:63:
68:07:50:fd:fc:03:53:8d:e6:72:99:13:b1:78:78:
4c:56:c3:1c:fb:ea:04:28:8d:a0:73:c4:f5:15:7d:
d0:f5:28:ed:e4:52:a6:52:8b:bd:ff:06:8f:48:06:
f5:a6:40:9b:69:9f:9b:25:54:bb:e2:9d:94:eb:22:
37:e0:56:29:c1:72:a3:a5:0f:e3:be:f5:dd:34:0c:
c8:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:83:00:06:F2:E5:F9:18:A8:9F:32:46:F4:15:76:3D:81:E9:32:8F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3234302e302f32322d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.190.240.0/22
Signature Algorithm: sha256WithRSAEncryption
15:84:d8:ac:b6:3c:fb:aa:90:ea:8f:74:ce:fc:ac:66:a2:e9:
a3:ed:9a:23:be:a5:23:d4:c0:9d:8a:a6:24:2c:91:f4:df:ed:
49:1f:b2:fb:70:f2:58:d9:f3:1f:03:a5:e5:f9:0c:d3:22:8f:
a6:70:ed:a7:2a:db:c8:28:9c:78:43:a4:08:d9:6a:df:d8:40:
4f:b5:eb:cc:b9:bd:a1:03:c7:bb:56:d7:bf:b9:e7:05:ee:5e:
f6:c3:11:dc:c4:11:ef:51:a9:7d:36:7f:9c:8b:52:7b:04:c3:
d7:98:ac:3f:6e:3e:23:ac:dc:09:d3:d7:a0:6a:d4:ba:b5:e6:
70:a8:41:b3:9f:24:b7:e0:49:b7:de:71:91:2b:c1:6d:4b:89:
38:57:db:d3:bb:77:ff:c5:17:c3:ca:94:5f:9a:3b:33:a7:15:
46:60:30:be:36:11:4f:ec:a1:2d:93:5b:2b:d4:7b:56:32:a0:
09:6c:c5:51:04:41:0d:25:25:1a:64:80:8c:36:81:35:01:04:
0d:a7:c1:e9:5a:5b:4a:38:37:9a:97:9e:14:93:db:49:5d:3d:
bc:a8:8d:05:fe:cc:ea:0a:f6:7a:d2:15:cd:30:92:68:62:7e:
e6:41:6c:76:23:ce:d0:0c:fc:0e:04:21:8a:09:80:3c:24:04:
89:4a:71:98
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUexRSjx24osUkieATXtL1PfXFHeAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAzMTEwNzQwNTJaFw0yNjAzMTAwNzQ1NTJaMDMxMTAvBgNV
BAMTKDg3ODMwMDA2RjJFNUY5MThBODlGMzI0NkY0MTU3NjNEODFFOTMyOEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG5EGBh1OwP0qvozqCKh6LzVNF
TDbHrvdRsZurva2KF6b0eKS8HfGOxg3bapqNv5dhbMmCVib1cRRxYWuxQ4X/ll+Z
/XDatNJXhpVOtZEYJxY1wFC8mtBFmgu72wi7RY2fZLUYGK3VizLRQ05ogIjZXGA4
VLi/mQUwEKS6+YsbgNYOK6S5LsiI4zHgi3AXycK0OGD0oSi1DwCb2r9FgUcPYZ4F
7TeRGJEYV2T5+gODaWkiY2gHUP38A1ON5nKZE7F4eExWwxz76gQojaBzxPUVfdD1
KO3kUqZSi73/Bo9IBvWmQJtpn5slVLvinZTrIjfgVinBcqOlD+O+9d00DMj1AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUh4MABvLl+RionzJG9BV2PYHpMo8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzEzOTMwMmUzMjM0
MzAyZTMwMmYzMjMyMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
Vb7wMA0GCSqGSIb3DQEBCwUAA4IBAQAVhNistjz7qpDqj3TO/Kxmoumj7ZojvqUj
1MCdiqYkLJH03+1JH7L7cPJY2fMfA6Xl+QzTIo+mcO2nKtvIKJx4Q6QI2Wrf2EBP
tevMub2hA8e7Vte/uecF7l72wxHcxBHvUal9Nn+ci1J7BMPXmKw/bj4jrNwJ09eg
atS6teZwqEGznyS34Em33nGRK8FtS4k4V9vTu3f/xRfDypRfmjszpxVGYDC+NhFP
7KEtk1sr1HtWMqAJbMVRBEENJSUaZICMNoE1AQQNp8HpWltKODeal54Uk9tJXT28
qI0F/szqCvZ60hXNMJJoYn7mQWx2I87QDPwOBCGKCYA8JASJSnGY
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:22:08 2025 by rpki-client