Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3138352e31332e3232362e302f32342d3234203d3e20323132323338.roa
File: 3138352e31332e3232362e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: 2juSKbgGusV+FdSvpGdGhRB+b7yvZfXJLqRbkLs4Lo0=
Subject key identifier: C7:05:4F:A0:75:F9:BD:2A:76:B0:B0:26:7A:E3:FE:17:B1:60:11:DB
Certificate issuer: /CN=4c189e42f35c944d463d9ea6501f093eb62ba785
Certificate serial: 16032C5ACEC9D2D47B7BD216078E51EE0402F99D
Authority key identifier: 4C:18:9E:42:F3:5C:94:4D:46:3D:9E:A6:50:1F:09:3E:B6:2B:A7:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3138352e31332e3232362e302f32342d3234203d3e20323132323338.roa
Signing time: Tue 22 Apr 2025 00:45:30 +0000
ROA not before: Tue 22 Apr 2025 00:40:30 +0000
ROA not after: Tue 21 Apr 2026 00:45:30 +0000
asID: 212238
IP address blocks: 185.13.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.crl
rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.mft
rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Apr 2025 22:11:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:03:2c:5a:ce:c9:d2:d4:7b:7b:d2:16:07:8e:51:ee:04:02:f9:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c189e42f35c944d463d9ea6501f093eb62ba785
Validity
Not Before: Apr 22 00:40:30 2025 GMT
Not After : Apr 21 00:45:30 2026 GMT
Subject: CN=C7054FA075F9BD2A76B0B0267AE3FE17B16011DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:97:d7:c5:b1:99:08:f6:f7:3f:37:3c:4c:5d:
da:e0:1b:dc:43:cb:63:3e:42:d6:25:31:30:be:98:
13:79:33:f8:f6:5f:da:29:a7:68:c6:6c:d9:31:22:
a1:b7:ad:e3:07:48:81:8b:01:fd:69:71:ee:68:ab:
da:69:7a:af:1c:12:69:3a:2f:af:09:b5:68:c6:38:
db:ea:aa:46:2f:a2:2d:d3:ec:7a:0a:b5:b6:0d:45:
eb:88:d6:67:e2:de:09:55:33:8d:91:a4:e0:50:a0:
31:67:3d:4c:56:68:fc:be:cb:4e:9c:1d:fb:d1:5a:
fc:90:6e:98:66:04:df:ca:c1:1b:79:c8:e1:92:63:
a0:f3:c7:8e:93:b4:6e:fe:6f:42:03:43:b9:00:d6:
df:58:ca:df:b8:6a:a3:8c:db:87:a7:46:fe:61:4f:
5d:6f:e4:32:0b:9a:87:85:33:5e:1e:dd:25:55:1f:
36:fb:fc:eb:3c:7c:42:7d:b5:7e:bd:15:08:c1:b6:
17:4f:ab:15:e1:77:48:28:b5:4d:46:95:76:fd:45:
c9:65:54:ed:0b:12:0a:9a:30:cb:10:42:77:6b:c8:
f0:e9:23:61:b2:30:5e:15:cf:b1:6e:ec:9b:ed:29:
36:a9:fe:59:e3:9b:db:b9:cc:74:df:47:e4:3f:08:
84:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:05:4F:A0:75:F9:BD:2A:76:B0:B0:26:7A:E3:FE:17:B1:60:11:DB
X509v3 Authority Key Identifier:
keyid:4C:18:9E:42:F3:5C:94:4D:46:3D:9E:A6:50:1F:09:3E:B6:2B:A7:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3138352e31332e3232362e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.13.226.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:f3:0a:5d:37:8f:0d:44:a8:eb:bb:7e:37:c1:c6:50:41:c0:
10:85:95:91:15:c8:51:29:b8:43:38:ee:7b:ce:c0:07:3f:b9:
dd:0a:aa:ac:d7:22:cc:37:24:71:10:ef:4d:62:4d:22:f7:3d:
3f:c6:e6:98:03:78:3a:4d:11:52:32:31:22:d0:32:46:d6:1e:
d5:7a:e3:fa:c3:df:69:4d:f2:c4:03:9d:6e:c2:e1:df:8f:e4:
87:da:a8:aa:d1:d2:0f:43:de:6d:45:4d:00:7c:87:48:da:04:
ad:4a:b6:04:11:7f:72:5f:d4:de:47:d4:3a:e8:0c:0e:ab:78:
1b:83:f2:7f:fd:d4:79:be:82:f3:54:a4:3c:74:14:a8:7b:dc:
ba:3d:82:bf:ca:3c:08:fb:fb:81:84:6e:bd:c6:79:14:ad:13:
22:29:7a:12:60:d7:c3:9e:8e:2c:80:81:58:b1:90:63:bf:e5:
a8:ad:d8:39:d6:46:07:5d:34:ce:db:5b:47:0c:16:78:aa:6b:
62:06:33:f8:5f:ae:10:06:cb:23:7a:36:14:f5:54:d9:c6:5e:
38:f9:6b:5a:b8:a8:56:dd:ea:66:6d:35:f8:71:3c:df:14:7b:
3b:c9:4a:33:ff:4c:20:34:80:a0:ba:7d:e7:c0:3d:a5:25:a0:
40:48:2d:00
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUFgMsWs7J0tR7e9IWB45R7gQC+Z0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGMxODllNDJmMzVjOTQ0ZDQ2M2Q5ZWE2NTAxZjA5M2Vi
NjJiYTc4NTAeFw0yNTA0MjIwMDQwMzBaFw0yNjA0MjEwMDQ1MzBaMDMxMTAvBgNV
BAMTKEM3MDU0RkEwNzVGOUJEMkE3NkIwQjAyNjdBRTNGRTE3QjE2MDExREIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCNl9fFsZkI9vc/NzxMXdrgG9xD
y2M+QtYlMTC+mBN5M/j2X9opp2jGbNkxIqG3reMHSIGLAf1pce5oq9ppeq8cEmk6
L68JtWjGONvqqkYvoi3T7HoKtbYNReuI1mfi3glVM42RpOBQoDFnPUxWaPy+y06c
HfvRWvyQbphmBN/KwRt5yOGSY6Dzx46TtG7+b0IDQ7kA1t9Yyt+4aqOM24enRv5h
T11v5DILmoeFM14e3SVVHzb7/Os8fEJ9tX69FQjBthdPqxXhd0gotU1GlXb9Rcll
VO0LEgqaMMsQQndryPDpI2GyMF4Vz7Fu7JvtKTap/lnjm9u5zHTfR+Q/CIRrAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUxwVPoHX5vSp2sLAmeuP+F7FgEdswHwYDVR0j
BBgwFoAUTBieQvNclE1GPZ6mUB8JPrYrp4UwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2U1MTBlMTctMzFmYS00MTRiLTk4OWUtMDI2ZGJiNmZk
ZjUxLzAvNEMxODlFNDJGMzVDOTQ0RDQ2M0Q5RUE2NTAxRjA5M0VCNjJCQTc4NS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RCaWVRdk5jbEUxR1BaNm1VQjhKUHJZ
cnA0VS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2U1MTBlMTct
MzFmYS00MTRiLTk4OWUtMDI2ZGJiNmZkZjUxLzAvMzEzODM1MmUzMTMzMmUzMjMy
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMjMzMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5DeIwDQYJKoZIhvcNAQELBQADggEBAGzzCl03jw1EqOu7fjfBxlBBwBCFlZEV
yFEpuEM47nvOwAc/ud0KqqzXIsw3JHEQ701iTSL3PT/G5pgDeDpNEVIyMSLQMkbW
HtV64/rD32lN8sQDnW7C4d+P5IfaqKrR0g9D3m1FTQB8h0jaBK1KtgQRf3Jf1N5H
1DroDA6reBuD8n/91Hm+gvNUpDx0FKh73Lo9gr/KPAj7+4GEbr3GeRStEyIpehJg
18OejiyAgVixkGO/5ait2DnWRgddNM7bW0cMFniqa2IGM/hfrhAGyyN6NhT1VNnG
Xjj5a1q4qFbd6mZtNfhxPN8UezvJSjP/TCA0gKC6fefAPaUloEBILQA=
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:50:17 2025 by rpki-client