Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/87ae25f3-706b-47ed-bb74-46684ae0ef2b/0/3138352e3138362e32352e302f32342d3234203d3e203135343430.roa
File: 3138352e3138362e32352e302f32342d3234203d3e203135343430.roa (raw, json)
Hash identifier: zbKaWYwmjPPC167P5YL6I94JcPZEWN0HKnmqpfcR9u4=
Subject key identifier: 28:4C:A0:DB:A1:76:D6:05:95:CF:0C:F2:B4:25:61:21:F7:77:0D:A5
Certificate issuer: /CN=b3d0280f500695a43204251c9830454ca8a2e7ac
Certificate serial: 4C1E422BFF65ED4604B1682B9B4E7F8A4B1248E5
Authority key identifier: B3:D0:28:0F:50:06:95:A4:32:04:25:1C:98:30:45:4C:A8:A2:E7:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s9AoD1AGlaQyBCUcmDBFTKii56w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/87ae25f3-706b-47ed-bb74-46684ae0ef2b/0/3138352e3138362e32352e302f32342d3234203d3e203135343430.roa
Signing time: Tue 15 Apr 2025 09:54:01 +0000
ROA not before: Tue 15 Apr 2025 09:49:01 +0000
ROA not after: Tue 14 Apr 2026 09:54:01 +0000
asID: 15440
IP address blocks: 185.186.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/87ae25f3-706b-47ed-bb74-46684ae0ef2b/0/B3D0280F500695A43204251C9830454CA8A2E7AC.crl
rsync://rsync.paas.rpki.ripe.net/repository/87ae25f3-706b-47ed-bb74-46684ae0ef2b/0/B3D0280F500695A43204251C9830454CA8A2E7AC.mft
rsync://rpki.ripe.net/repository/DEFAULT/s9AoD1AGlaQyBCUcmDBFTKii56w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 09:58:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:1e:42:2b:ff:65:ed:46:04:b1:68:2b:9b:4e:7f:8a:4b:12:48:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3d0280f500695a43204251c9830454ca8a2e7ac
Validity
Not Before: Apr 15 09:49:01 2025 GMT
Not After : Apr 14 09:54:01 2026 GMT
Subject: CN=284CA0DBA176D60595CF0CF2B4256121F7770DA5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:60:57:cb:95:4f:51:d3:8e:ef:f8:69:7c:bc:
14:b3:cb:f5:c0:9b:6b:b0:84:1c:88:c7:e0:3a:93:
ac:15:cc:de:70:24:e1:2e:27:6f:d7:f6:30:cc:3e:
da:67:8d:ac:be:49:f5:72:4e:97:69:69:fe:89:f5:
ac:ec:28:3e:8b:b3:8d:62:99:73:a9:a2:62:a2:ac:
9d:d9:dd:bd:9b:6e:06:5d:3a:8f:16:29:ef:3c:cb:
c0:22:41:97:05:e3:98:33:90:43:a0:da:9b:70:2e:
90:f2:6d:89:7d:71:cc:15:4f:13:67:62:61:8a:a4:
ad:c4:fa:a8:53:ed:bb:44:bf:73:18:9c:34:01:3b:
95:1f:b9:0c:47:26:45:61:a9:82:5a:b3:16:54:b5:
6a:11:0a:fe:10:32:4c:9d:8e:a4:4a:e2:61:64:db:
51:6e:b0:f7:d7:53:ae:78:c0:dc:08:37:2d:31:e2:
9f:1c:a0:8e:55:89:d1:87:cc:2b:60:0e:6f:f9:04:
7c:15:b8:58:2f:79:36:35:e8:0d:01:41:1f:98:60:
ea:fa:2b:e7:11:66:0a:b7:bd:33:77:f5:f5:c3:9e:
de:f6:28:a2:cf:c4:cb:78:c0:1e:96:59:e9:31:8f:
03:7d:7e:98:96:c9:0b:5d:4a:a8:73:97:18:bd:65:
f6:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:4C:A0:DB:A1:76:D6:05:95:CF:0C:F2:B4:25:61:21:F7:77:0D:A5
X509v3 Authority Key Identifier:
keyid:B3:D0:28:0F:50:06:95:A4:32:04:25:1C:98:30:45:4C:A8:A2:E7:AC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/87ae25f3-706b-47ed-bb74-46684ae0ef2b/0/B3D0280F500695A43204251C9830454CA8A2E7AC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9AoD1AGlaQyBCUcmDBFTKii56w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/87ae25f3-706b-47ed-bb74-46684ae0ef2b/0/3138352e3138362e32352e302f32342d3234203d3e203135343430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.25.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:63:27:0e:7f:bb:db:70:04:51:08:6e:5a:c3:60:bb:88:7c:
e3:c5:5a:81:ef:70:83:ac:d8:f3:49:a8:8b:94:32:34:a3:a1:
d0:4f:68:ed:d4:39:3b:32:03:08:19:cf:af:ef:f7:48:d6:5c:
67:e4:0e:fb:de:e1:e4:0c:cd:fc:2c:1a:7f:c4:57:86:e7:fa:
07:ea:56:9f:1e:5a:90:4a:9d:8e:34:8c:ab:4b:2b:11:a0:96:
b7:eb:dc:37:a5:7a:a1:cd:45:ab:d6:81:5a:19:1d:75:e7:e2:
c7:de:4c:1e:2f:a5:0f:87:48:63:28:1e:e7:3e:31:cd:79:94:
5e:3e:08:b7:34:60:e6:41:72:8d:2b:df:51:f0:48:85:63:e3:
79:0a:74:ea:ae:44:79:87:14:0b:91:7a:c0:aa:27:55:ab:c8:
04:81:ae:59:a1:05:bc:99:8b:a6:dd:e8:67:e2:6e:09:66:d9:
c2:44:d4:fc:94:27:07:f1:c9:53:9f:2a:aa:1d:34:28:50:27:
c3:0b:43:42:f5:05:a0:cd:a8:bb:9b:2a:b3:85:e8:76:10:8b:
9c:05:bf:bc:04:0c:03:62:4d:da:41:d3:2b:a8:4e:12:8f:f3:
a7:e9:21:39:3e:1c:14:1c:59:81:99:76:c0:89:88:c0:40:6a:
51:03:31:b6
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUTB5CK/9l7UYEsWgrm05/iksSSOUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjNkMDI4MGY1MDA2OTVhNDMyMDQyNTFjOTgzMDQ1NGNh
OGEyZTdhYzAeFw0yNTA0MTUwOTQ5MDFaFw0yNjA0MTQwOTU0MDFaMDMxMTAvBgNV
BAMTKDI4NENBMERCQTE3NkQ2MDU5NUNGMENGMkI0MjU2MTIxRjc3NzBEQTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5YFfLlU9R047v+Gl8vBSzy/XA
m2uwhByIx+A6k6wVzN5wJOEuJ2/X9jDMPtpnjay+SfVyTpdpaf6J9azsKD6Ls41i
mXOpomKirJ3Z3b2bbgZdOo8WKe88y8AiQZcF45gzkEOg2ptwLpDybYl9ccwVTxNn
YmGKpK3E+qhT7btEv3MYnDQBO5UfuQxHJkVhqYJasxZUtWoRCv4QMkydjqRK4mFk
21FusPfXU654wNwINy0x4p8coI5VidGHzCtgDm/5BHwVuFgveTY16A0BQR+YYOr6
K+cRZgq3vTN39fXDnt72KKLPxMt4wB6WWekxjwN9fpiWyQtdSqhzlxi9ZfYjAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUKEyg26F21gWVzwzytCVhIfd3DaUwHwYDVR0j
BBgwFoAUs9AoD1AGlaQyBCUcmDBFTKii56wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODdhZTI1ZjMtNzA2Yi00N2VkLWJiNzQtNDY2ODRhZTBl
ZjJiLzAvQjNEMDI4MEY1MDA2OTVBNDMyMDQyNTFDOTgzMDQ1NENBOEEyRTdBQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3M5QW9EMUFHbGFReUJDVWNtREJGVEtp
aTU2dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODdhZTI1ZjMt
NzA2Yi00N2VkLWJiNzQtNDY2ODRhZTBlZjJiLzAvMzEzODM1MmUzMTM4MzYyZTMy
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM1MzQzNDMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uboZMA0GCSqGSIb3DQEBCwUAA4IBAQAcYycOf7vbcARRCG5aw2C7iHzjxVqB73CD
rNjzSaiLlDI0o6HQT2jt1Dk7MgMIGc+v7/dI1lxn5A773uHkDM38LBp/xFeG5/oH
6lafHlqQSp2ONIyrSysRoJa369w3pXqhzUWr1oFaGR115+LH3kweL6UPh0hjKB7n
PjHNeZRePgi3NGDmQXKNK99R8EiFY+N5CnTqrkR5hxQLkXrAqidVq8gEga5ZoQW8
mYum3ehn4m4JZtnCRNT8lCcH8clTnyqqHTQoUCfDC0NC9QWgzai7myqzheh2EIuc
Bb+8BAwDYk3aQdMrqE4Sj/On6SE5PhwUHFmBmXbAiYjAQGpRAzG2
-----END CERTIFICATE-----
Generated at Mon Apr 28 03:58:48 2025 by rpki-client