Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3138352e3234302e3130372e302f32342d3234203d3e20323135333034.roa
File: 3138352e3234302e3130372e302f32342d3234203d3e20323135333034.roa (raw, json)
Hash identifier: Kgf8wBPJNXdSfK4BtuP3v6qDzrmpjRHzp1OmZMiqMVk=
Subject key identifier: 01:7E:2D:7E:04:9C:21:73:CD:4E:4F:9F:C8:BF:F7:EC:BF:C5:B7:38
Certificate issuer: /CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Certificate serial: 3D29CC9536F243BCAF81597BF2A20D5530FC8B43
Authority key identifier: 8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3138352e3234302e3130372e302f32342d3234203d3e20323135333034.roa
Signing time: Tue 13 May 2025 11:16:50 +0000
ROA not before: Tue 13 May 2025 11:11:50 +0000
ROA not after: Tue 12 May 2026 11:16:50 +0000
asID: 215304
IP address blocks: 185.240.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl
rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.mft
rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:29:cc:95:36:f2:43:bc:af:81:59:7b:f2:a2:0d:55:30:fc:8b:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Validity
Not Before: May 13 11:11:50 2025 GMT
Not After : May 12 11:16:50 2026 GMT
Subject: CN=017E2D7E049C2173CD4E4F9FC8BFF7ECBFC5B738
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:9d:0e:55:10:e2:56:0a:a3:e5:0f:32:89:a4:
1a:b6:5e:11:8a:4d:64:8e:04:b4:34:a8:cb:bb:a4:
4c:09:62:44:89:56:8f:f6:dc:74:47:53:28:79:10:
31:fd:8c:c5:94:25:00:72:30:23:a1:7a:a5:2a:5a:
ea:74:c1:c4:9d:20:2a:10:e7:e9:c7:52:48:5b:2f:
85:5c:89:d6:19:93:ee:15:25:69:03:f6:2a:db:f2:
8f:86:d2:d3:ec:85:21:5a:d0:36:8c:36:e3:d9:1b:
2f:44:e0:9e:eb:66:31:b0:ba:23:7e:98:db:65:03:
f1:20:5f:55:3e:54:34:8b:20:0e:af:33:81:eb:2f:
b1:36:cb:8d:18:1f:a7:d6:ea:dc:05:ab:a3:c0:f2:
cf:b6:f4:2f:1e:68:96:94:03:7a:e9:64:1d:b8:4d:
a0:68:c4:26:cf:d2:3e:33:19:ae:c4:59:ec:d0:ba:
d7:c4:5f:7d:41:5b:7b:68:d2:02:7f:c6:cd:7f:df:
75:a2:44:42:39:45:1b:6b:4a:27:65:4c:b9:f5:65:
09:3c:cd:5a:ff:b1:74:b7:44:8b:76:ff:5b:63:b1:
76:70:bc:0d:48:08:c8:b6:10:d2:7b:a1:de:bd:46:
ce:84:d8:53:38:2f:9f:fc:24:d1:af:01:40:d4:77:
18:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:7E:2D:7E:04:9C:21:73:CD:4E:4F:9F:C8:BF:F7:EC:BF:C5:B7:38
X509v3 Authority Key Identifier:
keyid:8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3138352e3234302e3130372e302f32342d3234203d3e20323135333034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.107.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:b4:4f:24:18:5e:fd:c5:58:0c:82:eb:9f:8e:91:a4:dd:64:
39:4e:32:f3:1b:71:56:dc:3d:3f:1d:41:c8:19:22:fa:e8:37:
7d:8b:f2:8a:2d:c4:57:78:43:1e:e3:22:7b:e8:8d:96:90:6f:
f0:f1:4f:56:29:68:56:aa:2d:95:0c:3a:c7:67:41:99:05:d4:
50:5f:5d:40:75:64:58:26:50:8b:7a:4c:9c:27:e7:06:bf:d6:
6f:77:20:30:5e:d0:97:a5:71:82:f6:9a:0b:dc:4b:8b:01:95:
42:1d:e5:79:eb:19:e7:a9:d1:21:88:2b:c8:ba:ec:35:c9:a5:
31:45:68:ff:08:ba:df:86:58:35:af:16:bc:59:d9:1b:e8:6a:
83:c0:95:29:33:a0:98:a5:91:d1:ef:12:2a:c8:52:a2:5a:f1:
97:e7:67:3b:b7:71:5e:59:b7:5c:59:81:8c:6f:2d:3f:fe:81:
11:f7:29:97:04:5e:14:c5:05:8b:55:18:bf:12:3b:c0:39:45:
36:a5:73:d6:e6:41:0e:4f:5b:96:f8:f2:3e:23:ef:7b:9d:a2:
f7:d9:ee:93:f8:3f:0d:7d:ab:0c:74:92:24:5e:fc:8a:5f:7b:
b7:cd:cf:aa:16:24:66:7c:36:0b:3e:b1:e9:8a:f2:de:58:41:
a1:9a:4f:e6
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUPSnMlTbyQ7yvgVl78qINVTD8i0MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGMxMmI0MjczODMyYjQxNTZmZTAwOTJmNmFlN2U1YjNj
ZTIzYWQ4YjAeFw0yNTA1MTMxMTExNTBaFw0yNjA1MTIxMTE2NTBaMDMxMTAvBgNV
BAMTKDAxN0UyRDdFMDQ5QzIxNzNDRDRFNEY5RkM4QkZGN0VDQkZDNUI3MzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2nQ5VEOJWCqPlDzKJpBq2XhGK
TWSOBLQ0qMu7pEwJYkSJVo/23HRHUyh5EDH9jMWUJQByMCOheqUqWup0wcSdICoQ
5+nHUkhbL4VcidYZk+4VJWkD9irb8o+G0tPshSFa0DaMNuPZGy9E4J7rZjGwuiN+
mNtlA/EgX1U+VDSLIA6vM4HrL7E2y40YH6fW6twFq6PA8s+29C8eaJaUA3rpZB24
TaBoxCbP0j4zGa7EWezQutfEX31BW3to0gJ/xs1/33WiREI5RRtrSidlTLn1ZQk8
zVr/sXS3RIt2/1tjsXZwvA1ICMi2ENJ7od69Rs6E2FM4L5/8JNGvAUDUdxhjAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUAX4tfgScIXPNTk+fyL/37L/FtzgwHwYDVR0j
BBgwFoAUjBK0JzgytBVv4Akvaufls84jrYswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGJmZDY4ODItZDZiMy00YWE4LWJjMGEtNzExZDY4YmQx
OThiLzAvOEMxMkI0MjczODMyQjQxNTZGRTAwOTJGNkFFN0U1QjNDRTIzQUQ4Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2pCSzBKemd5dEJWdjRBa3ZhdWZsczg0
anJZcy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGJmZDY4ODIt
ZDZiMy00YWE4LWJjMGEtNzExZDY4YmQxOThiLzAvMzEzODM1MmUzMjM0MzAyZTMx
MzAzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNTMzMzAzNC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnwazANBgkqhkiG9w0BAQsFAAOCAQEAbbRPJBhe/cVYDILrn46RpN1kOU4y
8xtxVtw9Px1ByBki+ug3fYvyii3EV3hDHuMie+iNlpBv8PFPViloVqotlQw6x2dB
mQXUUF9dQHVkWCZQi3pMnCfnBr/Wb3cgMF7Ql6VxgvaaC9xLiwGVQh3leesZ56nR
IYgryLrsNcmlMUVo/wi634ZYNa8WvFnZG+hqg8CVKTOgmKWR0e8SKshSolrxl+dn
O7dxXlm3XFmBjG8tP/6BEfcplwReFMUFi1UYvxI7wDlFNqVz1uZBDk9blvjyPiPv
e52i99nuk/g/DX2rDHSSJF78il97t83PqhYkZnw2Cz6x6Yry3lhBoZpP5g==
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:41:18 2025 by rpki-client