Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3138352e3230382e302e302f32322d3232203d3e20333939383237.roa
File: 3138352e3230382e302e302f32322d3232203d3e20333939383237.roa (raw, json)
Hash identifier: 5ZpgdPTjMRNlbNUMvaL7GOmZyWDUR3GlGm4leQfcC80=
Subject key identifier: 0F:B0:BA:56:18:9C:27:C8:6A:75:90:E0:CB:B6:BC:29:8F:2E:9D:A1
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 528FC82BFAEBA538DF99188B8E7F05369015DB64
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3138352e3230382e302e302f32322d3232203d3e20333939383237.roa
Signing time: Tue 06 May 2025 06:35:53 +0000
ROA not before: Tue 06 May 2025 06:30:53 +0000
ROA not after: Tue 05 May 2026 06:35:53 +0000
asID: 399827
IP address blocks: 185.208.0.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 08 May 2025 16:19:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:8f:c8:2b:fa:eb:a5:38:df:99:18:8b:8e:7f:05:36:90:15:db:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 6 06:30:53 2025 GMT
Not After : May 5 06:35:53 2026 GMT
Subject: CN=0FB0BA56189C27C86A7590E0CBB6BC298F2E9DA1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:7a:e6:56:72:8f:26:07:19:c8:c8:80:bb:bc:
3c:6e:af:47:6d:0b:eb:a8:b4:2a:6e:43:c7:67:04:
a8:d0:bf:b1:01:cf:1b:a4:96:ff:95:d3:52:5e:d5:
61:c9:dc:e1:52:e4:ed:0b:fd:9c:92:3b:93:86:12:
27:de:f1:ee:f7:cb:a7:d5:18:00:9a:16:e2:94:60:
b8:47:ff:67:0f:ab:ab:12:31:96:5a:07:b2:a8:7d:
ef:27:6b:36:5c:27:6d:13:98:10:50:1f:6f:86:bb:
50:93:ec:2c:cf:c0:4e:39:ea:dd:32:64:5a:bf:1a:
9b:23:1e:6c:08:cb:79:ed:ec:ad:f6:49:e9:2b:8c:
11:37:e3:92:40:bd:63:11:98:06:93:60:7a:55:8a:
fe:16:fb:c2:97:1b:14:96:c4:7f:be:b0:d7:49:9a:
6b:c5:03:23:b7:0f:6e:6c:d5:39:8b:bb:64:4a:4f:
14:7e:ec:fc:7b:67:e6:24:7e:f3:6f:3e:31:a7:75:
53:5f:6f:73:b9:b4:72:73:59:96:31:0e:0f:20:58:
56:cf:c2:31:76:60:47:72:a7:67:40:71:b3:d8:57:
1f:18:8a:8e:fb:22:48:bb:6d:1b:a4:a1:54:6e:e0:
63:f3:5f:d1:d2:60:c6:df:24:98:2e:fc:bb:1b:74:
61:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:B0:BA:56:18:9C:27:C8:6A:75:90:E0:CB:B6:BC:29:8F:2E:9D:A1
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3138352e3230382e302e302f32322d3232203d3e20333939383237.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.0.0/22
Signature Algorithm: sha256WithRSAEncryption
cb:49:df:4d:3c:50:39:c0:2a:5d:01:1a:73:68:ea:79:33:3f:
b7:ce:56:6f:07:26:ee:f1:ba:8a:e2:cb:db:50:78:e9:c1:14:
d5:96:c9:4f:e8:6e:2f:c6:ec:aa:4d:04:7c:8a:34:e9:93:a1:
04:d6:3f:69:f2:33:3d:fd:e1:9d:6f:c5:3f:64:05:c8:48:fe:
38:7d:03:60:d5:0b:6c:6e:ec:0a:69:e7:0e:cc:d6:c8:b7:41:
12:bc:cb:1c:d1:4c:20:3c:1e:66:d7:02:c1:3d:ae:f2:0b:8b:
89:c5:49:f0:b9:04:3d:91:1f:c8:c1:e3:0b:fb:3a:d6:3e:ab:
60:4e:26:bb:03:6e:0e:55:cc:d2:34:d6:09:0e:7a:a3:80:78:
d2:7d:a6:ff:cb:35:fb:a7:00:de:c8:95:a6:35:64:5e:71:28:
40:45:74:3f:f7:8e:cc:53:69:2e:e1:2f:d9:de:40:22:d6:08:
7c:ac:39:60:88:1d:59:11:b5:f6:93:10:0e:ec:16:de:85:81:
df:f1:e5:53:51:08:8f:10:41:e8:81:28:d5:06:51:d1:63:53:
b5:86:40:f2:cf:66:ff:11:f9:33:b8:c6:0d:57:a5:7f:53:03:
ae:06:89:24:1e:77:5c:36:ea:09:7a:f9:ca:c3:7d:02:ba:f3:
eb:10:e6:75
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUUo/IK/rrpTjfmRiLjn8FNpAV22QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MDYwNjMwNTNaFw0yNjA1MDUwNjM1NTNaMDMxMTAvBgNV
BAMTKDBGQjBCQTU2MTg5QzI3Qzg2QTc1OTBFMENCQjZCQzI5OEYyRTlEQTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDheuZWco8mBxnIyIC7vDxur0dt
C+uotCpuQ8dnBKjQv7EBzxuklv+V01Je1WHJ3OFS5O0L/ZySO5OGEife8e73y6fV
GACaFuKUYLhH/2cPq6sSMZZaB7Kofe8nazZcJ20TmBBQH2+Gu1CT7CzPwE456t0y
ZFq/GpsjHmwIy3nt7K32SekrjBE345JAvWMRmAaTYHpViv4W+8KXGxSWxH++sNdJ
mmvFAyO3D25s1TmLu2RKTxR+7Px7Z+YkfvNvPjGndVNfb3O5tHJzWZYxDg8gWFbP
wjF2YEdyp2dAcbPYVx8Yio77Iki7bRukoVRu4GPzX9HSYMbfJJgu/LsbdGGpAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUD7C6VhicJ8hqdZDgy7a8KY8unaEwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzODM1MmUzMjMwMzgyZTMw
MmUzMDJmMzIzMjJkMzIzMjIwM2QzZTIwMzMzOTM5MzgzMjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
udAAMA0GCSqGSIb3DQEBCwUAA4IBAQDLSd9NPFA5wCpdARpzaOp5Mz+3zlZvBybu
8bqK4svbUHjpwRTVlslP6G4vxuyqTQR8ijTpk6EE1j9p8jM9/eGdb8U/ZAXISP44
fQNg1QtsbuwKaecOzNbIt0ESvMsc0UwgPB5m1wLBPa7yC4uJxUnwuQQ9kR/IweML
+zrWPqtgTia7A24OVczSNNYJDnqjgHjSfab/yzX7pwDeyJWmNWRecShARXQ/947M
U2ku4S/Z3kAi1gh8rDlgiB1ZEbX2kxAO7BbehYHf8eVTUQiPEEHogSjVBlHRY1O1
hkDyz2b/EfkzuMYNV6V/UwOuBokkHndcNuoJevnKw30CuvPrEOZ1
-----END CERTIFICATE-----
Generated at Thu May 8 09:15:53 2025 by rpki-client