Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3136372e32362e302f32342d3234203d3e203630343538.roa
File: 3138352e3136372e32362e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: AU1XTzixRsIIk2ZdZN58IrYKd8IFItgt7vU8fJub8+o=
Subject key identifier: 68:A2:87:7C:31:13:5E:EE:96:F8:A6:EB:7A:17:25:A4:83:77:C5:68
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 5F3E95F9D1BED7A16F0FBB051C09B1AE17051335
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3136372e32362e302f32342d3234203d3e203630343538.roa
Signing time: Mon 05 May 2025 06:54:05 +0000
ROA not before: Mon 05 May 2025 06:49:05 +0000
ROA not after: Mon 04 May 2026 06:54:05 +0000
asID: 60458
IP address blocks: 185.167.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 08 May 2025 02:48:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:3e:95:f9:d1:be:d7:a1:6f:0f:bb:05:1c:09:b1:ae:17:05:13:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: May 5 06:49:05 2025 GMT
Not After : May 4 06:54:05 2026 GMT
Subject: CN=68A2877C31135EEE96F8A6EB7A1725A48377C568
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ea:e5:de:e5:3e:91:21:50:9a:d5:e8:0b:31:
c3:6d:28:79:70:f4:b5:cd:10:72:04:5d:d1:8f:99:
e0:b0:60:b5:4f:14:1a:69:8a:e1:c7:55:ee:d8:76:
69:8a:2e:a4:da:c3:21:30:e1:fc:9c:1b:b0:40:60:
21:da:38:c3:f0:60:82:cf:3e:da:4c:24:87:e9:e0:
78:78:65:e0:43:a0:e6:54:6d:8c:05:4c:bf:97:39:
33:13:7e:77:6a:f8:13:36:8c:8f:42:95:b1:eb:b6:
51:86:bd:bc:40:4b:9d:d1:7e:6a:91:35:a6:ad:ec:
7f:42:0d:c9:22:7b:ef:6f:81:8c:5a:28:d8:bc:81:
b9:0a:08:c4:12:7e:8a:48:88:d1:1b:3a:7b:94:1e:
67:b3:56:c1:62:cb:84:da:3e:f1:e9:b4:32:d4:b5:
67:6b:56:5c:60:ef:c2:2d:72:cd:97:e7:30:43:45:
69:e0:9b:0b:2f:77:48:cc:2e:8c:08:d8:0a:ba:5e:
55:18:60:b2:15:02:54:90:e4:d4:f6:8b:d0:70:3c:
1f:01:50:61:33:2c:69:9e:0d:18:64:f5:d6:ce:fe:
86:66:63:b9:01:8a:59:08:d1:29:e1:b9:52:c3:4d:
e7:3c:3f:7a:40:60:79:e7:c4:bb:a8:6a:8d:0b:cd:
f7:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:A2:87:7C:31:13:5E:EE:96:F8:A6:EB:7A:17:25:A4:83:77:C5:68
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3136372e32362e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.26.0/24
Signature Algorithm: sha256WithRSAEncryption
68:8a:41:34:f7:fe:b2:0b:94:44:12:0e:4a:42:cc:2a:08:ef:
30:a6:b8:f3:92:9d:75:d1:b1:e4:b5:a7:8a:1c:3e:fc:d7:6c:
fb:f7:56:54:7d:35:d1:71:d0:73:0f:52:62:ec:6e:d2:5d:97:
23:76:7a:3a:3d:59:ef:77:6d:5a:0b:a1:2a:12:45:ff:32:63:
2d:fb:50:48:82:cd:5a:dd:1c:33:9c:21:6a:1a:ec:c7:ae:db:
b2:2e:81:ff:c4:42:05:ab:ae:69:02:64:a7:93:37:cd:9e:f9:
8a:28:24:05:ec:b0:fa:37:8c:4f:b4:93:de:53:13:77:23:33:
d4:4b:97:b1:e5:24:db:cb:dd:49:da:b2:ff:81:ad:2d:ff:f3:
74:8b:66:aa:68:48:e7:de:51:4d:7a:5d:4d:37:1e:d7:dc:97:
d8:e3:f3:ea:99:28:7f:1e:30:68:b5:fe:22:3e:d9:c7:f2:a2:
13:e9:6d:a4:b6:70:4b:55:6b:81:09:98:ff:c4:19:e2:b4:2d:
c9:db:0d:e9:56:72:ac:5b:e0:d2:10:6c:36:b9:5a:b6:2d:5c:
00:b0:33:5e:5b:2d:d8:88:25:40:16:77:5a:a5:45:8c:96:e5:
59:1d:84:79:ea:5c:69:f0:5c:f0:f7:ac:80:a9:bf:c7:e2:f7:
ce:58:2b:6a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUXz6V+dG+16FvD7sFHAmxrhcFEzUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNTA1MDUwNjQ5MDVaFw0yNjA1MDQwNjU0MDVaMDMxMTAvBgNV
BAMTKDY4QTI4NzdDMzExMzVFRUU5NkY4QTZFQjdBMTcyNUE0ODM3N0M1NjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCm6uXe5T6RIVCa1egLMcNtKHlw
9LXNEHIEXdGPmeCwYLVPFBppiuHHVe7YdmmKLqTawyEw4fycG7BAYCHaOMPwYILP
PtpMJIfp4Hh4ZeBDoOZUbYwFTL+XOTMTfndq+BM2jI9ClbHrtlGGvbxAS53RfmqR
Naat7H9CDckie+9vgYxaKNi8gbkKCMQSfopIiNEbOnuUHmezVsFiy4TaPvHptDLU
tWdrVlxg78Itcs2X5zBDRWngmwsvd0jMLowI2Aq6XlUYYLIVAlSQ5NT2i9BwPB8B
UGEzLGmeDRhk9dbO/oZmY7kBilkI0SnhuVLDTec8P3pAYHnnxLuoao0LzffRAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUaKKHfDETXu6W+KbrehclpIN3xWgwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMTM2MzcyZTMy
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMwMzQzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uacaMA0GCSqGSIb3DQEBCwUAA4IBAQBoikE09/6yC5REEg5KQswqCO8wprjzkp11
0bHktaeKHD7812z791ZUfTXRcdBzD1Ji7G7SXZcjdno6PVnvd21aC6EqEkX/MmMt
+1BIgs1a3RwznCFqGuzHrtuyLoH/xEIFq65pAmSnkzfNnvmKKCQF7LD6N4xPtJPe
UxN3IzPUS5ex5STby91J2rL/ga0t//N0i2aqaEjn3lFNel1NNx7X3JfY4/PqmSh/
HjBotf4iPtnH8qIT6W2ktnBLVWuBCZj/xBnitC3J2w3pVnKsW+DSEGw2uVq2LVwA
sDNeWy3YiCVAFndapUWMluVZHYR56lxp8Fzw96yAqb/H4vfOWCtq
-----END CERTIFICATE-----
Generated at Wed May 7 19:35:06 2025 by rpki-client