Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3231372e3134302e302f32342d3234203d3e20323131333733.roa
File: 3138352e3231372e3134302e302f32342d3234203d3e20323131333733.roa (raw, json)
Hash identifier: hNnRgizTxivmocfPjGcdnyRRZ7RF0OREZEdxCth7bFY=
Subject key identifier: B5:B1:24:DC:BD:42:E9:A6:C9:3F:50:BF:6F:09:14:72:E9:0A:C0:3E
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 7CE9EAE8861CC68A1EF6D8E66EEC1F9836299ED8
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3231372e3134302e302f32342d3234203d3e20323131333733.roa
Signing time: Wed 25 Jun 2025 08:48:12 +0000
ROA not before: Wed 25 Jun 2025 08:43:12 +0000
ROA not after: Wed 24 Jun 2026 08:48:12 +0000
asID: 211373
IP address blocks: 185.217.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 14:07:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:e9:ea:e8:86:1c:c6:8a:1e:f6:d8:e6:6e:ec:1f:98:36:29:9e:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jun 25 08:43:12 2025 GMT
Not After : Jun 24 08:48:12 2026 GMT
Subject: CN=B5B124DCBD42E9A6C93F50BF6F091472E90AC03E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:45:40:5f:c6:0a:aa:cd:d8:a9:9d:c6:ea:c7:
90:a2:4c:f8:82:1b:47:39:19:3c:af:a8:8e:fb:ba:
3f:ab:7f:8f:62:e5:d2:94:77:5e:59:c7:f1:2c:56:
fe:b6:76:d7:50:1f:53:7e:7f:f5:42:66:ee:4f:00:
0e:23:f6:9b:4e:fc:83:33:7c:a3:5a:f4:d4:f7:ab:
06:62:ab:dd:56:3d:47:51:f6:48:11:89:a4:25:43:
d1:db:a0:10:7c:74:38:83:8d:c0:cc:e4:94:1e:54:
fa:0c:72:4e:d5:ec:09:56:9a:20:c8:aa:80:da:15:
a1:2e:33:75:76:9c:5e:d8:dc:a8:cf:ed:fa:a6:b9:
6c:eb:ee:43:98:35:71:3f:01:bf:1d:d8:ef:7e:67:
36:b5:58:cc:ca:de:ba:2e:b0:90:e0:49:cb:88:2a:
88:db:92:5b:a2:2e:b4:ae:43:d1:88:6c:b6:52:73:
69:6f:06:d1:b0:01:1c:7b:6f:09:d3:69:d4:f2:63:
00:33:2c:dd:9b:23:15:1e:4b:c5:99:dc:b4:a9:4d:
10:f2:2f:83:99:5e:d3:eb:3f:6b:cf:69:19:40:00:
e1:74:90:da:4b:e6:82:de:b5:cd:77:d5:dd:fb:bd:
fa:c5:55:80:8b:c1:c1:fa:c1:90:3d:f4:58:9a:e6:
bd:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:B1:24:DC:BD:42:E9:A6:C9:3F:50:BF:6F:09:14:72:E9:0A:C0:3E
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3231372e3134302e302f32342d3234203d3e20323131333733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.140.0/24
Signature Algorithm: sha256WithRSAEncryption
26:5f:9e:81:fb:6d:e2:df:de:07:cf:db:f6:64:c2:bb:78:aa:
af:72:05:07:98:e2:be:f4:0e:64:e5:09:f1:71:08:91:c1:c1:
1e:5a:fb:d4:33:32:54:08:91:e1:90:f4:cf:25:3d:d3:1e:97:
7f:40:77:9c:0d:e3:3a:94:c3:16:99:da:4f:70:a0:d2:a2:8c:
1a:04:6e:a3:9b:9c:63:35:dd:ea:8f:bd:7c:96:02:d3:13:f9:
5d:91:70:6e:72:61:1a:b6:49:02:c4:15:ce:5d:ca:b1:66:b0:
e1:85:03:99:4f:f1:ea:20:bd:dd:06:6b:86:c9:34:e5:d6:37:
70:3a:43:f7:f8:9d:90:37:76:a4:3d:09:39:53:e4:d3:cd:4d:
5a:1f:80:05:4d:78:3d:43:11:0f:88:36:04:86:03:f1:74:92:
c8:71:b5:9d:75:fb:85:a5:25:03:83:a3:1e:f4:ae:46:80:06:
3e:53:a3:36:c4:49:1b:fa:f4:c3:44:03:f8:0b:41:29:1a:c6:
ea:bd:f7:80:54:24:2b:e9:c8:01:78:e3:7b:26:ea:73:76:4b:
26:47:3e:27:6d:c8:8a:05:5f:91:f8:4e:e2:90:a3:a8:73:bd:
73:09:53:68:7c:12:59:77:fa:20:ef:22:6c:23:c6:df:98:b6:
fc:0b:07:8d
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUfOnq6IYcxooe9tjmbuwfmDYpntgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNTA2MjUwODQzMTJaFw0yNjA2MjQwODQ4MTJaMDMxMTAvBgNV
BAMTKEI1QjEyNERDQkQ0MkU5QTZDOTNGNTBCRjZGMDkxNDcyRTkwQUMwM0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNRUBfxgqqzdipncbqx5CiTPiC
G0c5GTyvqI77uj+rf49i5dKUd15Zx/EsVv62dtdQH1N+f/VCZu5PAA4j9ptO/IMz
fKNa9NT3qwZiq91WPUdR9kgRiaQlQ9HboBB8dDiDjcDM5JQeVPoMck7V7AlWmiDI
qoDaFaEuM3V2nF7Y3KjP7fqmuWzr7kOYNXE/Ab8d2O9+Zza1WMzK3rousJDgScuI
KojbkluiLrSuQ9GIbLZSc2lvBtGwARx7bwnTadTyYwAzLN2bIxUeS8WZ3LSpTRDy
L4OZXtPrP2vPaRlAAOF0kNpL5oLetc131d37vfrFVYCLwcH6wZA99Fia5r0jAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUtbEk3L1C6abJP1C/bwkUcukKwD4wHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMjMxMzcyZTMx
MzQzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMTMzMzczMy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnZjDANBgkqhkiG9w0BAQsFAAOCAQEAJl+egftt4t/eB8/b9mTCu3iqr3IF
B5jivvQOZOUJ8XEIkcHBHlr71DMyVAiR4ZD0zyU90x6Xf0B3nA3jOpTDFpnaT3Cg
0qKMGgRuo5ucYzXd6o+9fJYC0xP5XZFwbnJhGrZJAsQVzl3KsWaw4YUDmU/x6iC9
3QZrhsk05dY3cDpD9/idkDd2pD0JOVPk081NWh+ABU14PUMRD4g2BIYD8XSSyHG1
nXX7haUlA4OjHvSuRoAGPlOjNsRJG/r0w0QD+AtBKRrG6r33gFQkK+nIAXjjeybq
c3ZLJkc+J23IigVfkfhO4pCjqHO9cwlTaHwSWXf6IO8ibCPG35i2/AsHjQ==
-----END CERTIFICATE-----
Generated at Mon Jun 30 19:48:21 2025 by rpki-client