Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230352e3234352e302f32342d3234203d3e20313336373837.roa
File: 3138352e3230352e3234352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: /x2szbPvGjnrKw1cWuXeY9f8vyd2M0U2jynU0FHkcQg=
Subject key identifier: 6B:6F:3C:8B:EA:14:26:30:D5:78:15:0C:94:F5:0D:82:DD:0C:2B:4B
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 64AA0823C5887CED41FA3276B92F579D6561439A
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230352e3234352e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 13 Apr 2025 11:46:03 +0000
ROA not before: Sun 13 Apr 2025 11:41:03 +0000
ROA not after: Sun 12 Apr 2026 11:46:03 +0000
asID: 136787
IP address blocks: 185.205.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 22:13:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:aa:08:23:c5:88:7c:ed:41:fa:32:76:b9:2f:57:9d:65:61:43:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 13 11:41:03 2025 GMT
Not After : Apr 12 11:46:03 2026 GMT
Subject: CN=6B6F3C8BEA142630D578150C94F50D82DD0C2B4B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b3:6b:34:a4:20:d1:c7:0c:e3:8a:1b:db:dc:
23:3f:4e:ec:4e:9a:9f:ff:b0:84:c9:4c:a7:41:98:
28:72:6e:7b:3d:ef:1b:02:9e:fe:89:1c:ec:4a:8e:
46:37:13:53:db:93:3e:83:6d:67:63:08:89:5f:e1:
88:a3:a5:98:3f:77:24:62:33:fd:b1:bd:f1:6c:8a:
ad:5c:ed:43:ad:49:aa:d4:86:cd:2d:bb:4f:05:3f:
b2:44:11:a1:17:63:2c:fb:b8:b6:25:56:99:b9:c7:
3f:02:c4:b8:e1:f6:9c:6e:0c:2a:89:0c:6f:dc:59:
fb:6f:0c:0c:89:53:da:ed:57:f4:2e:37:07:df:9e:
ea:f3:48:83:00:c9:ff:14:13:a5:aa:27:4d:5f:af:
a9:f0:2c:e2:b1:51:4e:3b:08:35:8f:47:77:88:3c:
cf:f7:d0:86:67:06:45:b1:0a:63:fb:d5:44:18:83:
90:ce:90:e4:5f:c9:bf:d3:a4:f6:8f:0f:d6:b4:a0:
6b:fe:53:71:0f:d2:5a:d1:08:f4:33:9c:91:2c:fa:
e6:65:c2:04:2e:18:78:de:de:01:19:05:35:da:c7:
2d:9a:72:fe:62:86:32:09:5e:3e:fe:2c:94:f6:0a:
66:f1:90:75:84:be:50:e0:6d:b8:c6:80:27:91:7b:
d1:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:6F:3C:8B:EA:14:26:30:D5:78:15:0C:94:F5:0D:82:DD:0C:2B:4B
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230352e3234352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.205.245.0/24
Signature Algorithm: sha256WithRSAEncryption
98:17:a5:0c:49:ad:f7:36:a5:58:8a:8f:db:02:0f:75:ba:04:
71:83:02:83:ec:a3:5c:77:78:4f:ad:7d:a8:9c:3b:0d:b0:ff:
37:ec:a6:dc:58:70:eb:fe:5a:97:4a:4a:92:29:18:17:e0:dd:
d0:98:3b:3c:03:c5:7f:4a:16:71:03:6d:bd:f4:69:c0:a4:92:
05:7c:ae:68:be:28:48:00:d4:a9:d0:89:60:5d:9c:31:fa:6f:
a1:7c:c4:90:0f:e2:2c:af:fc:50:7d:fd:7f:b4:d9:6d:f7:f5:
4a:bb:0d:ff:45:06:73:ba:98:d7:da:a0:e4:ba:2c:c9:56:f4:
c0:e3:ac:4f:9e:21:aa:e2:01:42:05:39:61:e8:94:f0:87:46:
f1:fa:cc:c4:34:df:d3:b0:8c:05:16:3a:6a:08:09:a0:4e:55:
fe:26:a2:6b:7b:a9:d1:ea:b6:e1:cc:08:dc:c5:17:ce:14:69:
ae:b5:4d:b0:f6:2c:e6:81:d2:8f:8b:f6:5e:93:be:7b:be:00:
4b:de:8a:0b:84:0e:84:7e:35:52:aa:f0:7c:f3:12:86:f1:8f:
e0:b7:8e:e6:ad:ad:12:c3:c0:e9:04:dd:10:34:b9:02:53:c7:
29:f1:42:7c:4e:ab:9d:87:16:35:6f:bb:ff:4e:8c:0e:e9:40:
59:27:8e:ec
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUZKoII8WIfO1B+jJ2uS9XnWVhQ5owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA0MTMxMTQxMDNaFw0yNjA0MTIxMTQ2MDNaMDMxMTAvBgNV
BAMTKDZCNkYzQzhCRUExNDI2MzBENTc4MTUwQzk0RjUwRDgyREQwQzJCNEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDs2s0pCDRxwzjihvb3CM/TuxO
mp//sITJTKdBmChybns97xsCnv6JHOxKjkY3E1Pbkz6DbWdjCIlf4YijpZg/dyRi
M/2xvfFsiq1c7UOtSarUhs0tu08FP7JEEaEXYyz7uLYlVpm5xz8CxLjh9pxuDCqJ
DG/cWftvDAyJU9rtV/QuNwffnurzSIMAyf8UE6WqJ01fr6nwLOKxUU47CDWPR3eI
PM/30IZnBkWxCmP71UQYg5DOkORfyb/TpPaPD9a0oGv+U3EP0lrRCPQznJEs+uZl
wgQuGHje3gEZBTXaxy2acv5ihjIJXj7+LJT2CmbxkHWEvlDgbbjGgCeRe9EbAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUa288i+oUJjDVeBUMlPUNgt0MK0swHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzUyZTMy
MzQzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnN9TANBgkqhkiG9w0BAQsFAAOCAQEAmBelDEmt9zalWIqP2wIPdboEcYMC
g+yjXHd4T619qJw7DbD/N+ym3Fhw6/5al0pKkikYF+Dd0Jg7PAPFf0oWcQNtvfRp
wKSSBXyuaL4oSADUqdCJYF2cMfpvoXzEkA/iLK/8UH39f7TZbff1SrsN/0UGc7qY
19qg5LosyVb0wOOsT54hquIBQgU5YeiU8IdG8frMxDTf07CMBRY6aggJoE5V/iai
a3up0eq24cwI3MUXzhRprrVNsPYs5oHSj4v2XpO+e74AS96KC4QOhH41UqrwfPMS
hvGP4LeO5q2tEsPA6QTdEDS5AlPHKfFCfE6rnYcWNW+7/06MDulAWSeO7A==
-----END CERTIFICATE-----
Generated at Tue Apr 29 13:45:16 2025 by rpki-client