Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3230322e3134342e302f32342d3234203d3e203630343538.roa
File: 3138352e3230322e3134342e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: wz4+Z748yPCelmg+RPJx6JGtTSzenzKPpdD84rUDauM=
Subject key identifier: E9:75:41:7A:E2:18:0E:48:25:10:06:BE:1C:89:E5:21:4F:B1:47:ED
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 611DF04D1310ACE6A512E9BAADE7664BF125222D
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3230322e3134342e302f32342d3234203d3e203630343538.roa
Signing time: Mon 05 May 2025 06:54:05 +0000
ROA not before: Mon 05 May 2025 06:49:05 +0000
ROA not after: Mon 04 May 2026 06:54:05 +0000
asID: 60458
IP address blocks: 185.202.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 08:07:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:1d:f0:4d:13:10:ac:e6:a5:12:e9:ba:ad:e7:66:4b:f1:25:22:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: May 5 06:49:05 2025 GMT
Not After : May 4 06:54:05 2026 GMT
Subject: CN=E975417AE2180E48251006BE1C89E5214FB147ED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f9:bc:55:50:52:09:ae:27:2b:6f:88:9f:fb:
1a:e7:79:cf:1e:28:d4:07:c4:06:34:bb:13:43:7b:
ad:17:88:7f:71:23:d4:4a:c3:04:1a:f5:37:58:bc:
75:42:00:ee:6f:69:d1:dd:d5:45:cc:cd:b1:5c:44:
3f:ff:dd:8e:38:5b:65:ff:85:56:89:a9:4c:62:41:
91:a9:c3:28:65:b9:42:2c:d4:4d:c3:3f:65:c1:02:
b7:be:9f:1b:08:7b:e3:80:f0:37:61:d1:12:39:88:
5b:90:87:3a:dc:bb:f3:2d:f6:0b:74:68:c8:45:36:
53:f6:4b:da:15:69:af:3d:09:db:30:7e:34:10:70:
2e:fb:8c:2d:15:c8:3b:b3:9e:4a:50:33:bb:51:3e:
05:cc:dc:fc:ae:55:d0:2e:6d:55:14:6f:33:75:13:
dc:09:40:aa:8c:a4:63:c5:e5:ef:fd:ec:c9:3b:14:
1e:97:96:4d:b0:b3:82:4e:9b:5d:cd:e3:fc:94:53:
99:17:ce:61:0f:dc:68:dd:9e:cc:ec:8c:02:f2:99:
2f:2e:88:63:16:aa:5a:a8:05:3e:ea:aa:76:1c:4c:
bf:bd:04:6f:e4:85:b1:23:b9:45:11:ac:53:b3:72:
de:74:52:16:42:ed:24:7d:bd:0a:63:c5:ca:e3:d5:
cc:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:75:41:7A:E2:18:0E:48:25:10:06:BE:1C:89:E5:21:4F:B1:47:ED
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3230322e3134342e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.144.0/24
Signature Algorithm: sha256WithRSAEncryption
90:4b:cf:18:95:ee:03:63:b1:17:86:1b:4b:d7:43:e5:75:14:
85:d3:5d:d0:43:db:8c:a6:0b:40:c0:e6:55:c1:40:36:31:a0:
03:56:a6:dd:0c:3a:06:60:69:56:39:d6:dc:85:9b:d5:8b:91:
13:76:77:4b:c5:c9:9e:05:8d:c5:2c:e0:8b:f6:01:06:58:66:
d5:7a:d0:16:37:0a:ed:b2:13:42:ed:25:31:a0:69:7c:b1:bc:
4b:4b:85:2f:52:1e:b1:d1:ba:44:44:11:36:5a:e6:62:d6:b3:
2e:ed:9b:72:08:81:51:43:70:1f:05:5f:eb:9a:5c:0c:f2:43:
e4:fb:f9:74:ae:bb:55:2a:28:68:53:0f:4b:82:c2:19:3c:dc:
d6:b2:32:91:0e:38:46:3a:b8:b9:54:63:19:00:d8:74:fa:12:
43:d9:34:f1:84:c6:71:f0:8b:73:03:1b:b2:dc:a2:70:3c:76:
8c:6a:6a:99:77:76:a1:2b:35:84:2c:35:e1:5f:2d:3c:ec:7a:
0b:1f:2f:32:78:90:db:c4:f3:5b:59:68:98:1f:d9:cf:07:10:
90:8c:97:26:3f:ca:b3:4b:b0:79:2e:29:a3:1a:60:ca:73:84:
64:f4:ed:05:7c:36:83:e2:a6:c6:be:12:e0:7f:e6:9d:75:a3:
26:37:95:5a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUYR3wTRMQrOalEum6redmS/ElIi0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNTA1MDUwNjQ5MDVaFw0yNjA1MDQwNjU0MDVaMDMxMTAvBgNV
BAMTKEU5NzU0MTdBRTIxODBFNDgyNTEwMDZCRTFDODlFNTIxNEZCMTQ3RUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw+bxVUFIJricrb4if+xrnec8e
KNQHxAY0uxNDe60XiH9xI9RKwwQa9TdYvHVCAO5vadHd1UXMzbFcRD//3Y44W2X/
hVaJqUxiQZGpwyhluUIs1E3DP2XBAre+nxsIe+OA8Ddh0RI5iFuQhzrcu/Mt9gt0
aMhFNlP2S9oVaa89CdswfjQQcC77jC0VyDuznkpQM7tRPgXM3PyuVdAubVUUbzN1
E9wJQKqMpGPF5e/97Mk7FB6Xlk2ws4JOm13N4/yUU5kXzmEP3GjdnszsjALymS8u
iGMWqlqoBT7qqnYcTL+9BG/khbEjuUURrFOzct50UhZC7SR9vQpjxcrj1cwDAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU6XVBeuIYDkglEAa+HInlIU+xR+0wHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMjMwMzIyZTMx
MzQzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzAzNDM1Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5ypAwDQYJKoZIhvcNAQELBQADggEBAJBLzxiV7gNjsReGG0vXQ+V1FIXTXdBD
24ymC0DA5lXBQDYxoANWpt0MOgZgaVY51tyFm9WLkRN2d0vFyZ4FjcUs4Iv2AQZY
ZtV60BY3Cu2yE0LtJTGgaXyxvEtLhS9SHrHRukREETZa5mLWsy7tm3IIgVFDcB8F
X+uaXAzyQ+T7+XSuu1UqKGhTD0uCwhk83NayMpEOOEY6uLlUYxkA2HT6EkPZNPGE
xnHwi3MDG7LconA8doxqapl3dqErNYQsNeFfLTzsegsfLzJ4kNvE81tZaJgf2c8H
EJCMlyY/yrNLsHkuKaMaYMpzhGT07QV8NoPipsa+EuB/5p11oyY3lVo=
-----END CERTIFICATE-----
Generated at Sat May 10 18:56:57 2025 by rpki-client