Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e3132332e3135382e302f32342d3234203d3e203239383032.roa
File: 3138352e3132332e3135382e302f32342d3234203d3e203239383032.roa (raw, json)
Hash identifier: TLiGnJOFD2b+z4uS2pKNa+Gc2aYGJ4ZFIaexiybn7wo=
Subject key identifier: E3:87:B9:4D:9D:3A:45:47:2E:0B:DE:76:53:57:9C:C8:7F:3F:F9:14
Certificate issuer: /CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Certificate serial: 3E0FCF19864380E3777E30B771B3192563A499E0
Authority key identifier: E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e3132332e3135382e302f32342d3234203d3e203239383032.roa
Signing time: Wed 04 Jun 2025 12:50:56 +0000
ROA not before: Wed 04 Jun 2025 12:45:56 +0000
ROA not after: Wed 03 Jun 2026 12:50:56 +0000
asID: 29802
IP address blocks: 185.123.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.mft
rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 19:15:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:0f:cf:19:86:43:80:e3:77:7e:30:b7:71:b3:19:25:63:a4:99:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Validity
Not Before: Jun 4 12:45:56 2025 GMT
Not After : Jun 3 12:50:56 2026 GMT
Subject: CN=E387B94D9D3A45472E0BDE7653579CC87F3FF914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:d3:08:d6:9b:18:8f:34:68:d1:37:68:fa:14:
cd:1f:ed:6a:06:a6:8e:93:e4:52:dc:8c:bb:87:76:
bc:cc:08:e2:d6:a7:26:08:af:13:38:6c:0f:93:fc:
2c:5f:a5:58:2a:19:06:39:bf:44:84:e1:15:4d:c7:
8c:17:39:a4:6d:ce:0b:c9:92:82:5e:ba:3b:71:bc:
dc:1c:03:ec:c9:cf:3b:fe:17:cb:f1:6b:79:fe:6f:
9d:03:05:c6:49:29:c8:7f:f7:21:a4:2a:02:40:ca:
7a:16:85:83:06:06:62:3a:7c:8a:31:54:df:a3:4f:
75:75:5a:0c:c4:25:60:15:2d:21:c2:26:62:72:d2:
07:9e:2f:6e:3d:51:d4:ed:1f:f6:9d:15:e8:91:af:
6e:25:4d:62:7b:45:ce:f7:90:ab:d4:a8:e4:00:fb:
d1:9a:ae:2a:c9:15:26:09:5a:de:73:30:52:ff:b5:
28:fb:27:f6:d9:df:73:80:df:cb:ef:1e:59:23:dd:
a6:bf:7d:f4:60:15:d3:53:b1:5f:ad:b6:35:85:b4:
f0:6f:89:f9:e1:f0:1a:09:51:8a:9f:ce:42:fb:78:
b5:56:4d:f4:76:de:c8:69:d4:40:24:e2:3c:69:5b:
e4:e1:fa:17:3f:df:12:9a:96:f2:06:ff:c3:b6:91:
1a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:87:B9:4D:9D:3A:45:47:2E:0B:DE:76:53:57:9C:C8:7F:3F:F9:14
X509v3 Authority Key Identifier:
keyid:E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e3132332e3135382e302f32342d3234203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.158.0/24
Signature Algorithm: sha256WithRSAEncryption
99:29:fb:ca:b0:59:18:90:b0:58:7a:ca:82:c7:92:3b:70:fe:
1e:22:38:a3:a2:fc:31:53:d3:97:86:dc:97:65:84:b6:ed:1a:
7e:cc:7b:f9:1f:fb:3f:67:ee:22:90:2f:fe:6b:1a:15:b6:48:
99:30:5c:74:68:4c:c0:e9:66:f9:55:2b:34:0e:a8:a0:3f:4b:
bf:9f:98:aa:5f:13:03:ee:06:a6:a4:23:4d:cf:8a:a4:ef:e1:
6f:19:82:43:0c:33:d6:92:53:f2:55:5c:e1:cc:d6:28:55:3d:
e4:8e:89:61:1a:8f:1b:f4:b0:6f:ba:3d:fe:bc:66:0a:b1:df:
4c:4e:f0:7c:8a:2d:d3:66:04:f9:5b:ae:70:80:1f:76:da:5c:
db:f5:0f:bf:95:f1:e8:ba:3b:be:a1:9b:46:dd:1f:d5:08:b9:
59:57:4b:a7:55:42:12:33:c5:69:c9:f1:f1:63:58:4a:70:62:
fa:ab:48:26:89:ae:45:94:84:2e:0b:85:fb:fe:4b:b0:b6:8d:
7c:4c:f4:6e:6f:88:bb:d0:2f:77:eb:7c:21:15:d4:ae:1f:e9:
b3:10:b9:dd:9c:2b:66:10:0b:ce:24:ed:35:03:22:25:cd:61:
77:8d:ca:74:1b:cb:62:e6:ba:34:0a:86:66:eb:aa:7d:9a:b5:
d3:ff:e4:eb
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUPg/PGYZDgON3fjC3cbMZJWOkmeAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTFmMzUxMmY1MWRjNDJiYjllYjEyYWJjMGJiNTI5NjY4
YjJlZGVlNDAeFw0yNTA2MDQxMjQ1NTZaFw0yNjA2MDMxMjUwNTZaMDMxMTAvBgNV
BAMTKEUzODdCOTREOUQzQTQ1NDcyRTBCREU3NjUzNTc5Q0M4N0YzRkY5MTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDs0wjWmxiPNGjRN2j6FM0f7WoG
po6T5FLcjLuHdrzMCOLWpyYIrxM4bA+T/CxfpVgqGQY5v0SE4RVNx4wXOaRtzgvJ
koJeujtxvNwcA+zJzzv+F8vxa3n+b50DBcZJKch/9yGkKgJAynoWhYMGBmI6fIox
VN+jT3V1WgzEJWAVLSHCJmJy0geeL249UdTtH/adFeiRr24lTWJ7Rc73kKvUqOQA
+9GarirJFSYJWt5zMFL/tSj7J/bZ33OA38vvHlkj3aa/ffRgFdNTsV+ttjWFtPBv
ifnh8BoJUYqfzkL7eLVWTfR23shp1EAk4jxpW+Th+hc/3xKalvIG/8O2kRpxAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU44e5TZ06RUcuC952U1ecyH8/+RQwHwYDVR0j
BBgwFoAU4fNRL1HcQruesSq8C7UpZosu3uQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgtZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3
OWE3LzAvRTFGMzUxMkY1MURDNDJCQjlFQjEyQUJDMEJCNTI5NjY4QjJFREVFNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRmTlJMMUhjUXJ1ZXNTcThDN1VwWm9z
dTN1US5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgt
ZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3OWE3LzAvMzEzODM1MmUzMTMyMzMyZTMx
MzUzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzkzODMwMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5e54wDQYJKoZIhvcNAQELBQADggEBAJkp+8qwWRiQsFh6yoLHkjtw/h4iOKOi
/DFT05eG3JdlhLbtGn7Me/kf+z9n7iKQL/5rGhW2SJkwXHRoTMDpZvlVKzQOqKA/
S7+fmKpfEwPuBqakI03PiqTv4W8ZgkMMM9aSU/JVXOHM1ihVPeSOiWEajxv0sG+6
Pf68Zgqx30xO8HyKLdNmBPlbrnCAH3baXNv1D7+V8ei6O76hm0bdH9UIuVlXS6dV
QhIzxWnJ8fFjWEpwYvqrSCaJrkWUhC4Lhfv+S7C2jXxM9G5viLvQL3frfCEV1K4f
6bMQud2cK2YQC84k7TUDIiXNYXeNynQby2LmujQKhmbrqn2atdP/5Os=
-----END CERTIFICATE-----
Generated at Tue Jul 1 10:15:31 2025 by rpki-client