Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/87ae25f3-706b-47ed-bb74-46684ae0ef2b/0/3138352e3138362e32372e302f32342d3234203d3e203631333137.roa
File: 3138352e3138362e32372e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: jD3TEx8Q8JwdsmzwyDZ9zaukL1sMlGUp0uzFac23xJs=
Subject key identifier: 4C:32:CF:38:3F:EF:9C:76:94:1D:22:B4:D7:0D:8E:1C:7E:9D:96:9B
Certificate issuer: /CN=b3d0280f500695a43204251c9830454ca8a2e7ac
Certificate serial: 0F8C386F5E9C78769ED5A64C5B9B0256EABCD967
Authority key identifier: B3:D0:28:0F:50:06:95:A4:32:04:25:1C:98:30:45:4C:A8:A2:E7:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s9AoD1AGlaQyBCUcmDBFTKii56w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/87ae25f3-706b-47ed-bb74-46684ae0ef2b/0/3138352e3138362e32372e302f32342d3234203d3e203631333137.roa
Signing time: Tue 15 Apr 2025 09:54:01 +0000
ROA not before: Tue 15 Apr 2025 09:49:01 +0000
ROA not after: Tue 14 Apr 2026 09:54:01 +0000
asID: 61317
IP address blocks: 185.186.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/87ae25f3-706b-47ed-bb74-46684ae0ef2b/0/B3D0280F500695A43204251C9830454CA8A2E7AC.crl
rsync://rsync.paas.rpki.ripe.net/repository/87ae25f3-706b-47ed-bb74-46684ae0ef2b/0/B3D0280F500695A43204251C9830454CA8A2E7AC.mft
rsync://rpki.ripe.net/repository/DEFAULT/s9AoD1AGlaQyBCUcmDBFTKii56w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:8c:38:6f:5e:9c:78:76:9e:d5:a6:4c:5b:9b:02:56:ea:bc:d9:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3d0280f500695a43204251c9830454ca8a2e7ac
Validity
Not Before: Apr 15 09:49:01 2025 GMT
Not After : Apr 14 09:54:01 2026 GMT
Subject: CN=4C32CF383FEF9C76941D22B4D70D8E1C7E9D969B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:df:37:88:11:69:f0:18:e4:ae:e9:b8:a7:5b:
9d:43:e7:e6:6c:f9:0b:cf:cf:d9:19:d5:ec:86:e9:
71:5d:63:d1:1c:03:0d:19:7c:42:26:19:2e:e8:eb:
d2:ec:2f:8c:3b:3d:08:1f:a3:76:04:e7:cf:aa:48:
07:99:58:78:04:84:94:5a:0a:66:ab:44:26:e1:0f:
c8:a1:e7:0c:00:76:46:32:96:83:0e:b1:0c:b0:c4:
f4:72:7e:a4:e5:33:48:13:79:48:27:36:89:92:fd:
32:74:39:03:e1:02:77:4b:21:a3:76:e8:41:c9:45:
58:6f:8e:5c:4b:2d:83:e7:4a:1e:05:41:8b:aa:a9:
c5:0c:10:c3:63:ff:03:82:d4:96:f5:35:33:fa:e8:
78:cc:66:1c:58:86:d0:56:de:89:4b:d4:c4:2f:20:
d9:5c:bc:e6:a6:86:fa:8a:02:fb:c0:69:4c:e0:25:
8b:bb:53:60:2d:dc:63:b8:5f:7b:1d:76:4e:d4:39:
6e:97:04:24:ec:e5:20:9f:e5:74:d2:5a:84:44:7a:
96:b8:7b:e0:72:2d:77:a2:34:2e:53:3c:41:fc:b1:
97:b4:c0:e6:7c:b7:36:b2:da:13:39:d0:a6:57:e0:
0e:25:ca:aa:4a:4f:86:9d:b6:ee:d0:20:09:dd:f4:
c1:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:32:CF:38:3F:EF:9C:76:94:1D:22:B4:D7:0D:8E:1C:7E:9D:96:9B
X509v3 Authority Key Identifier:
keyid:B3:D0:28:0F:50:06:95:A4:32:04:25:1C:98:30:45:4C:A8:A2:E7:AC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/87ae25f3-706b-47ed-bb74-46684ae0ef2b/0/B3D0280F500695A43204251C9830454CA8A2E7AC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9AoD1AGlaQyBCUcmDBFTKii56w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/87ae25f3-706b-47ed-bb74-46684ae0ef2b/0/3138352e3138362e32372e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.27.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:fe:3e:ad:0b:84:f6:8e:a5:24:6d:dc:bc:3a:ed:0a:84:39:
4b:8d:a4:ed:7c:88:3e:f5:10:27:d5:75:7f:87:f1:6b:e0:21:
6c:bf:68:37:22:75:8d:27:4a:68:70:7a:0a:ac:33:87:aa:7b:
85:31:5b:07:ec:d0:54:f9:01:9e:e1:62:36:72:a2:62:83:c4:
b8:8e:2e:f6:15:6b:2c:67:96:c3:07:97:22:00:14:08:b9:f7:
e8:d6:6d:c3:19:50:04:ad:c4:1c:16:bc:10:ba:93:95:c8:36:
18:75:01:f3:60:8d:10:c2:f3:f1:83:8d:32:f9:ac:e9:34:40:
fd:44:b2:3a:a0:44:76:52:b7:41:07:35:d5:9e:a7:7e:01:5f:
e8:3e:53:60:1a:83:3a:7e:69:15:a5:ce:7c:8d:60:3a:5e:5f:
f6:9e:ae:95:4d:f3:ca:e5:eb:dc:3b:2a:63:c8:59:b3:64:74:
76:b2:b1:ea:7f:cd:84:6b:c4:ff:be:92:0d:9e:a6:8a:ee:24:
ce:d6:0f:79:33:1b:bf:f9:e3:70:9f:34:eb:1f:af:b1:6e:d8:
d1:3c:75:d3:bb:b5:a6:8f:15:0a:db:31:fa:0a:8b:5a:8c:43:
a8:6e:68:4f:e9:b8:b4:5b:48:4f:66:83:75:83:32:39:6a:b2:
fd:5a:dc:0b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUD4w4b16ceHae1aZMW5sCVuq82WcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjNkMDI4MGY1MDA2OTVhNDMyMDQyNTFjOTgzMDQ1NGNh
OGEyZTdhYzAeFw0yNTA0MTUwOTQ5MDFaFw0yNjA0MTQwOTU0MDFaMDMxMTAvBgNV
BAMTKDRDMzJDRjM4M0ZFRjlDNzY5NDFEMjJCNEQ3MEQ4RTFDN0U5RDk2OUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCu3zeIEWnwGOSu6binW51D5+Zs
+QvPz9kZ1eyG6XFdY9EcAw0ZfEImGS7o69LsL4w7PQgfo3YE58+qSAeZWHgEhJRa
CmarRCbhD8ih5wwAdkYyloMOsQywxPRyfqTlM0gTeUgnNomS/TJ0OQPhAndLIaN2
6EHJRVhvjlxLLYPnSh4FQYuqqcUMEMNj/wOC1Jb1NTP66HjMZhxYhtBW3olL1MQv
INlcvOamhvqKAvvAaUzgJYu7U2At3GO4X3sddk7UOW6XBCTs5SCf5XTSWoREepa4
e+ByLXeiNC5TPEH8sZe0wOZ8tzay2hM50KZX4A4lyqpKT4adtu7QIAnd9MH3AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUTDLPOD/vnHaUHSK01w2OHH6dlpswHwYDVR0j
BBgwFoAUs9AoD1AGlaQyBCUcmDBFTKii56wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODdhZTI1ZjMtNzA2Yi00N2VkLWJiNzQtNDY2ODRhZTBl
ZjJiLzAvQjNEMDI4MEY1MDA2OTVBNDMyMDQyNTFDOTgzMDQ1NENBOEEyRTdBQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3M5QW9EMUFHbGFReUJDVWNtREJGVEtp
aTU2dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODdhZTI1ZjMt
NzA2Yi00N2VkLWJiNzQtNDY2ODRhZTBlZjJiLzAvMzEzODM1MmUzMTM4MzYyZTMy
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMxMzMzMTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ubobMA0GCSqGSIb3DQEBCwUAA4IBAQC8/j6tC4T2jqUkbdy8Ou0KhDlLjaTtfIg+
9RAn1XV/h/Fr4CFsv2g3InWNJ0pocHoKrDOHqnuFMVsH7NBU+QGe4WI2cqJig8S4
ji72FWssZ5bDB5ciABQIuffo1m3DGVAErcQcFrwQupOVyDYYdQHzYI0QwvPxg40y
+azpNED9RLI6oER2UrdBBzXVnqd+AV/oPlNgGoM6fmkVpc58jWA6Xl/2nq6VTfPK
5evcOypjyFmzZHR2srHqf82Ea8T/vpINnqaK7iTO1g95Mxu/+eNwnzTrH6+xbtjR
PHXTu7WmjxUK2zH6CotajEOobmhP6bi0W0hPZoN1gzI5arL9WtwL
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:44:43 2025 by rpki-client