Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135332e302f32342d3234203d3e203135343430.roa
File: 3138352e3134392e3135332e302f32342d3234203d3e203135343430.roa (raw, json)
Hash identifier: ld9bmw/lU5ViE7fFfnUAARe92vzpSXeZ47xTrIGHE2Y=
Subject key identifier: 2E:8D:A6:BC:DC:A1:A3:99:4D:D5:FE:F1:94:7A:B1:A8:AC:4E:93:83
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 7F535E2A91DB5D34585C41C66698BE0D65B7021B
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135332e302f32342d3234203d3e203135343430.roa
Signing time: Fri 09 May 2025 09:37:58 +0000
ROA not before: Fri 09 May 2025 09:32:58 +0000
ROA not after: Fri 08 May 2026 09:37:58 +0000
asID: 15440
IP address blocks: 185.149.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:53:5e:2a:91:db:5d:34:58:5c:41:c6:66:98:be:0d:65:b7:02:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: May 9 09:32:58 2025 GMT
Not After : May 8 09:37:58 2026 GMT
Subject: CN=2E8DA6BCDCA1A3994DD5FEF1947AB1A8AC4E9383
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:08:4d:b2:82:6d:ce:bf:b0:3b:ca:1d:6b:a5:
fc:1a:47:e4:bd:6c:f8:6b:5a:2d:fb:18:3d:3d:3c:
d5:77:08:5c:48:40:f0:58:d2:6d:f4:d0:1c:0e:ba:
4a:77:4f:35:93:06:aa:9f:0a:6e:d1:6a:9d:30:b8:
27:88:56:7f:5e:3e:0c:ef:d5:e9:46:35:84:a4:a5:
fa:e1:7e:89:ac:8b:af:f5:0f:ea:86:9e:f9:3c:c1:
f1:87:60:da:3a:52:1d:20:ac:64:5f:2e:3b:2f:08:
33:87:ef:7f:22:13:fb:69:e2:b4:61:c5:45:8f:0b:
09:89:64:7a:9e:2d:03:0b:0f:36:27:1b:a9:c8:e6:
e6:f6:49:07:58:52:e2:b0:74:9f:64:d7:18:97:c0:
25:f7:64:44:26:ec:26:e8:b1:9e:0c:4c:45:63:c4:
42:79:b3:a4:19:90:ed:a9:99:4e:6d:ee:a7:04:28:
a7:f9:e2:f2:97:19:b6:31:60:fb:75:3e:da:2b:84:
73:33:8c:be:0a:94:a7:35:50:39:79:05:10:9b:ff:
3d:a7:18:3a:d3:c7:55:f0:4f:11:88:0d:6c:7b:b2:
67:e6:64:d2:5c:82:d6:1c:35:22:77:b2:de:d2:56:
7a:34:44:25:a4:63:c3:c4:94:77:90:41:0d:14:91:
d0:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:8D:A6:BC:DC:A1:A3:99:4D:D5:FE:F1:94:7A:B1:A8:AC:4E:93:83
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135332e302f32342d3234203d3e203135343430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.153.0/24
Signature Algorithm: sha256WithRSAEncryption
43:b8:de:d6:e3:51:60:f7:40:af:41:33:a0:ab:50:e7:93:13:
ee:ec:29:53:c2:e4:05:d1:54:77:0a:f1:43:fa:f4:13:e9:db:
e8:9f:1a:bf:35:e0:8e:5d:46:f1:fd:54:78:fb:d9:43:44:1a:
e9:7d:20:a7:1e:c8:58:5e:7a:19:a5:fa:b4:27:2d:24:7d:1c:
18:fc:5b:a2:79:40:5d:b4:a1:c9:15:b5:97:2a:dd:96:a9:22:
1e:60:dc:f8:2c:6d:2b:ea:fe:a1:03:0c:74:f4:5b:4d:43:0c:
4a:c8:b2:41:5d:db:41:66:78:27:62:5f:78:0f:bb:8b:c2:ca:
e9:f4:cb:5a:ed:e9:0d:9d:57:3a:5f:f0:e9:f3:fa:31:17:ab:
2e:de:01:df:32:b0:e4:1e:ab:24:97:68:e5:ea:e2:29:eb:c7:
6d:4e:d7:64:dd:2c:54:1b:c4:a4:64:b5:f6:aa:89:45:2b:76:
c4:e0:4f:28:e5:e9:02:46:7b:9e:a8:9a:0c:a7:37:ec:d2:ae:
ab:2f:da:79:07:bd:63:52:a3:aa:99:da:29:ef:c8:f9:5f:89:
da:1d:6d:a5:2e:56:e6:05:f1:7d:04:f4:3a:58:65:e9:21:f1:
ec:e4:9b:d9:cd:a1:b6:e2:84:3c:a9:f9:c5:cc:39:0a:9e:4e:
bd:5c:8c:ab
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUf1NeKpHbXTRYXEHGZpi+DWW3AhswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNTA1MDkwOTMyNThaFw0yNjA1MDgwOTM3NThaMDMxMTAvBgNV
BAMTKDJFOERBNkJDRENBMUEzOTk0REQ1RkVGMTk0N0FCMUE4QUM0RTkzODMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlCE2ygm3Ov7A7yh1rpfwaR+S9
bPhrWi37GD09PNV3CFxIQPBY0m300BwOukp3TzWTBqqfCm7Rap0wuCeIVn9ePgzv
1elGNYSkpfrhfomsi6/1D+qGnvk8wfGHYNo6Uh0grGRfLjsvCDOH738iE/tp4rRh
xUWPCwmJZHqeLQMLDzYnG6nI5ub2SQdYUuKwdJ9k1xiXwCX3ZEQm7CbosZ4MTEVj
xEJ5s6QZkO2pmU5t7qcEKKf54vKXGbYxYPt1PtorhHMzjL4KlKc1UDl5BRCb/z2n
GDrTx1XwTxGIDWx7smfmZNJcgtYcNSJ3st7SVno0RCWkY8PElHeQQQ0UkdBZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQULo2mvNyho5lN1f7xlHqxqKxOk4MwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzEzODM1MmUzMTM0MzkyZTMx
MzUzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzUzNDM0MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5lZkwDQYJKoZIhvcNAQELBQADggEBAEO43tbjUWD3QK9BM6CrUOeTE+7sKVPC
5AXRVHcK8UP69BPp2+ifGr814I5dRvH9VHj72UNEGul9IKceyFheehml+rQnLSR9
HBj8W6J5QF20ockVtZcq3ZapIh5g3PgsbSvq/qEDDHT0W01DDErIskFd20FmeCdi
X3gPu4vCyun0y1rt6Q2dVzpf8Onz+jEXqy7eAd8ysOQeqySXaOXq4inrx21O12Td
LFQbxKRktfaqiUUrdsTgTyjl6QJGe56omgynN+zSrqsv2nkHvWNSo6qZ2invyPlf
idodbaUuVuYF8X0E9DpYZekh8ezkm9nNobbihDyp+cXMOQqeTr1cjKs=
-----END CERTIFICATE-----
Generated at Sun May 11 05:10:01 2025 by rpki-client