Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/3138352e322e3136322e302f32332d3234203d3e20323135323639.roa
File: 3138352e322e3136322e302f32332d3234203d3e20323135323639.roa (raw, json)
Hash identifier: sEO5Q+LtE+juFIMx1yqrmSkIjuvpVFxY8R1aiQqtGzs=
Subject key identifier: 6A:E5:28:FC:C8:D5:E0:DF:51:D3:AD:8A:22:2F:AC:4A:08:CD:3D:99
Certificate issuer: /CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Certificate serial: 7B49EAEA10AE21774DC910EF82D94514E618770C
Authority key identifier: 9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/3138352e322e3136322e302f32332d3234203d3e20323135323639.roa
Signing time: Sun 04 May 2025 13:40:34 +0000
ROA not before: Sun 04 May 2025 13:35:34 +0000
ROA not after: Sun 03 May 2026 13:40:34 +0000
asID: 215269
IP address blocks: 185.2.162.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 08 May 2025 13:09:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:49:ea:ea:10:ae:21:77:4d:c9:10:ef:82:d9:45:14:e6:18:77:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Validity
Not Before: May 4 13:35:34 2025 GMT
Not After : May 3 13:40:34 2026 GMT
Subject: CN=6AE528FCC8D5E0DF51D3AD8A222FAC4A08CD3D99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e8:a2:bb:be:3e:51:31:43:8b:a2:ae:70:63:
d1:5e:39:c6:1d:93:d1:9f:fd:f0:5b:63:32:a9:36:
35:98:f6:a1:27:a9:a8:f9:0a:e9:8c:61:82:02:13:
fc:f4:64:81:d8:b4:5c:82:3e:db:a2:b0:3d:1a:f3:
58:62:63:6f:26:14:5a:7f:10:8f:f9:e5:11:b3:91:
50:21:c2:0a:e7:44:4e:88:34:a7:74:82:c5:0b:c8:
76:48:06:25:87:2f:c0:16:ea:e9:11:44:3f:18:df:
df:20:49:92:d4:4b:97:22:86:e5:57:53:c7:92:d2:
12:6c:91:43:0e:b1:7b:5e:5d:b4:9f:b7:8f:dc:a6:
50:ce:93:46:84:50:44:69:21:03:2c:13:5b:8b:77:
43:d3:68:d5:09:44:4d:83:40:31:9f:b0:b1:6b:1b:
6c:c8:e4:59:20:4e:9d:33:fa:9e:10:7e:b1:82:54:
5c:2f:3e:c8:b8:ec:49:53:62:30:a4:16:3c:d0:ae:
ac:83:54:d3:9c:00:b4:af:f2:fb:f2:ab:3a:42:c0:
15:ac:df:72:af:72:dc:a7:f8:40:f0:03:79:02:6e:
ff:22:ce:f1:b7:67:3d:88:a6:57:6e:48:df:6b:d1:
86:18:f3:88:18:0a:53:ef:12:02:01:7d:ac:d1:bc:
7b:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:E5:28:FC:C8:D5:E0:DF:51:D3:AD:8A:22:2F:AC:4A:08:CD:3D:99
X509v3 Authority Key Identifier:
keyid:9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/3138352e322e3136322e302f32332d3234203d3e20323135323639.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.162.0/23
Signature Algorithm: sha256WithRSAEncryption
84:cf:64:a4:18:91:6b:a8:14:af:af:e0:44:7a:aa:48:07:7b:
5b:65:ad:5a:6b:9a:d5:72:52:44:3e:09:f6:ee:3e:79:54:0d:
55:bd:67:75:9f:82:8b:02:d5:e9:ff:62:de:30:c6:06:ac:0c:
79:a2:57:e3:d9:02:6d:f3:55:2c:a7:e9:d3:d7:d6:ea:9f:e3:
e2:77:28:c4:32:d3:79:1e:2d:52:ca:ca:1a:4c:c0:11:27:10:
69:e9:63:68:fd:c6:32:21:ae:56:3e:b2:9a:69:70:d6:bb:26:
08:4f:18:4c:11:7f:5d:fd:0c:83:a5:d7:14:2a:60:6a:9c:93:
9f:49:2f:6e:04:7b:8d:2e:9c:28:d2:a8:6d:37:08:22:f2:f4:
c0:f2:1b:2c:a8:0d:44:53:99:fb:56:99:93:53:81:eb:12:28:
d3:b6:8e:a6:8e:2f:05:0f:96:64:f1:b3:38:37:62:6f:5d:ad:
0c:3f:91:d9:cb:32:8f:87:51:77:d7:bb:24:15:0f:44:e4:81:
05:5d:54:70:24:12:e0:6d:d4:7d:06:b3:c2:bd:78:de:50:bc:
5d:91:91:40:52:b4:56:3e:fd:14:74:99:e1:8e:98:b2:84:7c:
36:ed:a8:e6:09:72:2a:d0:dc:3f:a3:ce:3e:da:75:a0:de:9c:
51:66:07:92
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUe0nq6hCuIXdNyRDvgtlFFOYYdwwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWYwZDI0Yzg1NWVlZTAwZmU0YWJmMzkwM2M2ZThmY2M3
MDgzZWQ0ZDAeFw0yNTA1MDQxMzM1MzRaFw0yNjA1MDMxMzQwMzRaMDMxMTAvBgNV
BAMTKDZBRTUyOEZDQzhENUUwREY1MUQzQUQ4QTIyMkZBQzRBMDhDRDNEOTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx6KK7vj5RMUOLoq5wY9FeOcYd
k9Gf/fBbYzKpNjWY9qEnqaj5CumMYYICE/z0ZIHYtFyCPtuisD0a81hiY28mFFp/
EI/55RGzkVAhwgrnRE6INKd0gsULyHZIBiWHL8AW6ukRRD8Y398gSZLUS5cihuVX
U8eS0hJskUMOsXteXbSft4/cplDOk0aEUERpIQMsE1uLd0PTaNUJRE2DQDGfsLFr
G2zI5FkgTp0z+p4QfrGCVFwvPsi47ElTYjCkFjzQrqyDVNOcALSv8vvyqzpCwBWs
33Kvctyn+EDwA3kCbv8izvG3Zz2IplduSN9r0YYY84gYClPvEgIBfazRvHvTAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUauUo/MjV4N9R062KIi+sSgjNPZkwHwYDVR0j
BBgwFoAUnw0kyFXu4A/kq/OQPG6PzHCD7U0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQtNDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3
ODEzLzAvOUYwRDI0Qzg1NUVFRTAwRkU0QUJGMzkwM0M2RThGQ0M3MDgzRUQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL253MGt5Rlh1NEFfa3FfT1FQRzZQekhD
RDdVMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQt
NDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3ODEzLzAvMzEzODM1MmUzMjJlMzEzNjMy
MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzIzMTM1MzIzNjM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
uQKiMA0GCSqGSIb3DQEBCwUAA4IBAQCEz2SkGJFrqBSvr+BEeqpIB3tbZa1aa5rV
clJEPgn27j55VA1VvWd1n4KLAtXp/2LeMMYGrAx5olfj2QJt81Usp+nT19bqn+Pi
dyjEMtN5Hi1SysoaTMARJxBp6WNo/cYyIa5WPrKaaXDWuyYITxhMEX9d/QyDpdcU
KmBqnJOfSS9uBHuNLpwo0qhtNwgi8vTA8hssqA1EU5n7VpmTU4HrEijTto6mji8F
D5Zk8bM4N2JvXa0MP5HZyzKPh1F317skFQ9E5IEFXVRwJBLgbdR9BrPCvXjeULxd
kZFAUrRWPv0UdJnhjpiyhHw27ajmCXIq0Nw/o84+2nWg3pxRZgeS
-----END CERTIFICATE-----
Generated at Wed May 7 23:42:47 2025 by rpki-client