Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3132352e37362e302f32342d3234203d3e203630343538.roa
File: 3138352e3132352e37362e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: E1EBzi/x9bAqWwU2+c2DtydupdQVlQih+ZQ9KG5XJM8=
Subject key identifier: E4:53:DB:96:BD:C5:10:90:00:9C:00:62:9F:5B:3F:42:83:EB:40:B0
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 06838C3B20E9E6DECF7F12344162454EF758A190
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3132352e37362e302f32342d3234203d3e203630343538.roa
Signing time: Mon 05 May 2025 06:54:07 +0000
ROA not before: Mon 05 May 2025 06:49:07 +0000
ROA not after: Mon 04 May 2026 06:54:07 +0000
asID: 60458
IP address blocks: 185.125.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 08 May 2025 22:10:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:83:8c:3b:20:e9:e6:de:cf:7f:12:34:41:62:45:4e:f7:58:a1:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: May 5 06:49:07 2025 GMT
Not After : May 4 06:54:07 2026 GMT
Subject: CN=E453DB96BDC51090009C00629F5B3F4283EB40B0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:78:c6:bf:f9:cc:34:1f:8f:5a:2d:ef:fd:1e:
73:da:28:0f:20:9b:86:37:3c:9f:7c:b5:a8:27:fd:
3f:3d:78:40:83:ab:4e:57:6c:e6:45:b1:4b:a2:86:
ad:f4:6e:29:bb:c7:bc:5d:b3:9a:ad:8d:fc:19:c7:
90:31:b0:58:7e:3c:2e:47:91:93:02:84:4e:80:72:
6e:61:82:53:ae:4d:9c:94:a6:fc:94:11:fb:0d:72:
86:4b:77:54:02:6f:fb:f5:60:67:5d:49:a5:a4:1b:
7e:bd:cc:bf:16:09:32:98:5a:04:42:7a:21:96:93:
1b:78:68:af:09:dd:f9:3b:8b:c7:26:8d:08:7b:80:
29:90:6f:74:e0:40:14:ea:22:a5:ed:2f:26:f6:f0:
23:e9:51:56:79:7b:4e:32:50:7f:89:35:de:73:5e:
31:5d:8a:ef:49:6b:de:c4:2c:31:36:4e:84:6c:65:
31:1e:4b:ac:fc:9b:a2:38:25:62:94:ec:75:a0:2d:
10:5e:75:c9:69:c1:1f:06:83:b9:5d:23:34:28:64:
d9:a1:c8:8a:67:09:8b:a5:89:fa:70:ed:be:75:df:
73:3e:38:7d:9e:c8:54:44:ae:6a:a1:25:f1:63:4d:
75:22:df:e9:a5:e1:06:27:73:30:78:71:78:7a:27:
98:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:53:DB:96:BD:C5:10:90:00:9C:00:62:9F:5B:3F:42:83:EB:40:B0
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3132352e37362e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.125.76.0/24
Signature Algorithm: sha256WithRSAEncryption
d5:ec:aa:f4:5c:8d:f1:88:fe:19:d7:5c:d9:c4:bd:87:62:8b:
cf:97:2a:9b:bc:32:38:a4:6f:db:f4:77:38:56:b1:e8:fb:fa:
c0:37:c9:27:57:65:05:6e:6e:d9:f9:1b:70:dc:1e:85:85:56:
d3:e6:46:71:b5:8e:8d:88:d2:fb:cc:ec:32:17:a6:69:fc:83:
26:66:bc:40:1d:26:7c:df:32:1a:37:86:48:7d:4e:d8:4e:aa:
e1:fd:04:fb:78:cc:19:ac:60:57:0c:cd:12:86:b2:48:ef:c6:
df:42:d0:c2:88:41:8c:d3:8e:50:88:a4:19:0e:ed:c3:9c:d0:
d6:8a:90:50:ea:09:17:17:54:7c:3c:13:92:2c:bb:0c:87:d2:
98:44:d0:37:de:9b:c8:cc:c2:d2:0d:d0:9b:da:a4:e3:2f:91:
8e:d0:8d:69:6a:c5:73:d5:09:8f:67:82:67:b4:1d:fa:0e:e6:
ef:6c:9a:fc:df:28:6f:d3:66:6c:e4:a9:3d:ec:66:17:55:cb:
7d:22:7f:62:87:8e:ce:95:ae:09:3e:23:7b:da:14:dc:17:51:
87:ee:fb:e3:4a:1a:43:2b:8d:a4:2c:2b:d0:75:41:eb:26:e7:
f5:db:04:1e:76:2e:9b:b0:cc:53:4b:4f:81:7a:4d:03:ba:11:
3f:83:90:f3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUBoOMOyDp5t7PfxI0QWJFTvdYoZAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNTA1MDUwNjQ5MDdaFw0yNjA1MDQwNjU0MDdaMDMxMTAvBgNV
BAMTKEU0NTNEQjk2QkRDNTEwOTAwMDlDMDA2MjlGNUIzRjQyODNFQjQwQjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqeMa/+cw0H49aLe/9HnPaKA8g
m4Y3PJ98tagn/T89eECDq05XbOZFsUuihq30bim7x7xds5qtjfwZx5AxsFh+PC5H
kZMChE6Acm5hglOuTZyUpvyUEfsNcoZLd1QCb/v1YGddSaWkG369zL8WCTKYWgRC
eiGWkxt4aK8J3fk7i8cmjQh7gCmQb3TgQBTqIqXtLyb28CPpUVZ5e04yUH+JNd5z
XjFdiu9Ja97ELDE2ToRsZTEeS6z8m6I4JWKU7HWgLRBedclpwR8Gg7ldIzQoZNmh
yIpnCYulifpw7b5133M+OH2eyFRErmqhJfFjTXUi3+ml4QYnczB4cXh6J5iRAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU5FPblr3FEJAAnABin1s/QoPrQLAwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMTMyMzUyZTM3
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMwMzQzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uX1MMA0GCSqGSIb3DQEBCwUAA4IBAQDV7Kr0XI3xiP4Z11zZxL2HYovPlyqbvDI4
pG/b9Hc4VrHo+/rAN8knV2UFbm7Z+Rtw3B6FhVbT5kZxtY6NiNL7zOwyF6Zp/IMm
ZrxAHSZ83zIaN4ZIfU7YTqrh/QT7eMwZrGBXDM0ShrJI78bfQtDCiEGM045QiKQZ
Du3DnNDWipBQ6gkXF1R8PBOSLLsMh9KYRNA33pvIzMLSDdCb2qTjL5GO0I1pasVz
1QmPZ4JntB36DubvbJr83yhv02Zs5Kk97GYXVct9In9ih47Ola4JPiN72hTcF1GH
7vvjShpDK42kLCvQdUHrJuf12wQedi6bsMxTS0+Bek0DuhE/g5Dz
-----END CERTIFICATE-----
Generated at Thu May 8 10:12:18 2025 by rpki-client