Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3230322e3134352e302f32342d3234203d3e203630343538.roa
File: 3138352e3230322e3134352e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: W83bzJQhGHobYnfM1tmulNDtSSyNf73jimSZ1AGOpI0=
Subject key identifier: 20:E8:84:16:DB:54:47:CA:41:CA:72:5C:33:D9:49:70:86:C7:93:67
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 64E8B781A0A684E3ECC2F647657BDB1A44314354
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3230322e3134352e302f32342d3234203d3e203630343538.roa
Signing time: Mon 05 May 2025 06:54:07 +0000
ROA not before: Mon 05 May 2025 06:49:07 +0000
ROA not after: Mon 04 May 2026 06:54:07 +0000
asID: 60458
IP address blocks: 185.202.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:e8:b7:81:a0:a6:84:e3:ec:c2:f6:47:65:7b:db:1a:44:31:43:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: May 5 06:49:07 2025 GMT
Not After : May 4 06:54:07 2026 GMT
Subject: CN=20E88416DB5447CA41CA725C33D9497086C79367
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:5f:84:8d:e9:cb:44:d3:3e:1c:ae:33:bf:5b:
c1:9e:59:4a:5e:98:06:4c:9b:2a:ac:6b:ec:a0:5c:
bf:c2:d1:c4:38:dd:36:e9:a3:50:63:ff:3a:84:31:
8f:e3:ba:c2:f4:ca:39:42:60:da:d3:f9:b2:0f:b5:
8a:bf:d0:3f:bb:f2:53:c3:58:ea:95:7a:68:f2:ba:
fa:45:08:fc:dc:1c:51:71:7c:33:a7:ba:91:a1:84:
4a:25:24:8f:10:40:89:b2:2b:d0:13:b6:1b:2e:14:
6c:ca:00:89:e8:fb:db:e0:62:f2:6a:6d:84:a9:4e:
a8:06:00:31:09:df:8f:24:07:66:2a:f7:38:4b:ed:
f5:df:4c:a5:50:f7:cb:28:32:84:fa:1b:9d:9b:c8:
3a:3f:3a:36:bc:b8:72:24:79:77:64:c6:e0:30:1f:
08:28:ed:1f:17:07:be:f3:12:1b:ea:d1:0f:85:4c:
e3:cc:22:c2:f7:c2:4a:8a:2d:d7:14:e0:35:cb:4a:
ac:98:ad:37:d3:38:e6:7a:d2:c6:56:76:88:17:00:
7d:83:9f:ac:dd:81:59:20:84:f8:ee:17:7e:3b:a8:
f0:1e:8d:63:69:84:0b:d3:cf:77:e4:ae:e8:3b:1e:
3e:d2:bc:85:67:29:e4:20:46:c4:1e:5c:1e:f9:a9:
01:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:E8:84:16:DB:54:47:CA:41:CA:72:5C:33:D9:49:70:86:C7:93:67
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3230322e3134352e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.145.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:9a:c3:7d:14:27:d5:4b:05:7b:86:57:c3:ea:e5:43:4c:df:
82:dc:b7:48:30:ff:34:a5:6e:67:84:ee:a2:c8:e1:5c:aa:27:
c4:76:e3:e6:7f:4b:b1:7b:5f:5a:66:2b:4f:a9:cf:1d:bf:41:
7e:81:f0:c9:fd:55:5e:83:56:78:dd:ea:6d:1d:ac:c4:71:ab:
87:12:83:2e:7f:92:2c:b6:d8:c5:0f:0a:ad:3c:2b:d7:2c:27:
76:e0:f0:07:b0:67:69:8e:f2:2c:1a:88:4a:96:78:09:ab:e1:
1e:48:d0:7e:04:13:2b:c3:ab:9a:a2:99:9b:c0:18:26:68:40:
01:27:a8:f8:3f:28:6c:8a:4a:35:1e:8b:bf:f6:45:09:ec:5c:
bd:e0:d8:a4:b4:09:13:ff:b1:c0:56:56:57:f2:04:fb:a2:6f:
e8:4f:fb:c9:ea:41:d0:31:5e:3a:90:a7:51:4f:d4:66:2a:cd:
19:59:1e:d9:a5:95:98:93:d0:46:86:f3:9b:3b:a5:18:2e:b0:
f8:76:82:56:7d:f5:93:10:52:d8:32:a5:2a:3c:8d:84:8a:f3:
91:1e:4a:3b:7a:f4:ee:f3:e3:cb:1f:b8:03:24:25:11:b1:e6:
10:a4:5c:d0:35:7d:5a:54:4f:fe:ed:b9:79:69:7c:f3:8d:8e:
10:d4:c0:51
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZOi3gaCmhOPswvZHZXvbGkQxQ1QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNTA1MDUwNjQ5MDdaFw0yNjA1MDQwNjU0MDdaMDMxMTAvBgNV
BAMTKDIwRTg4NDE2REI1NDQ3Q0E0MUNBNzI1QzMzRDk0OTcwODZDNzkzNjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeX4SN6ctE0z4crjO/W8GeWUpe
mAZMmyqsa+ygXL/C0cQ43Tbpo1Bj/zqEMY/jusL0yjlCYNrT+bIPtYq/0D+78lPD
WOqVemjyuvpFCPzcHFFxfDOnupGhhEolJI8QQImyK9ATthsuFGzKAIno+9vgYvJq
bYSpTqgGADEJ348kB2Yq9zhL7fXfTKVQ98soMoT6G52byDo/Oja8uHIkeXdkxuAw
Hwgo7R8XB77zEhvq0Q+FTOPMIsL3wkqKLdcU4DXLSqyYrTfTOOZ60sZWdogXAH2D
n6zdgVkghPjuF347qPAejWNphAvTz3fkrug7Hj7SvIVnKeQgRsQeXB75qQHPAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUIOiEFttUR8pBynJcM9lJcIbHk2cwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMjMwMzIyZTMx
MzQzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzAzNDM1Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5ypEwDQYJKoZIhvcNAQELBQADggEBAD2aw30UJ9VLBXuGV8Pq5UNM34Lct0gw
/zSlbmeE7qLI4VyqJ8R24+Z/S7F7X1pmK0+pzx2/QX6B8Mn9VV6DVnjd6m0drMRx
q4cSgy5/kiy22MUPCq08K9csJ3bg8AewZ2mO8iwaiEqWeAmr4R5I0H4EEyvDq5qi
mZvAGCZoQAEnqPg/KGyKSjUei7/2RQnsXL3g2KS0CRP/scBWVlfyBPuib+hP+8nq
QdAxXjqQp1FP1GYqzRlZHtmllZiT0EaG85s7pRgusPh2glZ99ZMQUtgypSo8jYSK
85EeSjt69O7z48sfuAMkJRGx5hCkXNA1fVpUT/7tuXlpfPONjhDUwFE=
-----END CERTIFICATE-----
Generated at Sun May 11 01:41:56 2025 by rpki-client