Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e3136322e3137362e302f32342d3234203d3e203630303638.roa
File: 3138352e3136322e3137362e302f32342d3234203d3e203630303638.roa (raw, json)
Hash identifier: FWlVfil/MRp9WWD+FDzPsahVha+EFU/5crqnO8kQCzg=
Subject key identifier: 81:A7:EC:2A:EA:01:39:CC:9B:57:C7:C6:54:25:01:70:1E:51:7C:E5
Certificate issuer: /CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Certificate serial: 5AF4FC7208996959AED0C96F5120093B25961AFC
Authority key identifier: E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e3136322e3137362e302f32342d3234203d3e203630303638.roa
Signing time: Sat 14 Jun 2025 14:58:19 +0000
ROA not before: Sat 14 Jun 2025 14:53:19 +0000
ROA not after: Sat 13 Jun 2026 14:58:19 +0000
asID: 60068
IP address blocks: 185.162.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.mft
rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 21:15:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:f4:fc:72:08:99:69:59:ae:d0:c9:6f:51:20:09:3b:25:96:1a:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Validity
Not Before: Jun 14 14:53:19 2025 GMT
Not After : Jun 13 14:58:19 2026 GMT
Subject: CN=81A7EC2AEA0139CC9B57C7C6542501701E517CE5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a1:bb:4b:b1:07:d6:cd:af:ed:f0:39:87:38:
a6:5d:09:35:35:25:55:4c:c9:8a:76:fe:ef:83:33:
c6:71:a9:d0:f4:e9:2f:7c:97:76:3a:02:e2:10:43:
cc:bc:99:fd:3a:23:1e:1c:2e:f1:ab:e6:11:21:49:
0f:39:e4:c3:1f:15:7c:7c:25:4f:24:11:ce:2f:ea:
8a:13:0d:54:17:1d:da:a6:16:7a:81:51:76:a0:bf:
e1:32:29:fd:7a:11:70:09:86:ff:ca:57:e3:83:5a:
e2:c1:9d:c5:a1:03:65:6a:33:da:9a:db:f4:73:5b:
ff:0e:47:fe:74:f1:2d:12:c8:a8:7e:e7:7d:40:7c:
4d:94:a6:86:12:02:f6:0f:b0:e2:f7:50:71:cd:af:
24:b4:c3:10:8d:89:84:6d:cd:43:84:1c:98:85:2a:
77:ff:02:d6:89:5c:58:5b:20:3a:15:10:b7:c9:2b:
f9:85:c2:52:da:88:82:42:3a:d4:0c:64:22:42:d7:
87:84:4d:77:14:d4:c5:b2:5f:51:9b:04:c6:fd:a3:
8c:10:b5:d6:51:f3:5d:7a:71:e8:90:5a:ba:b2:70:
7d:a2:4e:5b:f1:72:6e:79:c7:e3:f9:c1:c3:6a:97:
a3:47:5c:06:09:82:fc:bf:53:4e:45:56:95:70:e4:
b8:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:A7:EC:2A:EA:01:39:CC:9B:57:C7:C6:54:25:01:70:1E:51:7C:E5
X509v3 Authority Key Identifier:
keyid:E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e3136322e3137362e302f32342d3234203d3e203630303638.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.162.176.0/24
Signature Algorithm: sha256WithRSAEncryption
36:b2:9a:aa:d5:6f:13:a3:a8:7e:7b:66:0b:0c:6c:f8:45:02:
1f:a3:0e:b4:35:fd:83:c6:08:8f:55:ea:a3:df:22:32:69:66:
53:86:30:55:8e:a3:9b:fa:21:f8:96:6e:2b:fa:f4:b9:b9:cc:
3c:e4:ad:dc:0a:a2:87:a0:79:5a:02:5b:ef:5d:73:b4:d6:cc:
04:f3:6c:d3:62:70:a3:a0:a2:64:4c:4b:b8:27:64:04:b1:c5:
3c:94:82:06:1a:dc:75:1b:3f:3b:5f:1a:85:be:0b:8d:24:b7:
5a:18:ae:d3:eb:fe:85:d8:58:eb:7a:df:27:7f:b2:d3:4e:f0:
4b:40:76:21:6a:4c:3f:ba:29:4c:4b:f0:56:8a:ab:57:1a:17:
30:6f:c4:5d:52:7b:f6:d9:9b:19:3a:88:3e:73:7e:34:62:0c:
8c:3d:c6:0b:67:97:c1:08:24:a1:9e:45:ac:94:d1:8d:9f:22:
b9:ba:d9:d5:2a:62:e3:46:cd:6e:80:c6:4b:44:77:75:0b:a5:
a0:d5:73:e0:57:e1:fa:f2:c0:a2:d3:6f:ff:3a:21:38:bd:bb:
4b:70:b0:17:66:94:bd:8e:cd:59:14:7e:cf:f8:76:d0:aa:7b:
ac:31:f6:de:ed:40:32:a5:74:31:76:f1:27:d3:c9:3b:f1:ec:
97:f8:d1:b3
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUWvT8cgiZaVmu0MlvUSAJOyWWGvwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTFmMzUxMmY1MWRjNDJiYjllYjEyYWJjMGJiNTI5NjY4
YjJlZGVlNDAeFw0yNTA2MTQxNDUzMTlaFw0yNjA2MTMxNDU4MTlaMDMxMTAvBgNV
BAMTKDgxQTdFQzJBRUEwMTM5Q0M5QjU3QzdDNjU0MjUwMTcwMUU1MTdDRTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCEobtLsQfWza/t8DmHOKZdCTU1
JVVMyYp2/u+DM8ZxqdD06S98l3Y6AuIQQ8y8mf06Ix4cLvGr5hEhSQ855MMfFXx8
JU8kEc4v6ooTDVQXHdqmFnqBUXagv+EyKf16EXAJhv/KV+ODWuLBncWhA2VqM9qa
2/RzW/8OR/508S0SyKh+531AfE2UpoYSAvYPsOL3UHHNryS0wxCNiYRtzUOEHJiF
Knf/AtaJXFhbIDoVELfJK/mFwlLaiIJCOtQMZCJC14eETXcU1MWyX1GbBMb9o4wQ
tdZR8116ceiQWrqycH2iTlvxcm55x+P5wcNql6NHXAYJgvy/U05FVpVw5LizAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUgafsKuoBOcybV8fGVCUBcB5RfOUwHwYDVR0j
BBgwFoAU4fNRL1HcQruesSq8C7UpZosu3uQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgtZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3
OWE3LzAvRTFGMzUxMkY1MURDNDJCQjlFQjEyQUJDMEJCNTI5NjY4QjJFREVFNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRmTlJMMUhjUXJ1ZXNTcThDN1VwWm9z
dTN1US5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgt
ZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3OWE3LzAvMzEzODM1MmUzMTM2MzIyZTMx
MzczNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzAzMDM2Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5orAwDQYJKoZIhvcNAQELBQADggEBADaymqrVbxOjqH57ZgsMbPhFAh+jDrQ1
/YPGCI9V6qPfIjJpZlOGMFWOo5v6IfiWbiv69Lm5zDzkrdwKooegeVoCW+9dc7TW
zATzbNNicKOgomRMS7gnZASxxTyUggYa3HUbPztfGoW+C40kt1oYrtPr/oXYWOt6
3yd/stNO8EtAdiFqTD+6KUxL8FaKq1caFzBvxF1Se/bZmxk6iD5zfjRiDIw9xgtn
l8EIJKGeRayU0Y2fIrm62dUqYuNGzW6AxktEd3ULpaDVc+BX4frywKLTb/86ITi9
u0twsBdmlL2OzVkUfs/4dtCqe6wx9t7tQDKldDF28SfTyTvx7Jf40bM=
-----END CERTIFICATE-----
Generated at Mon Jun 16 13:53:58 2025 by rpki-client