Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38322e3134302e3137382e302f32342d3234203d3e203135343139.roa
File: 38322e3134302e3137382e302f32342d3234203d3e203135343139.roa (raw, json)
Hash identifier: kVZlSJSrWOIFgbVyyqSUiD6jECTpvfhx5mx8hRL1cGE=
Subject key identifier: 09:A5:46:94:08:DF:59:69:33:C7:D7:13:6A:8E:7C:F2:0F:A1:71:D2
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 11CDC92CE7FEBA509A5C69BC12262064E242BB22
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38322e3134302e3137382e302f32342d3234203d3e203135343139.roa
Signing time: Fri 09 May 2025 09:37:53 +0000
ROA not before: Fri 09 May 2025 09:32:53 +0000
ROA not after: Fri 08 May 2026 09:37:53 +0000
asID: 15419
IP address blocks: 82.140.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 20:38:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:cd:c9:2c:e7:fe:ba:50:9a:5c:69:bc:12:26:20:64:e2:42:bb:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: May 9 09:32:53 2025 GMT
Not After : May 8 09:37:53 2026 GMT
Subject: CN=09A5469408DF596933C7D7136A8E7CF20FA171D2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a2:2b:b3:58:c2:0a:66:f8:08:92:d4:4c:ea:
be:c7:91:e5:b0:5e:76:82:2c:97:27:41:52:75:51:
fd:ec:a3:dc:38:09:ef:00:4a:5b:ff:0c:a1:5c:d0:
bc:66:f7:d3:20:f3:cf:3b:ea:14:ca:42:21:36:e6:
bc:bc:1d:76:82:a1:10:67:0f:70:b4:dc:17:ae:17:
9d:6b:6c:c0:a3:30:ee:d2:45:df:d6:60:9f:0b:57:
1f:7b:31:39:7e:9b:ca:f6:f6:a7:64:27:8e:b8:23:
cc:9a:d6:38:d1:a4:02:e4:09:d7:cb:4f:b1:e2:49:
1e:75:6e:7a:43:ad:42:10:1b:2a:13:43:1b:c2:83:
54:88:88:26:c6:88:1b:93:fe:61:f6:1e:b9:82:ce:
8f:65:88:de:a7:ea:e0:38:64:ba:56:22:85:e1:2d:
8e:01:58:6a:e9:e3:54:49:f1:0a:0a:4f:9f:24:b1:
46:fd:c5:8f:31:ed:45:c2:49:de:fb:ca:27:4e:49:
a3:43:39:6b:4b:7f:ac:53:e4:7b:13:26:a0:a7:2f:
6f:7c:a0:8e:89:67:fe:d3:1a:ce:70:4a:c3:da:18:
54:8d:be:e2:19:4f:10:3b:81:5e:98:5e:ac:97:c9:
4a:7b:b4:e4:2d:6c:c3:4e:65:d2:02:b7:c9:39:e1:
99:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:A5:46:94:08:DF:59:69:33:C7:D7:13:6A:8E:7C:F2:0F:A1:71:D2
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38322e3134302e3137382e302f32342d3234203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.140.178.0/24
Signature Algorithm: sha256WithRSAEncryption
07:f0:98:4c:1f:d4:af:7f:40:6e:3c:28:32:96:3b:9d:b4:de:
25:23:68:2b:43:8f:0c:f4:de:8e:a7:1e:dc:6c:0c:90:10:7d:
11:64:58:e4:16:61:cf:54:3d:3e:59:19:b5:bd:5c:ec:a8:26:
33:37:77:50:d6:f8:80:0e:87:52:c9:2e:2d:06:5a:5f:b8:36:
cf:93:ce:bb:c6:8b:7d:78:72:b2:e2:20:e5:f1:da:55:b9:a6:
74:c3:6c:31:80:b2:6e:4d:10:a1:d1:bb:c9:57:c5:b2:98:52:
94:a0:c0:49:51:38:4e:35:eb:39:a7:e7:be:c3:82:e0:ee:63:
f5:6a:4b:83:b3:f1:47:b8:2a:2b:b4:8e:82:73:95:20:6e:83:
c3:ff:01:43:98:c0:77:06:22:ab:d3:09:10:67:8c:bd:ee:e3:
4e:26:6c:00:e2:28:20:24:cd:bc:61:96:b4:10:08:f2:5a:c4:
f5:98:3e:63:f8:87:81:46:ef:c2:41:b0:c7:30:76:77:16:80:
bb:04:f1:a6:06:64:0f:39:f9:00:b9:08:ab:91:ac:2a:5c:72:
16:69:c7:8a:34:a8:aa:c2:f7:4c:69:11:19:2f:5a:4b:2d:63:
ef:05:5b:77:36:45:ff:ed:a7:91:1a:65:64:b6:7d:7d:09:43:
e6:6c:a0:27
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUEc3JLOf+ulCaXGm8EiYgZOJCuyIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNTA1MDkwOTMyNTNaFw0yNjA1MDgwOTM3NTNaMDMxMTAvBgNV
BAMTKDA5QTU0Njk0MDhERjU5NjkzM0M3RDcxMzZBOEU3Q0YyMEZBMTcxRDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9oiuzWMIKZvgIktRM6r7HkeWw
XnaCLJcnQVJ1Uf3so9w4Ce8ASlv/DKFc0Lxm99Mg88876hTKQiE25ry8HXaCoRBn
D3C03BeuF51rbMCjMO7SRd/WYJ8LVx97MTl+m8r29qdkJ464I8ya1jjRpALkCdfL
T7HiSR51bnpDrUIQGyoTQxvCg1SIiCbGiBuT/mH2HrmCzo9liN6n6uA4ZLpWIoXh
LY4BWGrp41RJ8QoKT58ksUb9xY8x7UXCSd77yidOSaNDOWtLf6xT5HsTJqCnL298
oI6JZ/7TGs5wSsPaGFSNvuIZTxA7gV6YXqyXyUp7tOQtbMNOZdICt8k54ZmJAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUCaVGlAjfWWkzx9cTao588g+hcdIwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzgzMjJlMzEzNDMwMmUzMTM3
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM1MzQzMTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UoyyMA0GCSqGSIb3DQEBCwUAA4IBAQAH8JhMH9Svf0BuPCgyljudtN4lI2grQ48M
9N6Opx7cbAyQEH0RZFjkFmHPVD0+WRm1vVzsqCYzN3dQ1viADodSyS4tBlpfuDbP
k867xot9eHKy4iDl8dpVuaZ0w2wxgLJuTRCh0bvJV8WymFKUoMBJUThONes5p+e+
w4Lg7mP1akuDs/FHuCortI6Cc5UgboPD/wFDmMB3BiKr0wkQZ4y97uNOJmwA4igg
JM28YZa0EAjyWsT1mD5j+IeBRu/CQbDHMHZ3FoC7BPGmBmQPOfkAuQirkawqXHIW
aceKNKiqwvdMaREZL1pLLWPvBVt3NkX/7aeRGmVktn19CUPmbKAn
-----END CERTIFICATE-----
Generated at Mon May 12 11:32:13 2025 by rpki-client