Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38322e3134302e3133312e302f32342d3234203d3e203135343139.roa
File: 38322e3134302e3133312e302f32342d3234203d3e203135343139.roa (raw, json)
Hash identifier: YcmyLeFBQ+WK9MxW4qT13yT/CsdMqFWcCNcHges7cNY=
Subject key identifier: DA:30:CF:68:66:42:04:7A:70:B0:CD:AA:93:95:50:35:EF:FA:AA:50
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 1A8F38EDE452DB4EB4FA0C312CBC117A90B9F632
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38322e3134302e3133312e302f32342d3234203d3e203135343139.roa
Signing time: Fri 09 May 2025 09:37:55 +0000
ROA not before: Fri 09 May 2025 09:32:55 +0000
ROA not after: Fri 08 May 2026 09:37:55 +0000
asID: 15419
IP address blocks: 82.140.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 20:38:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:8f:38:ed:e4:52:db:4e:b4:fa:0c:31:2c:bc:11:7a:90:b9:f6:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: May 9 09:32:55 2025 GMT
Not After : May 8 09:37:55 2026 GMT
Subject: CN=DA30CF686642047A70B0CDAA93955035EFFAAA50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:6c:82:e8:ca:ff:3d:a9:ed:99:fd:a1:66:1e:
3d:c4:60:93:42:b3:a5:37:4b:4d:7a:f1:77:5a:04:
0e:c9:77:41:d6:b3:24:43:9a:e5:48:ed:ad:37:cd:
76:78:6e:24:14:43:b5:b0:06:50:ec:8d:20:2f:01:
e9:83:d1:69:19:2b:12:92:f0:f2:4f:33:6a:98:1f:
cf:cd:e0:5e:5c:d2:74:88:4f:af:65:4d:b3:33:78:
eb:b8:0b:86:13:81:b3:17:e5:bf:23:9b:20:7a:45:
40:23:15:fb:41:18:ac:04:d7:8e:8c:41:ed:2b:a0:
84:2d:e2:b6:a9:df:33:ff:8a:12:07:94:2e:c9:09:
52:66:0d:54:1a:d3:33:e2:55:e1:95:c6:b2:e2:65:
f4:85:fe:66:11:d8:91:e0:62:ea:98:a7:82:b4:0f:
4c:6d:ea:40:4f:d0:e0:11:73:bf:80:ea:4d:53:df:
31:31:77:42:4c:4f:dc:b6:69:d7:54:4f:1c:9b:d3:
9c:96:99:ad:9c:aa:d6:cd:6d:d5:18:d4:9b:9c:72:
3c:e9:02:ad:bf:8d:84:2f:2d:4c:20:6b:90:32:b6:
17:50:ef:b5:6a:88:2d:8e:66:e4:f8:94:1a:b8:e7:
87:0d:13:0d:1a:12:7f:b4:f3:8d:b9:e5:1c:88:cd:
02:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:30:CF:68:66:42:04:7A:70:B0:CD:AA:93:95:50:35:EF:FA:AA:50
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38322e3134302e3133312e302f32342d3234203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.140.131.0/24
Signature Algorithm: sha256WithRSAEncryption
96:7e:9b:c2:c7:d3:4b:91:8a:52:6e:58:0b:f5:15:31:ec:03:
74:42:a4:3c:ff:92:60:01:11:55:54:83:7b:67:59:fa:fa:7c:
7e:0b:5f:99:f4:5b:33:00:e9:d6:a1:ac:aa:95:b6:a0:65:bc:
cc:d9:b7:2e:b5:30:46:c9:01:18:29:87:f4:b6:8b:0e:5d:d3:
76:96:12:11:72:6f:d5:c1:64:91:ca:7f:fa:c9:04:bb:3b:fe:
ff:2b:9d:35:83:76:03:38:a6:3e:d7:ba:de:7b:63:7c:73:60:
43:5f:0b:43:58:da:79:e4:10:3d:36:87:bf:df:48:b2:50:fd:
e1:da:5b:4a:94:3a:64:f2:70:e0:d6:20:fd:dd:32:c6:71:55:
41:b7:75:a6:fa:de:f2:47:61:d1:8a:f0:b1:06:cb:e8:c7:67:
eb:89:35:81:ee:ed:0c:78:78:9c:a4:de:ec:cc:9f:62:4d:2d:
60:0f:c8:ab:ec:58:e3:9f:60:ba:82:b1:be:c4:4a:19:0a:6d:
db:73:c8:e8:ae:81:0c:0e:02:83:0d:f1:21:a0:33:f7:a4:6b:
65:db:68:00:c3:c4:26:f8:76:c6:c2:13:3d:2f:6a:7e:1a:0c:
c7:95:ff:4d:51:12:d0:e5:d2:7a:c6:52:70:d8:de:a8:29:e9:
2d:1f:f5:1e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUGo847eRS2060+gwxLLwRepC59jIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNTA1MDkwOTMyNTVaFw0yNjA1MDgwOTM3NTVaMDMxMTAvBgNV
BAMTKERBMzBDRjY4NjY0MjA0N0E3MEIwQ0RBQTkzOTU1MDM1RUZGQUFBNTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrbILoyv89qe2Z/aFmHj3EYJNC
s6U3S0168XdaBA7Jd0HWsyRDmuVI7a03zXZ4biQUQ7WwBlDsjSAvAemD0WkZKxKS
8PJPM2qYH8/N4F5c0nSIT69lTbMzeOu4C4YTgbMX5b8jmyB6RUAjFftBGKwE146M
Qe0roIQt4rap3zP/ihIHlC7JCVJmDVQa0zPiVeGVxrLiZfSF/mYR2JHgYuqYp4K0
D0xt6kBP0OARc7+A6k1T3zExd0JMT9y2addUTxyb05yWma2cqtbNbdUY1Juccjzp
Aq2/jYQvLUwga5AythdQ77VqiC2OZuT4lBq454cNEw0aEn+084255RyIzQI1AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU2jDPaGZCBHpwsM2qk5VQNe/6qlAwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzgzMjJlMzEzNDMwMmUzMTMz
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM1MzQzMTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UoyDMA0GCSqGSIb3DQEBCwUAA4IBAQCWfpvCx9NLkYpSblgL9RUx7AN0QqQ8/5Jg
ARFVVIN7Z1n6+nx+C1+Z9FszAOnWoayqlbagZbzM2bcutTBGyQEYKYf0tosOXdN2
lhIRcm/VwWSRyn/6yQS7O/7/K501g3YDOKY+17ree2N8c2BDXwtDWNp55BA9Noe/
30iyUP3h2ltKlDpk8nDg1iD93TLGcVVBt3Wm+t7yR2HRivCxBsvox2friTWB7u0M
eHicpN7szJ9iTS1gD8ir7Fjjn2C6grG+xEoZCm3bc8joroEMDgKDDfEhoDP3pGtl
22gAw8Qm+HbGwhM9L2p+GgzHlf9NURLQ5dJ6xlJw2N6oKektH/Ue
-----END CERTIFICATE-----
Generated at Mon May 12 11:27:30 2025 by rpki-client