Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38322e3134302e3138392e302f32342d3234203d3e203135343139.roa
File: 38322e3134302e3138392e302f32342d3234203d3e203135343139.roa (raw, json)
Hash identifier: q/tmnbq1kdd2hUMwbcuSKcZt7pux1EaGGpLbn7IfofI=
Subject key identifier: AC:3C:63:86:10:0D:D1:11:65:1D:08:FC:04:F8:44:97:AF:5C:8C:64
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 1551FB0E76FE82ACD207F51FCEF6985B205E9148
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38322e3134302e3138392e302f32342d3234203d3e203135343139.roa
Signing time: Fri 09 May 2025 09:37:55 +0000
ROA not before: Fri 09 May 2025 09:32:55 +0000
ROA not after: Fri 08 May 2026 09:37:55 +0000
asID: 15419
IP address blocks: 82.140.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 20:38:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:51:fb:0e:76:fe:82:ac:d2:07:f5:1f:ce:f6:98:5b:20:5e:91:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: May 9 09:32:55 2025 GMT
Not After : May 8 09:37:55 2026 GMT
Subject: CN=AC3C6386100DD111651D08FC04F84497AF5C8C64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ba:1b:3e:5d:52:51:be:3f:88:f7:13:87:3d:
70:14:bd:55:b6:1d:5f:0d:3e:d7:1b:62:98:2a:79:
d4:68:79:1d:c3:7a:a9:b2:57:89:fa:29:d2:53:96:
36:ab:90:ae:4a:9f:87:5b:17:e4:ee:54:d2:cc:29:
24:67:28:94:6e:05:0b:cd:db:34:b1:be:09:9e:bf:
7f:5d:12:1c:aa:84:42:31:2e:9d:86:7c:c8:fc:d3:
8d:24:2b:69:35:e1:df:4d:34:07:f2:e1:f3:78:77:
6a:41:6c:e8:2b:cc:37:60:fd:a4:52:5d:a2:1a:fb:
db:94:b1:e6:b3:f6:0b:40:2b:f3:3b:87:ae:23:42:
ab:bd:9b:60:e6:a5:f0:87:53:3c:c5:a2:3c:eb:02:
c0:d6:d2:2e:65:1b:7c:21:c3:25:c7:dc:26:82:e4:
47:f7:3d:db:b8:b0:88:37:cf:3a:6c:cd:18:00:14:
60:29:07:e6:ba:34:0a:0a:69:0e:c1:a4:f8:18:d0:
d5:3a:1d:2c:7e:8d:d7:d5:48:fb:b0:2d:af:0f:f3:
b5:af:d2:ab:7c:95:a7:f2:15:cb:d5:3d:54:e6:e1:
8e:d3:cd:f7:23:cb:ff:44:24:0f:a9:16:7a:be:af:
07:2e:3a:50:88:b5:aa:1f:0a:70:f0:b1:23:30:54:
fb:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:3C:63:86:10:0D:D1:11:65:1D:08:FC:04:F8:44:97:AF:5C:8C:64
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38322e3134302e3138392e302f32342d3234203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.140.189.0/24
Signature Algorithm: sha256WithRSAEncryption
23:2b:1e:0e:7e:1d:a5:21:db:f2:ed:aa:da:9b:c0:17:22:c6:
46:d8:7c:a8:af:ed:92:4e:63:35:ee:d5:ab:69:3f:3d:a1:c5:
d9:fc:14:b1:49:3e:cd:e9:96:5a:c0:b7:ee:a1:76:61:7c:70:
a8:12:cb:2d:fc:d2:74:6a:cf:6e:f2:0d:c7:d1:9d:d8:ed:c8:
8d:90:e2:1b:e1:f1:8c:4e:38:42:51:70:5f:22:2a:ee:b6:90:
90:f6:2d:49:2b:62:a6:a7:51:c1:06:fa:9d:9f:cb:2d:43:4c:
b8:32:e8:75:b9:89:f6:07:d2:ec:36:67:c0:9a:50:f6:59:f6:
8b:81:bb:c6:08:68:ef:a3:60:fa:67:a8:68:a5:43:18:53:3b:
43:a9:1e:74:0f:f9:ea:5b:a2:1d:c9:3f:28:21:4f:b6:4f:91:
66:81:0e:85:21:ab:02:c0:e4:08:ff:9e:50:72:a0:85:3d:08:
c9:fb:8c:b1:c0:31:50:db:79:13:30:12:aa:0b:5d:e7:81:3c:
d0:b5:71:bf:53:15:3d:aa:8c:fe:44:cc:81:d2:64:da:b8:49:
df:21:15:5c:32:28:b7:64:65:17:cd:82:7d:c0:f0:3e:b5:ce:
12:15:ec:a2:86:2b:43:b1:5c:a7:fd:22:8c:97:0b:18:fa:42:
74:d0:a8:af
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUFVH7Dnb+gqzSB/UfzvaYWyBekUgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNTA1MDkwOTMyNTVaFw0yNjA1MDgwOTM3NTVaMDMxMTAvBgNV
BAMTKEFDM0M2Mzg2MTAwREQxMTE2NTFEMDhGQzA0Rjg0NDk3QUY1QzhDNjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCguhs+XVJRvj+I9xOHPXAUvVW2
HV8NPtcbYpgqedRoeR3DeqmyV4n6KdJTljarkK5Kn4dbF+TuVNLMKSRnKJRuBQvN
2zSxvgmev39dEhyqhEIxLp2GfMj8040kK2k14d9NNAfy4fN4d2pBbOgrzDdg/aRS
XaIa+9uUseaz9gtAK/M7h64jQqu9m2DmpfCHUzzFojzrAsDW0i5lG3whwyXH3CaC
5Ef3Pdu4sIg3zzpszRgAFGApB+a6NAoKaQ7BpPgY0NU6HSx+jdfVSPuwLa8P87Wv
0qt8lafyFcvVPVTm4Y7Tzfcjy/9EJA+pFnq+rwcuOlCItaofCnDwsSMwVPsDAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUrDxjhhAN0RFlHQj8BPhEl69cjGQwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzgzMjJlMzEzNDMwMmUzMTM4
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM1MzQzMTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Uoy9MA0GCSqGSIb3DQEBCwUAA4IBAQAjKx4Ofh2lIdvy7aram8AXIsZG2Hyor+2S
TmM17tWraT89ocXZ/BSxST7N6ZZawLfuoXZhfHCoEsst/NJ0as9u8g3H0Z3Y7ciN
kOIb4fGMTjhCUXBfIirutpCQ9i1JK2Kmp1HBBvqdn8stQ0y4Muh1uYn2B9LsNmfA
mlD2WfaLgbvGCGjvo2D6Z6hopUMYUztDqR50D/nqW6IdyT8oIU+2T5FmgQ6FIasC
wOQI/55QcqCFPQjJ+4yxwDFQ23kTMBKqC13ngTzQtXG/UxU9qoz+RMyB0mTauEnf
IRVcMii3ZGUXzYJ9wPA+tc4SFeyihitDsVyn/SKMlwsY+kJ00Kiv
-----END CERTIFICATE-----
Generated at Mon May 12 11:33:28 2025 by rpki-client