Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3135362e3231382e302f32342d3234203d3e203630343538.roa
File: 3138352e3135362e3231382e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: IhLfWMdp3wfBoJIgMf1dZQYIiVjH+IC6uyZDFZApUo0=
Subject key identifier: 58:65:16:06:BB:6A:03:61:63:30:B0:AD:19:7E:8A:2A:5D:0B:BA:AF
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 579384F1356F2E13A49EDD7C85A316AF8CC7AD66
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3135362e3231382e302f32342d3234203d3e203630343538.roa
Signing time: Mon 05 May 2025 06:54:06 +0000
ROA not before: Mon 05 May 2025 06:49:06 +0000
ROA not after: Mon 04 May 2026 06:54:06 +0000
asID: 60458
IP address blocks: 185.156.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:93:84:f1:35:6f:2e:13:a4:9e:dd:7c:85:a3:16:af:8c:c7:ad:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: May 5 06:49:06 2025 GMT
Not After : May 4 06:54:06 2026 GMT
Subject: CN=58651606BB6A03616330B0AD197E8A2A5D0BBAAF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:93:b1:ca:e5:1d:06:f2:94:13:42:84:9f:41:
41:03:38:d6:0c:6f:10:90:1b:b8:b2:28:72:d3:52:
f4:ec:4e:02:09:d0:ea:3b:0b:6e:6b:ca:4d:24:42:
e4:e5:39:d1:05:9e:38:f6:32:01:25:21:c9:90:69:
8e:bb:6c:82:40:c6:bf:5a:79:bb:f0:00:c0:16:fb:
15:6b:b4:06:70:de:94:7c:57:d9:67:5e:e8:0d:65:
d7:2e:38:03:34:3c:45:e9:32:99:ed:1f:9b:1f:a7:
10:08:ac:74:4c:05:e1:21:f4:64:1b:77:74:97:9d:
ae:61:0a:e4:57:0d:1d:16:fa:8e:93:f3:bd:f5:f0:
92:9f:e2:67:f3:21:e6:42:97:70:6b:53:fc:cf:ce:
dc:c0:a1:d7:f1:35:1c:07:91:4b:d2:d4:66:1b:81:
c3:02:2e:98:2f:53:c0:cc:53:8e:9f:25:b2:ea:53:
27:47:a3:7f:cf:7a:d6:9c:48:06:fa:ca:1a:c7:21:
ca:fe:4b:ee:9f:c1:1d:a8:5a:b5:69:28:40:74:ec:
0e:27:21:4e:5f:88:48:96:2d:06:60:eb:59:6b:25:
67:ed:65:a6:75:c4:05:80:dd:d0:f0:2d:92:7e:3c:
01:db:2d:48:35:35:76:e9:88:2b:ed:e2:4e:a5:ea:
5c:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:65:16:06:BB:6A:03:61:63:30:B0:AD:19:7E:8A:2A:5D:0B:BA:AF
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3135362e3231382e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.218.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:7e:b3:6a:d1:ed:f0:5a:65:1f:cd:a3:26:da:90:b8:e7:de:
41:d9:94:98:de:e9:81:3a:c1:02:57:23:6a:fb:ab:bf:a7:f5:
e5:76:d8:90:8f:11:f3:91:a6:f8:dd:c2:96:6d:91:40:0b:b5:
83:e0:82:44:86:77:19:05:55:37:c1:66:b2:3c:01:5e:cf:2b:
bb:7a:b3:71:b3:43:c3:58:81:1b:de:99:5b:07:9f:06:1a:fc:
b3:6a:34:26:b1:1e:16:03:5f:ee:32:7f:66:da:77:d5:d3:84:
5a:bc:28:d1:eb:fc:2c:84:0e:c4:fa:1d:4e:7a:8c:cc:46:83:
7b:5e:e5:21:25:95:fb:39:39:85:6f:d9:79:ac:ba:b0:96:78:
c4:e6:cd:bc:08:58:8d:b8:08:25:1f:49:c3:9c:4a:f0:b4:1c:
5d:ec:b1:14:87:5b:d7:4a:bc:fe:74:0b:3b:b8:5f:75:b7:c2:
f2:a6:82:77:81:a4:7e:30:ef:6e:72:f0:f2:35:b8:c8:b6:d9:
6d:4e:ff:8a:a4:11:da:76:f8:fb:df:c8:83:4a:e1:fb:09:09:
f8:45:7d:f2:ae:77:4c:7c:59:a6:ea:af:d6:58:ec:84:ee:f9:
13:5b:1f:cb:dc:9c:d3:a3:d0:7c:9c:11:7c:82:c8:c2:6f:22:
65:a4:63:39
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUV5OE8TVvLhOknt18haMWr4zHrWYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNTA1MDUwNjQ5MDZaFw0yNjA1MDQwNjU0MDZaMDMxMTAvBgNV
BAMTKDU4NjUxNjA2QkI2QTAzNjE2MzMwQjBBRDE5N0U4QTJBNUQwQkJBQUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxk7HK5R0G8pQTQoSfQUEDONYM
bxCQG7iyKHLTUvTsTgIJ0Oo7C25ryk0kQuTlOdEFnjj2MgElIcmQaY67bIJAxr9a
ebvwAMAW+xVrtAZw3pR8V9lnXugNZdcuOAM0PEXpMpntH5sfpxAIrHRMBeEh9GQb
d3SXna5hCuRXDR0W+o6T87318JKf4mfzIeZCl3BrU/zPztzAodfxNRwHkUvS1GYb
gcMCLpgvU8DMU46fJbLqUydHo3/PetacSAb6yhrHIcr+S+6fwR2oWrVpKEB07A4n
IU5fiEiWLQZg61lrJWftZaZ1xAWA3dDwLZJ+PAHbLUg1NXbpiCvt4k6l6lwdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUWGUWBrtqA2FjMLCtGX6KKl0Luq8wHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMTM1MzYyZTMy
MzEzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzAzNDM1Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5nNowDQYJKoZIhvcNAQELBQADggEBAM9+s2rR7fBaZR/NoybakLjn3kHZlJje
6YE6wQJXI2r7q7+n9eV22JCPEfORpvjdwpZtkUALtYPggkSGdxkFVTfBZrI8AV7P
K7t6s3GzQ8NYgRvemVsHnwYa/LNqNCaxHhYDX+4yf2bad9XThFq8KNHr/CyEDsT6
HU56jMxGg3te5SEllfs5OYVv2XmsurCWeMTmzbwIWI24CCUfScOcSvC0HF3ssRSH
W9dKvP50Czu4X3W3wvKmgneBpH4w725y8PI1uMi22W1O/4qkEdp2+PvfyINK4fsJ
CfhFffKud0x8Wabqr9ZY7ITu+RNbH8vcnNOj0HycEXyCyMJvImWkYzk=
-----END CERTIFICATE-----
Generated at Sat May 10 13:43:07 2025 by rpki-client