Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3135362e3231362e302f32342d3234203d3e203630343538.roa
File: 3138352e3135362e3231362e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: EvCO85+TEFrCa3fyF2Hvn+tlr4Nv9RYk07bI6yFMPvw=
Subject key identifier: 49:7E:D5:79:6A:93:8C:8F:5A:8B:43:09:6D:E6:86:1A:FD:73:54:B5
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 0A9A18935563FB94A80395914590EC88DB77D280
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3135362e3231362e302f32342d3234203d3e203630343538.roa
Signing time: Mon 05 May 2025 06:54:06 +0000
ROA not before: Mon 05 May 2025 06:49:06 +0000
ROA not after: Mon 04 May 2026 06:54:06 +0000
asID: 60458
IP address blocks: 185.156.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 08:07:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:9a:18:93:55:63:fb:94:a8:03:95:91:45:90:ec:88:db:77:d2:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: May 5 06:49:06 2025 GMT
Not After : May 4 06:54:06 2026 GMT
Subject: CN=497ED5796A938C8F5A8B43096DE6861AFD7354B5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:af:d0:7a:03:05:70:5e:5a:f0:0b:cc:a8:fc:
45:a1:9d:f2:c7:e3:8d:a8:ff:66:21:30:6b:83:9d:
26:a9:2e:9a:db:87:9e:c9:17:5a:2e:b3:e5:c9:a6:
38:ce:db:c6:74:94:6e:6d:89:fc:e5:22:8b:48:df:
0c:6a:25:ab:2d:1a:ed:ba:84:43:bf:ca:97:b1:79:
d5:a6:f2:c8:78:2b:f7:15:e6:89:85:8e:35:d7:c6:
83:12:9e:6f:23:30:a2:ae:e0:bc:68:a0:9b:8a:97:
d4:c8:6c:28:38:0e:08:d5:fe:d9:3f:2c:13:1b:40:
ca:36:f5:ae:01:80:26:65:c7:e1:4b:94:f8:d1:94:
64:4f:69:bf:72:3c:ea:39:a8:ba:df:30:a8:46:12:
3b:4f:66:bf:f7:bd:52:b7:90:7f:34:16:89:16:fc:
a5:a3:cd:83:06:6f:78:ab:59:6b:07:3a:7c:6e:71:
86:8c:25:67:51:3a:77:74:b5:58:21:43:ea:7d:a3:
56:d2:28:24:84:15:f0:9f:6f:12:7b:02:93:c5:66:
83:bd:2a:09:58:1b:1c:cb:18:95:04:83:7d:51:6c:
21:18:71:88:0c:3e:21:3a:3b:b1:52:81:dd:54:7f:
40:e3:dc:0c:0f:f5:be:6c:3a:0d:c4:48:f9:0b:8a:
c6:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:7E:D5:79:6A:93:8C:8F:5A:8B:43:09:6D:E6:86:1A:FD:73:54:B5
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3135362e3231362e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.216.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:bd:5d:a4:39:8e:dd:e6:33:c8:d9:8a:75:ac:28:3c:8b:d7:
f4:8f:8f:c1:5c:a8:d3:57:b3:cd:be:42:c9:2c:75:a6:b0:cd:
a6:ca:2f:1a:14:1b:39:db:5b:96:5a:bf:9e:84:a4:56:93:0f:
05:4b:04:16:dc:7a:d3:12:88:5a:3e:05:f0:69:1e:ca:8b:d8:
3e:fe:95:14:c3:ca:ae:74:d0:3f:da:cd:a4:65:f2:92:20:08:
44:05:d6:91:14:8a:3c:58:51:54:e1:d1:b5:bc:07:4c:f2:19:
ce:19:3e:6f:64:0b:49:ef:07:e1:08:e5:b7:a8:2e:59:0a:31:
d0:45:5a:06:96:38:7f:cc:67:a6:7e:5b:e4:3b:f6:73:aa:1e:
25:97:08:56:29:02:8a:af:81:24:21:91:d1:98:a5:4a:e0:70:
4e:13:4c:dd:8e:96:dd:fa:13:0a:3f:4e:77:23:fa:83:66:4f:
cf:66:3b:8e:33:b0:6a:bb:a8:89:f5:69:47:ca:bf:11:64:7d:
d6:1f:f6:20:af:5c:35:97:d6:2a:6c:f3:b1:d6:5c:a6:12:d2:
b4:3c:8c:35:a6:e7:b7:bf:b2:e9:95:97:1a:3b:1c:d5:76:cb:
14:c8:5c:f4:11:f9:ec:e4:62:f6:83:1e:7f:de:66:90:d8:a2:
cf:61:bc:4b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUCpoYk1Vj+5SoA5WRRZDsiNt30oAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNTA1MDUwNjQ5MDZaFw0yNjA1MDQwNjU0MDZaMDMxMTAvBgNV
BAMTKDQ5N0VENTc5NkE5MzhDOEY1QThCNDMwOTZERTY4NjFBRkQ3MzU0QjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUr9B6AwVwXlrwC8yo/EWhnfLH
442o/2YhMGuDnSapLprbh57JF1ous+XJpjjO28Z0lG5tifzlIotI3wxqJastGu26
hEO/ypexedWm8sh4K/cV5omFjjXXxoMSnm8jMKKu4LxooJuKl9TIbCg4DgjV/tk/
LBMbQMo29a4BgCZlx+FLlPjRlGRPab9yPOo5qLrfMKhGEjtPZr/3vVK3kH80FokW
/KWjzYMGb3irWWsHOnxucYaMJWdROnd0tVghQ+p9o1bSKCSEFfCfbxJ7ApPFZoO9
KglYGxzLGJUEg31RbCEYcYgMPiE6O7FSgd1Uf0Dj3AwP9b5sOg3ESPkLisZtAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUSX7VeWqTjI9ai0MJbeaGGv1zVLUwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMTM1MzYyZTMy
MzEzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzAzNDM1Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5nNgwDQYJKoZIhvcNAQELBQADggEBAFy9XaQ5jt3mM8jZinWsKDyL1/SPj8Fc
qNNXs82+QsksdaawzabKLxoUGznbW5Zav56EpFaTDwVLBBbcetMSiFo+BfBpHsqL
2D7+lRTDyq500D/azaRl8pIgCEQF1pEUijxYUVTh0bW8B0zyGc4ZPm9kC0nvB+EI
5beoLlkKMdBFWgaWOH/MZ6Z+W+Q79nOqHiWXCFYpAoqvgSQhkdGYpUrgcE4TTN2O
lt36Ewo/Tncj+oNmT89mO44zsGq7qIn1aUfKvxFkfdYf9iCvXDWX1ips87HWXKYS
0rQ8jDWm57e/sumVlxo7HNV2yxTIXPQR+ezkYvaDHn/eZpDYos9hvEs=
-----END CERTIFICATE-----
Generated at Sat May 10 16:23:08 2025 by rpki-client