Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3231352e3131342e302f32342d3234203d3e203631333137.roa
File: 3138352e3231352e3131342e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: R9WhNu2MdPr1NOFjMmZeGBiIE2nwtlE4Jo64OX4u4HA=
Subject key identifier: 6B:CC:C4:60:9A:55:04:27:1E:F3:63:57:E5:50:F0:EF:11:39:52:CF
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 3A361DFF8AB2CD3ABF92E9859161C81F209C39E8
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3231352e3131342e302f32342d3234203d3e203631333137.roa
Signing time: Mon 05 May 2025 12:54:07 +0000
ROA not before: Mon 05 May 2025 12:49:07 +0000
ROA not after: Mon 04 May 2026 12:54:07 +0000
asID: 61317
IP address blocks: 185.215.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:36:1d:ff:8a:b2:cd:3a:bf:92:e9:85:91:61:c8:1f:20:9c:39:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: May 5 12:49:07 2025 GMT
Not After : May 4 12:54:07 2026 GMT
Subject: CN=6BCCC4609A5504271EF36357E550F0EF113952CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c4:e1:74:c0:75:3f:4b:f9:66:5b:7b:02:d4:
23:99:68:6e:5d:72:47:21:b9:f8:ee:af:45:c9:f4:
bb:c3:fa:1b:93:7a:9d:22:7b:ec:3f:85:83:c5:8c:
70:16:5f:d1:d4:2d:75:1a:a8:4e:d1:f6:b7:aa:73:
01:4f:aa:f6:e6:21:ca:51:9e:87:99:3d:b3:32:22:
ab:9f:82:6f:d8:d5:44:33:1a:26:6d:8e:33:1d:8a:
ca:7e:d9:3f:57:4f:3c:e0:b9:21:fc:73:7c:7b:cf:
bd:30:ee:a9:e0:02:26:26:c9:25:f9:2d:93:e1:52:
0f:90:42:ad:f9:44:a8:9c:f5:e5:59:ba:d8:15:23:
17:5b:47:55:b2:9b:02:c1:87:45:39:76:67:85:57:
39:2c:a1:15:c6:b4:d1:81:65:12:bd:4d:aa:c1:2d:
fb:c6:87:a3:e0:ff:b2:20:a0:a7:8e:09:73:bc:6c:
f4:d5:a4:f4:7a:89:41:f9:64:81:a8:f3:37:d4:a2:
2e:2a:25:4c:a5:1a:f5:71:83:e0:5d:1e:1d:44:e5:
e2:49:e0:9d:80:5b:9f:e1:ac:7d:69:ef:5c:c8:4a:
fb:1c:f4:6c:fd:3f:f3:16:58:00:e8:f3:11:74:e9:
a6:c3:f5:37:18:57:14:26:df:eb:66:44:6e:a4:88:
9e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:CC:C4:60:9A:55:04:27:1E:F3:63:57:E5:50:F0:EF:11:39:52:CF
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3231352e3131342e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.215.114.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:e9:35:32:b7:60:5b:c9:27:3a:3e:61:60:ad:3b:a7:16:f0:
5d:a3:b7:b3:d7:f0:73:a4:be:c8:f3:7b:9d:47:54:0e:c6:59:
6b:d2:80:3f:3f:44:a5:be:0f:b5:fe:94:84:80:8b:0a:b6:25:
d5:74:b2:c8:bb:67:52:40:0f:49:2a:77:40:5f:18:fc:22:3a:
aa:6f:ae:35:d5:0c:43:72:e3:92:65:bd:01:9f:76:87:db:d8:
01:18:50:1e:74:9e:ff:04:ba:1d:82:a1:3e:7a:61:28:57:b1:
24:e1:8f:77:41:07:43:33:48:68:59:50:4b:db:1d:76:d7:3f:
23:6b:7c:47:4b:c8:7f:c4:ec:78:0b:b2:d5:5d:92:28:3c:b8:
b0:d9:56:68:db:68:a4:b9:b8:cb:f6:61:ba:30:c3:a2:de:3b:
b0:94:4f:04:6b:1d:5c:df:53:c2:0e:25:d2:d4:03:5d:78:19:
94:8f:ee:a0:cb:80:82:f0:41:fe:e1:4f:12:a2:e4:10:0b:84:
da:1d:36:c3:aa:31:5b:01:45:da:0a:64:85:4a:6c:15:b7:1c:
ea:07:11:a6:0a:25:dd:12:27:5b:b7:c7:5c:46:e7:46:2c:bf:
0e:69:46:b7:72:e0:a8:24:77:a4:86:00:ad:b7:8b:2d:49:c4:
68:6b:1c:92
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUOjYd/4qyzTq/kumFkWHIHyCcOegwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNTA1MDUxMjQ5MDdaFw0yNjA1MDQxMjU0MDdaMDMxMTAvBgNV
BAMTKDZCQ0NDNDYwOUE1NTA0MjcxRUYzNjM1N0U1NTBGMEVGMTEzOTUyQ0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmxOF0wHU/S/lmW3sC1COZaG5d
ckchufjur0XJ9LvD+huTep0ie+w/hYPFjHAWX9HULXUaqE7R9reqcwFPqvbmIcpR
noeZPbMyIqufgm/Y1UQzGiZtjjMdisp+2T9XTzzguSH8c3x7z70w7qngAiYmySX5
LZPhUg+QQq35RKic9eVZutgVIxdbR1WymwLBh0U5dmeFVzksoRXGtNGBZRK9TarB
LfvGh6Pg/7IgoKeOCXO8bPTVpPR6iUH5ZIGo8zfUoi4qJUylGvVxg+BdHh1E5eJJ
4J2AW5/hrH1p71zISvsc9Gz9P/MWWADo8xF06abD9TcYVxQm3+tmRG6kiJ63AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUa8zEYJpVBCce82NX5VDw7xE5Us8wHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMjMxMzUyZTMx
MzEzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzEzMzMxMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC513IwDQYJKoZIhvcNAQELBQADggEBALfpNTK3YFvJJzo+YWCtO6cW8F2jt7PX
8HOkvsjze51HVA7GWWvSgD8/RKW+D7X+lISAiwq2JdV0ssi7Z1JAD0kqd0BfGPwi
OqpvrjXVDENy45JlvQGfdofb2AEYUB50nv8Euh2CoT56YShXsSThj3dBB0MzSGhZ
UEvbHXbXPyNrfEdLyH/E7HgLstVdkig8uLDZVmjbaKS5uMv2Yboww6LeO7CUTwRr
HVzfU8IOJdLUA114GZSP7qDLgILwQf7hTxKi5BALhNodNsOqMVsBRdoKZIVKbBW3
HOoHEaYKJd0SJ1u3x1xG50Ysvw5pRrdy4Kgkd6SGAK23iy1JxGhrHJI=
-----END CERTIFICATE-----
Generated at Sun May 11 09:30:35 2025 by rpki-client