Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3132352e37372e302f32342d3234203d3e203630343538.roa
File: 3138352e3132352e37372e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: iBX/+QeuXYuSCTlJT7cmF+tQX/4HCmniMjyG8lOqUWA=
Subject key identifier: 9D:F9:D8:23:64:AB:84:65:D2:D2:05:18:4E:1A:6D:01:0A:2A:08:BE
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 6C5A819718054C2604107053D08D48E3DD37E2CA
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3132352e37372e302f32342d3234203d3e203630343538.roa
Signing time: Mon 05 May 2025 06:54:06 +0000
ROA not before: Mon 05 May 2025 06:49:06 +0000
ROA not after: Mon 04 May 2026 06:54:06 +0000
asID: 60458
IP address blocks: 185.125.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 07:49:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:5a:81:97:18:05:4c:26:04:10:70:53:d0:8d:48:e3:dd:37:e2:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: May 5 06:49:06 2025 GMT
Not After : May 4 06:54:06 2026 GMT
Subject: CN=9DF9D82364AB8465D2D205184E1A6D010A2A08BE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:47:80:f0:b7:52:7b:18:1c:3b:1d:cd:28:82:
a8:d7:49:40:87:1b:30:12:ba:da:9b:dd:28:46:7a:
f1:13:b7:8f:46:b2:74:b8:4e:3e:9f:62:6a:52:b5:
20:98:a4:46:0e:91:e6:6f:c0:37:ee:1a:01:c7:0f:
b9:ef:c6:fc:0c:4a:25:2f:bb:e8:05:35:b5:ac:da:
47:00:63:5c:d0:0a:72:80:ab:f4:e9:c0:56:5c:29:
18:a4:16:05:9b:25:98:6c:a5:b8:50:6a:23:10:be:
6d:cf:0c:ef:30:2f:aa:75:61:0b:f9:78:72:48:f7:
ef:e4:24:12:61:f5:64:04:5f:70:25:4a:ae:5f:78:
fe:97:5f:a1:c4:65:96:a9:77:db:f5:a9:e1:eb:0f:
12:01:01:65:ea:22:f2:af:ed:e4:42:ff:67:a7:55:
75:2e:91:45:d2:12:c6:d4:e6:3f:57:e5:68:31:64:
52:e1:2c:24:0e:96:cd:b0:32:13:10:dc:81:29:66:
a2:e5:a5:48:d4:fd:5b:eb:f1:bf:c8:16:90:8c:a0:
54:13:f9:11:da:12:83:82:f3:52:e4:46:48:d6:cd:
10:81:bd:98:ef:04:56:5d:5e:2c:1f:ba:76:88:f8:
b2:fe:fe:f7:98:da:c1:87:fc:cb:3a:e9:7d:da:b1:
32:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:F9:D8:23:64:AB:84:65:D2:D2:05:18:4E:1A:6D:01:0A:2A:08:BE
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3132352e37372e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.125.77.0/24
Signature Algorithm: sha256WithRSAEncryption
40:5a:9d:6c:de:d5:cc:25:ca:80:2b:a8:11:69:13:d2:fd:fc:
ad:c7:b1:b2:ed:65:e1:f2:e9:42:ff:81:04:ed:9d:1c:66:c2:
8f:9a:b7:c5:42:eb:7e:fe:00:b5:e4:34:7f:1d:0d:ae:e6:99:
f0:fb:6b:3f:b2:ec:b7:7c:82:4f:da:df:22:18:21:a3:74:ac:
84:7f:4a:d6:ac:0e:49:3c:2d:51:40:e2:cc:ae:61:5b:1e:25:
dd:7c:b4:82:84:de:98:82:1e:9d:92:9c:8f:bf:b1:22:f6:39:
d8:fd:0f:2e:83:eb:a1:8a:72:f7:37:8c:b7:07:64:42:b7:7f:
97:43:6a:3a:37:eb:63:6a:4e:dd:d1:55:6e:ac:dc:6f:8e:2d:
dc:f6:9b:bc:fb:b2:e2:66:d2:a3:b0:77:f2:bc:71:1c:83:eb:
8b:18:33:7f:3f:d1:e7:cb:de:91:d7:a4:55:d7:54:40:ea:e5:
8c:d5:38:d9:4c:5f:23:5f:fa:4f:df:80:66:c2:5f:cc:29:f1:
5a:34:23:b3:72:60:c0:db:42:4d:71:03:33:5b:bb:07:dd:2d:
b1:d4:15:a4:08:19:5d:10:bb:c3:ad:f4:8e:9c:92:be:90:4b:
25:b2:4a:de:a8:80:c1:8e:ac:16:55:25:e7:72:7c:da:d1:0b:
27:43:76:11
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUbFqBlxgFTCYEEHBT0I1I49034sowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNTA1MDUwNjQ5MDZaFw0yNjA1MDQwNjU0MDZaMDMxMTAvBgNV
BAMTKDlERjlEODIzNjRBQjg0NjVEMkQyMDUxODRFMUE2RDAxMEEyQTA4QkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9R4Dwt1J7GBw7Hc0ogqjXSUCH
GzASutqb3ShGevETt49GsnS4Tj6fYmpStSCYpEYOkeZvwDfuGgHHD7nvxvwMSiUv
u+gFNbWs2kcAY1zQCnKAq/TpwFZcKRikFgWbJZhspbhQaiMQvm3PDO8wL6p1YQv5
eHJI9+/kJBJh9WQEX3AlSq5feP6XX6HEZZapd9v1qeHrDxIBAWXqIvKv7eRC/2en
VXUukUXSEsbU5j9X5WgxZFLhLCQOls2wMhMQ3IEpZqLlpUjU/Vvr8b/IFpCMoFQT
+RHaEoOC81LkRkjWzRCBvZjvBFZdXiwfunaI+LL+/veY2sGH/Ms66X3asTJDAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUnfnYI2SrhGXS0gUYThptAQoqCL4wHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMTMyMzUyZTM3
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMwMzQzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uX1NMA0GCSqGSIb3DQEBCwUAA4IBAQBAWp1s3tXMJcqAK6gRaRPS/fytx7Gy7WXh
8ulC/4EE7Z0cZsKPmrfFQut+/gC15DR/HQ2u5pnw+2s/suy3fIJP2t8iGCGjdKyE
f0rWrA5JPC1RQOLMrmFbHiXdfLSChN6Ygh6dkpyPv7Ei9jnY/Q8ug+uhinL3N4y3
B2RCt3+XQ2o6N+tjak7d0VVurNxvji3c9pu8+7LiZtKjsHfyvHEcg+uLGDN/P9Hn
y96R16RV11RA6uWM1TjZTF8jX/pP34Bmwl/MKfFaNCOzcmDA20JNcQMzW7sH3S2x
1BWkCBldELvDrfSOnJK+kEslskreqIDBjqwWVSXncnza0QsnQ3YR
-----END CERTIFICATE-----
Generated at Mon May 5 12:25:53 2025 by rpki-client