Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3133302e36312e302f32342d3234203d3e20323732363936.roa
File: 3138352e3133302e36312e302f32342d3234203d3e20323732363936.roa (raw, json)
Hash identifier: nzc+7vTx0fxusJ8QBUU0nZ0s/13eeYO5i8RfnoHHUhc=
Subject key identifier: 6C:62:D6:AE:5D:E9:A4:E6:84:F7:1E:8E:5C:BE:E5:A7:26:6D:2F:61
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 2D6AC55310B0D6CF5F2A089D701CFA4CCF063D55
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3133302e36312e302f32342d3234203d3e20323732363936.roa
Signing time: Thu 26 Jun 2025 17:54:11 +0000
ROA not before: Thu 26 Jun 2025 17:49:11 +0000
ROA not after: Thu 25 Jun 2026 17:54:11 +0000
asID: 272696
IP address blocks: 185.130.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:6a:c5:53:10:b0:d6:cf:5f:2a:08:9d:70:1c:fa:4c:cf:06:3d:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Jun 26 17:49:11 2025 GMT
Not After : Jun 25 17:54:11 2026 GMT
Subject: CN=6C62D6AE5DE9A4E684F71E8E5CBEE5A7266D2F61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:45:52:3a:d3:b3:59:09:7e:c8:12:ef:a4:36:
45:d6:88:f4:6e:21:d1:f6:6f:cd:5c:88:4f:8e:a4:
66:cf:21:41:de:a0:02:8f:97:71:a8:f3:e8:87:30:
71:93:67:17:70:01:38:6a:06:7e:64:dc:db:9e:b8:
b4:85:a4:c5:13:fb:74:96:a2:b4:3b:98:3c:d0:ed:
27:d1:ea:56:60:dc:e4:27:30:32:6d:f6:c7:e9:dc:
73:6d:28:45:0b:f7:e4:f4:4c:81:cf:7b:13:1d:d1:
af:8b:b7:0f:b9:ad:93:11:8d:c3:76:93:4f:9e:9c:
84:8b:6b:b6:a5:d5:4e:20:a6:ed:68:1f:7f:c6:54:
e8:a9:89:f5:a2:50:a0:ed:02:b7:e2:b4:47:67:59:
0e:86:e1:5d:68:67:01:dc:84:b3:d0:b1:bd:b6:a1:
60:c4:60:17:b3:13:02:62:b1:45:01:95:c5:76:bc:
56:d5:d0:c8:b5:88:a3:68:47:19:1d:87:56:89:7f:
86:24:ce:5a:08:4d:4c:9c:6b:b1:c3:95:a5:1f:71:
b5:40:24:22:1b:9d:4f:7a:84:bd:94:cb:3d:16:18:
7c:c8:12:60:48:fa:3a:e8:62:14:c8:c0:e3:25:bf:
e4:3d:de:6a:48:94:fb:58:c8:d0:0a:42:41:b1:09:
24:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:62:D6:AE:5D:E9:A4:E6:84:F7:1E:8E:5C:BE:E5:A7:26:6D:2F:61
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3133302e36312e302f32342d3234203d3e20323732363936.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.130.61.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:72:bf:a9:10:64:33:ac:45:2b:fd:22:90:8f:cb:88:ec:d2:
0e:89:74:0f:82:91:c6:be:f4:76:99:9a:1f:b2:04:d4:25:17:
a6:42:a9:99:a9:04:ba:b2:fa:85:d4:42:3f:65:dc:bc:e1:28:
82:69:35:8d:29:83:22:90:40:84:ac:ce:5b:6b:53:30:10:52:
b5:19:ee:ac:bc:ad:e1:63:48:24:e4:67:d5:32:d3:53:55:0d:
db:f9:55:16:c8:b7:28:bc:97:c9:ad:75:da:46:7e:1c:ee:b7:
f7:ec:cd:41:37:ca:42:88:66:f9:03:3f:a2:57:94:e2:0a:56:
40:01:8b:2f:70:17:44:3a:00:9d:f9:57:1c:56:32:eb:05:85:
60:40:bc:86:31:87:b8:f5:4e:24:ce:98:20:2b:a6:89:9f:61:
c6:a4:ec:07:4b:4a:16:23:36:14:d2:34:d4:e0:81:2a:27:76:
9a:ed:10:08:6a:2b:59:67:20:cc:13:34:58:f4:39:f9:6c:ff:
f3:fb:6c:f5:b4:ed:91:62:8f:88:34:65:93:30:42:25:cc:c8:
cf:23:1e:f6:0e:d5:00:db:aa:23:90:f1:a0:09:c6:5f:04:bb:
42:b6:73:6b:89:35:66:4c:e4:f3:7e:d8:e7:51:32:0d:30:d0:
1f:4b:2c:a1
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIULWrFUxCw1s9fKgidcBz6TM8GPVUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNTA2MjYxNzQ5MTFaFw0yNjA2MjUxNzU0MTFaMDMxMTAvBgNV
BAMTKDZDNjJENkFFNURFOUE0RTY4NEY3MUU4RTVDQkVFNUE3MjY2RDJGNjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0RVI607NZCX7IEu+kNkXWiPRu
IdH2b81ciE+OpGbPIUHeoAKPl3Go8+iHMHGTZxdwAThqBn5k3NueuLSFpMUT+3SW
orQ7mDzQ7SfR6lZg3OQnMDJt9sfp3HNtKEUL9+T0TIHPexMd0a+Ltw+5rZMRjcN2
k0+enISLa7al1U4gpu1oH3/GVOipifWiUKDtArfitEdnWQ6G4V1oZwHchLPQsb22
oWDEYBezEwJisUUBlcV2vFbV0Mi1iKNoRxkdh1aJf4YkzloITUyca7HDlaUfcbVA
JCIbnU96hL2Uyz0WGHzIEmBI+jroYhTIwOMlv+Q93mpIlPtYyNAKQkGxCSShAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUbGLWrl3ppOaE9x6OXL7lpyZtL2EwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMTMzMzAyZTM2
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM3MzIzNjM5MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5gj0wDQYJKoZIhvcNAQELBQADggEBAGtyv6kQZDOsRSv9IpCPy4js0g6JdA+C
kca+9HaZmh+yBNQlF6ZCqZmpBLqy+oXUQj9l3LzhKIJpNY0pgyKQQISszltrUzAQ
UrUZ7qy8reFjSCTkZ9Uy01NVDdv5VRbItyi8l8mtddpGfhzut/fszUE3ykKIZvkD
P6JXlOIKVkABiy9wF0Q6AJ35VxxWMusFhWBAvIYxh7j1TiTOmCArpomfYcak7AdL
ShYjNhTSNNTggSondprtEAhqK1lnIMwTNFj0Ofls//P7bPW07ZFij4g0ZZMwQiXM
yM8jHvYO1QDbqiOQ8aAJxl8Eu0K2c2uJNWZM5PN+2OdRMg0w0B9LLKE=
-----END CERTIFICATE-----
Generated at Sun Jun 29 06:22:40 2025 by rpki-client