Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e3132332e3135392e302f32342d3234203d3e20333936333536.roa
File: 3138352e3132332e3135392e302f32342d3234203d3e20333936333536.roa (raw, json)
Hash identifier: 8ymSE6/IZ4mS3/jdg4jdCuqPIOO7MFcCnM1/lcLJutM=
Subject key identifier: 2B:4F:58:59:49:B8:AD:CF:AC:56:E5:F6:B2:F1:EA:BF:73:AE:4C:0C
Certificate issuer: /CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Certificate serial: 32399F80408997D8DD83FC70A9F05DDB18D01844
Authority key identifier: E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e3132332e3135392e302f32342d3234203d3e20333936333536.roa
Signing time: Fri 27 Jun 2025 16:43:22 +0000
ROA not before: Fri 27 Jun 2025 16:38:22 +0000
ROA not after: Fri 26 Jun 2026 16:43:22 +0000
asID: 396356
IP address blocks: 185.123.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.mft
rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 19:15:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:39:9f:80:40:89:97:d8:dd:83:fc:70:a9:f0:5d:db:18:d0:18:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Validity
Not Before: Jun 27 16:38:22 2025 GMT
Not After : Jun 26 16:43:22 2026 GMT
Subject: CN=2B4F585949B8ADCFAC56E5F6B2F1EABF73AE4C0C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:cf:7e:99:39:c4:75:79:43:80:ea:0b:42:cd:
45:19:23:e1:bf:21:75:20:28:7b:13:dc:b6:3d:90:
9f:fa:90:a0:17:0f:b6:7d:39:32:2a:ac:e4:9a:c3:
b6:1b:8d:9e:50:c4:bc:14:3a:f8:0f:d4:64:56:54:
78:57:2c:ad:38:f6:e0:d8:1c:6f:b1:5c:42:4b:6f:
2a:45:4a:5b:66:e2:d9:35:04:44:ba:b4:07:3f:95:
dc:75:bb:62:8a:8d:0f:0a:62:84:45:c1:8c:6d:25:
92:50:f3:50:80:fb:b7:9b:c5:d9:c9:5d:be:03:19:
04:38:fc:99:5a:a9:ac:73:9c:b8:2e:c5:16:95:d8:
54:d9:69:01:77:38:9a:1f:60:57:d2:b6:e2:4b:54:
5f:f7:e7:8e:74:61:c9:9c:62:7f:d8:29:00:d9:0a:
48:b1:34:cc:d3:90:da:2e:93:8c:04:a5:35:bc:f5:
c9:ba:8a:c6:c7:d2:ac:4c:70:cb:89:b9:80:45:90:
4a:65:f3:9c:5d:fb:1b:2c:50:3a:d6:2b:c9:cc:de:
4f:19:65:af:45:1e:30:4c:b2:ce:20:cf:0c:25:a1:
7c:ca:13:47:d3:d8:22:7f:95:db:bf:3f:2a:c5:5a:
e0:52:3a:71:8b:cf:2f:ec:08:4d:55:ea:9d:24:32:
08:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:4F:58:59:49:B8:AD:CF:AC:56:E5:F6:B2:F1:EA:BF:73:AE:4C:0C
X509v3 Authority Key Identifier:
keyid:E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e3132332e3135392e302f32342d3234203d3e20333936333536.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.159.0/24
Signature Algorithm: sha256WithRSAEncryption
16:8d:79:46:b1:dc:ca:fb:fa:c0:c8:fe:80:6c:73:9b:c6:39:
ee:b8:d5:77:8f:44:3d:95:fd:e7:b6:6b:98:ce:ac:9f:70:2b:
dc:6b:f8:c8:c2:04:8c:51:ab:41:f7:8a:16:70:f2:78:32:54:
c9:b7:4a:81:bc:ea:62:59:4e:af:6c:5a:9b:df:cc:44:3d:41:
19:2a:8c:5e:d8:88:50:4f:54:36:66:38:69:bd:30:4e:3a:6c:
87:28:94:69:e6:6a:08:33:e6:9f:d0:27:82:ea:c6:55:34:03:
de:02:4e:d1:fd:a2:4a:59:50:69:e6:cd:aa:94:f2:a8:11:53:
bf:fe:9c:b9:d9:c8:85:fb:8d:81:b2:33:19:b3:1c:e1:54:a6:
52:a4:b1:28:79:9b:52:4d:d4:01:ac:95:20:b0:39:a2:8a:a2:
05:84:ed:20:a6:47:08:6d:60:f3:98:23:fa:52:ba:53:a0:6e:
b0:14:a6:33:88:14:8e:8f:23:99:95:91:4c:89:72:58:23:f2:
df:f1:45:f0:36:6b:5f:42:46:db:42:52:42:c0:9d:b9:99:dd:
a9:da:38:21:1f:4b:87:09:d3:78:d8:5d:3d:02:69:f3:b0:5c:
e6:44:4f:09:3c:7f:3e:a9:2e:2f:32:6c:1c:ed:bd:a2:b9:34:
36:c1:dd:59
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUMjmfgECJl9jdg/xwqfBd2xjQGEQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTFmMzUxMmY1MWRjNDJiYjllYjEyYWJjMGJiNTI5NjY4
YjJlZGVlNDAeFw0yNTA2MjcxNjM4MjJaFw0yNjA2MjYxNjQzMjJaMDMxMTAvBgNV
BAMTKDJCNEY1ODU5NDlCOEFEQ0ZBQzU2RTVGNkIyRjFFQUJGNzNBRTRDMEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTz36ZOcR1eUOA6gtCzUUZI+G/
IXUgKHsT3LY9kJ/6kKAXD7Z9OTIqrOSaw7YbjZ5QxLwUOvgP1GRWVHhXLK049uDY
HG+xXEJLbypFSltm4tk1BES6tAc/ldx1u2KKjQ8KYoRFwYxtJZJQ81CA+7ebxdnJ
Xb4DGQQ4/JlaqaxznLguxRaV2FTZaQF3OJofYFfStuJLVF/35450YcmcYn/YKQDZ
CkixNMzTkNouk4wEpTW89cm6isbH0qxMcMuJuYBFkEpl85xd+xssUDrWK8nM3k8Z
Za9FHjBMss4gzwwloXzKE0fT2CJ/ldu/PyrFWuBSOnGLzy/sCE1V6p0kMgghAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUK09YWUm4rc+sVuX2svHqv3OuTAwwHwYDVR0j
BBgwFoAU4fNRL1HcQruesSq8C7UpZosu3uQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgtZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3
OWE3LzAvRTFGMzUxMkY1MURDNDJCQjlFQjEyQUJDMEJCNTI5NjY4QjJFREVFNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRmTlJMMUhjUXJ1ZXNTcThDN1VwWm9z
dTN1US5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgt
ZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3OWE3LzAvMzEzODM1MmUzMTMyMzMyZTMx
MzUzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzkzNjMzMzUzNi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALl7nzANBgkqhkiG9w0BAQsFAAOCAQEAFo15RrHcyvv6wMj+gGxzm8Y57rjV
d49EPZX957ZrmM6sn3Ar3Gv4yMIEjFGrQfeKFnDyeDJUybdKgbzqYllOr2xam9/M
RD1BGSqMXtiIUE9UNmY4ab0wTjpshyiUaeZqCDPmn9AngurGVTQD3gJO0f2iSllQ
aebNqpTyqBFTv/6cudnIhfuNgbIzGbMc4VSmUqSxKHmbUk3UAayVILA5ooqiBYTt
IKZHCG1g85gj+lK6U6BusBSmM4gUjo8jmZWRTIlyWCPy3/FF8DZrX0JG20JSQsCd
uZndqdo4IR9LhwnTeNhdPQJp87Bc5kRPCTx/PqkuLzJsHO29ork0NsHdWQ==
-----END CERTIFICATE-----
Generated at Tue Jul 1 04:52:29 2025 by rpki-client