Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3234382e302f32342d3234203d3e203230343733.roa
File: 3138352e3231332e3234382e302f32342d3234203d3e203230343733.roa (raw, json)
Hash identifier: wPG7+ewf3YavylvXnnocD/9r9dGd3xv6uHxMRf9sKNA=
Subject key identifier: 3E:3E:0D:49:03:96:01:C6:74:16:D4:12:1D:32:BD:60:2A:DC:03:E4
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 0ACF7D32A80148E3E6B832BFDA771CF8779F564B
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3234382e302f32342d3234203d3e203230343733.roa
Signing time: Thu 10 Apr 2025 10:39:50 +0000
ROA not before: Thu 10 Apr 2025 10:34:50 +0000
ROA not after: Thu 09 Apr 2026 10:39:50 +0000
asID: 20473
IP address blocks: 185.213.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 04:22:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:cf:7d:32:a8:01:48:e3:e6:b8:32:bf:da:77:1c:f8:77:9f:56:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Apr 10 10:34:50 2025 GMT
Not After : Apr 9 10:39:50 2026 GMT
Subject: CN=3E3E0D49039601C67416D4121D32BD602ADC03E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3c:3b:00:fe:cd:34:64:b5:65:8e:82:62:28:
b8:81:66:06:71:65:f2:5a:54:c5:2f:fa:d8:cf:6d:
cb:89:4e:36:05:25:af:c6:75:39:2d:0a:29:91:54:
99:56:e0:6f:28:8a:08:60:45:cc:5f:a8:b5:4e:43:
f8:94:4d:d2:66:09:ad:1f:ac:37:e3:47:f7:8a:74:
fd:c0:7a:5f:f6:f2:8f:0d:a2:ca:c1:30:e6:28:a9:
5a:b1:d1:d8:21:4e:b4:6f:d3:d0:3c:5c:63:40:41:
0b:31:d2:0a:21:0a:b7:69:2e:24:a2:e8:db:bc:d3:
e4:f1:0b:d2:15:6b:8c:2d:96:27:7e:aa:a4:bd:dc:
95:48:20:d7:9a:d7:a1:0b:17:58:96:8e:bf:e5:86:
18:89:fa:5f:8c:59:e3:68:42:8d:ee:79:90:88:32:
a3:dc:35:8d:5b:87:2b:9a:f9:22:f9:b6:33:61:c3:
1b:60:38:d2:9d:19:fa:20:af:c1:9a:31:6f:79:cd:
d2:d2:4c:0e:69:39:ae:a1:06:01:ee:7c:a9:54:95:
3e:1e:0d:fa:39:63:d1:74:60:5d:d5:4a:4f:51:98:
8e:9b:ce:00:01:2f:aa:b7:da:f1:6f:85:e4:1f:e1:
5c:de:b2:dd:02:dc:8b:40:0b:ed:5d:22:96:87:8d:
17:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:3E:0D:49:03:96:01:C6:74:16:D4:12:1D:32:BD:60:2A:DC:03:E4
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3234382e302f32342d3234203d3e203230343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.248.0/24
Signature Algorithm: sha256WithRSAEncryption
91:a1:86:e7:78:6d:ec:d0:45:68:8c:b5:15:b0:86:58:54:75:
b6:53:68:94:4b:11:68:44:0c:99:8d:ce:82:2a:f7:91:cd:3b:
17:72:0b:20:8e:50:43:02:67:ec:e6:3d:68:78:32:75:17:61:
88:e1:00:04:e9:01:08:7a:1e:0b:ec:8d:f7:60:3e:66:3a:9b:
00:a5:42:fd:0b:39:20:38:79:de:d1:0f:49:9a:b0:6d:e2:e3:
8a:b0:c9:bd:19:5e:a4:89:61:49:01:cc:d9:48:ce:08:85:d0:
1c:81:76:18:e7:91:a0:4f:f7:01:87:bd:bf:70:ed:e9:a4:24:
09:3b:35:0f:94:d4:ee:e2:7f:1d:7a:0c:99:2c:e8:19:07:70:
91:eb:d1:40:34:23:97:3b:cf:c0:96:67:99:93:93:28:f6:86:
f7:a0:6d:ba:8c:73:64:4f:68:67:8e:b4:41:85:1c:79:29:c5:
ae:5e:33:4a:62:b9:f0:9d:5a:1f:4f:26:d9:b2:97:e8:e2:0d:
eb:5e:c6:0b:6f:9f:ed:d3:bc:44:83:a8:02:7c:70:9d:c1:a3:
5e:d1:e9:dc:78:6f:30:a3:1b:e4:98:34:66:63:af:a5:b7:92:
7e:05:a8:0b:99:e8:02:27:20:8a:48:a8:ff:d9:4f:62:42:63:
c0:97:14:f6
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUCs99MqgBSOPmuDK/2ncc+HefVkswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNTA0MTAxMDM0NTBaFw0yNjA0MDkxMDM5NTBaMDMxMTAvBgNV
BAMTKDNFM0UwRDQ5MDM5NjAxQzY3NDE2RDQxMjFEMzJCRDYwMkFEQzAzRTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtPDsA/s00ZLVljoJiKLiBZgZx
ZfJaVMUv+tjPbcuJTjYFJa/GdTktCimRVJlW4G8oighgRcxfqLVOQ/iUTdJmCa0f
rDfjR/eKdP3Ael/28o8NosrBMOYoqVqx0dghTrRv09A8XGNAQQsx0gohCrdpLiSi
6Nu80+TxC9IVa4wtlid+qqS93JVIINea16ELF1iWjr/lhhiJ+l+MWeNoQo3ueZCI
MqPcNY1bhyua+SL5tjNhwxtgONKdGfogr8GaMW95zdLSTA5pOa6hBgHufKlUlT4e
Dfo5Y9F0YF3VSk9RmI6bzgABL6q32vFvheQf4Vzest0C3ItAC+1dIpaHjRftAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUPj4NSQOWAcZ0FtQSHTK9YCrcA+QwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzODM1MmUzMjMxMzMyZTMy
MzQzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNDM3MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC51fgwDQYJKoZIhvcNAQELBQADggEBAJGhhud4bezQRWiMtRWwhlhUdbZTaJRL
EWhEDJmNzoIq95HNOxdyCyCOUEMCZ+zmPWh4MnUXYYjhAATpAQh6HgvsjfdgPmY6
mwClQv0LOSA4ed7RD0masG3i44qwyb0ZXqSJYUkBzNlIzgiF0ByBdhjnkaBP9wGH
vb9w7emkJAk7NQ+U1O7ifx16DJks6BkHcJHr0UA0I5c7z8CWZ5mTkyj2hvegbbqM
c2RPaGeOtEGFHHkpxa5eM0piufCdWh9PJtmyl+jiDetexgtvn+3TvESDqAJ8cJ3B
o17R6dx4bzCjG+SYNGZjr6W3kn4FqAuZ6AInIIpIqP/ZT2JCY8CXFPY=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:12:47 2025 by rpki-client