Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135322e302f32322d3232203d3e203135343139.roa
File: 3138352e3134392e3135322e302f32322d3232203d3e203135343139.roa (raw, json)
Hash identifier: yiPh36TU1+o+jLX45pyYr1yhJEOI86BPrMUwrS94mMI=
Subject key identifier: 15:BA:4B:1A:06:1F:D3:5C:5F:9B:32:C3:AD:43:DC:27:CA:21:B8:2C
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 053988FF5125275A1DB07F05DA877197AAFD6AD8
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135322e302f32322d3232203d3e203135343139.roa
Signing time: Fri 09 May 2025 09:37:55 +0000
ROA not before: Fri 09 May 2025 09:32:55 +0000
ROA not after: Fri 08 May 2026 09:37:55 +0000
asID: 15419
IP address blocks: 185.149.152.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 20:38:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:39:88:ff:51:25:27:5a:1d:b0:7f:05:da:87:71:97:aa:fd:6a:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: May 9 09:32:55 2025 GMT
Not After : May 8 09:37:55 2026 GMT
Subject: CN=15BA4B1A061FD35C5F9B32C3AD43DC27CA21B82C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:01:fc:21:10:ab:dd:b7:c0:8c:eb:1c:e9:dc:
a0:e3:01:30:29:a0:db:de:ab:e4:a5:b9:61:7a:1a:
77:2f:b3:6f:49:31:9b:c8:b4:3b:3e:c8:6a:9e:20:
4a:4a:2a:aa:55:66:69:aa:4e:b8:18:ae:57:43:da:
f4:d2:27:e3:51:7e:85:fe:3c:81:e6:74:c1:6d:a0:
53:14:3c:2a:06:c2:c3:35:03:5c:7a:62:20:0f:3f:
78:2d:58:55:50:80:b7:a4:2b:d4:f0:0f:5a:e9:eb:
be:a5:e2:af:a2:e7:e0:65:d9:e2:d7:c0:0a:e0:b7:
4c:54:40:69:66:b9:af:c2:9c:75:37:65:e1:2a:d3:
19:73:af:ea:36:d1:59:69:c2:e4:28:77:da:f4:3c:
45:03:ae:4e:e4:30:ea:c6:f4:ca:b9:fd:7e:72:3e:
83:53:f4:6c:34:d5:05:14:21:70:24:bc:da:4e:e6:
14:46:5e:d1:f8:9f:02:90:be:f7:dc:a1:4c:56:54:
db:43:a3:5e:96:93:ed:ff:d3:24:ba:ae:19:2d:55:
00:68:05:b1:82:c5:48:51:0c:36:89:bb:ea:51:fe:
14:47:75:d6:83:fa:c5:9f:93:ab:30:00:b7:64:dc:
96:6f:72:52:47:b6:cf:19:78:6e:b4:c1:60:5d:64:
50:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:BA:4B:1A:06:1F:D3:5C:5F:9B:32:C3:AD:43:DC:27:CA:21:B8:2C
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135322e302f32322d3232203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.152.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:9c:d0:66:26:92:c0:42:22:f7:5c:b4:a5:1d:f3:3e:28:ab:
74:6d:5b:72:ec:80:e0:7a:64:fd:cd:7a:9e:95:94:1a:0f:db:
37:70:2d:21:a0:23:39:fc:96:19:1d:6b:14:da:6d:78:17:cf:
b0:89:28:f5:61:54:e1:c5:a5:61:c4:7f:e9:df:db:08:e7:b1:
9b:fc:00:db:a9:5a:09:67:ef:df:1b:ce:9c:b2:ce:b8:d3:29:
06:26:f3:dd:4c:4a:18:13:fa:06:ca:75:88:e1:f5:8f:97:8c:
d6:71:3c:9b:a5:d3:e2:92:11:df:16:54:a5:92:29:c4:23:24:
53:fa:c8:89:da:8b:a3:ff:85:68:55:fe:1b:76:d6:dd:1a:f6:
81:1d:e1:68:47:4a:01:dc:d8:49:8b:12:e4:93:fe:e3:40:ab:
73:69:b8:7c:32:4c:ea:cb:c0:9d:c9:26:72:73:c3:b0:59:d5:
a1:a5:bf:5e:df:ae:24:c5:ea:7d:b3:58:fa:2f:bb:3a:29:70:
5f:89:02:11:e6:b8:67:aa:1a:0b:5e:42:f7:23:be:52:2f:6c:
48:f9:aa:04:4b:7b:4b:fa:cf:f2:5a:8b:96:6a:33:9d:72:30:
3c:00:60:88:30:6d:43:c6:9c:2a:47:9b:37:81:72:c1:ee:8b:
3b:ca:b3:db
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUBTmI/1ElJ1odsH8F2odxl6r9atgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNTA1MDkwOTMyNTVaFw0yNjA1MDgwOTM3NTVaMDMxMTAvBgNV
BAMTKDE1QkE0QjFBMDYxRkQzNUM1RjlCMzJDM0FENDNEQzI3Q0EyMUI4MkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmAfwhEKvdt8CM6xzp3KDjATAp
oNveq+SluWF6Gncvs29JMZvItDs+yGqeIEpKKqpVZmmqTrgYrldD2vTSJ+NRfoX+
PIHmdMFtoFMUPCoGwsM1A1x6YiAPP3gtWFVQgLekK9TwD1rp676l4q+i5+Bl2eLX
wArgt0xUQGlmua/CnHU3ZeEq0xlzr+o20VlpwuQod9r0PEUDrk7kMOrG9Mq5/X5y
PoNT9Gw01QUUIXAkvNpO5hRGXtH4nwKQvvfcoUxWVNtDo16Wk+3/0yS6rhktVQBo
BbGCxUhRDDaJu+pR/hRHddaD+sWfk6swALdk3JZvclJHts8ZeG60wWBdZFB/AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUFbpLGgYf01xfmzLDrUPcJ8ohuCwwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzEzODM1MmUzMTM0MzkyZTMx
MzUzMjJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDMxMzUzNDMxMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAK5lZgwDQYJKoZIhvcNAQELBQADggEBAB6c0GYmksBCIvdctKUd8z4oq3RtW3Ls
gOB6ZP3Nep6VlBoP2zdwLSGgIzn8lhkdaxTabXgXz7CJKPVhVOHFpWHEf+nf2wjn
sZv8ANupWgln798bzpyyzrjTKQYm891MShgT+gbKdYjh9Y+XjNZxPJul0+KSEd8W
VKWSKcQjJFP6yInai6P/hWhV/ht21t0a9oEd4WhHSgHc2EmLEuST/uNAq3NpuHwy
TOrLwJ3JJnJzw7BZ1aGlv17friTF6n2zWPovuzopcF+JAhHmuGeqGgteQvcjvlIv
bEj5qgRLe0v6z/Jai5ZqM51yMDwAYIgwbUPGnCpHmzeBcsHuizvKs9s=
-----END CERTIFICATE-----
Generated at Mon May 12 11:23:01 2025 by rpki-client