Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e3136322e3137362e302f32342d3234203d3e20323132323338.roa
File: 3138352e3136322e3137362e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: KKgUX7UrPK07V45d9yIwm+AF5zJ77+qIYcXvaThx0hI=
Subject key identifier: D8:3A:52:B2:55:6F:1B:37:A9:73:C7:F1:05:95:5F:E4:3A:1A:EB:D0
Certificate issuer: /CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Certificate serial: 0E9B7080610D5077F36DEA761F290C9B1F1D8417
Authority key identifier: E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e3136322e3137362e302f32342d3234203d3e20323132323338.roa
Signing time: Mon 16 Jun 2025 13:53:13 +0000
ROA not before: Mon 16 Jun 2025 13:48:13 +0000
ROA not after: Mon 15 Jun 2026 13:53:13 +0000
asID: 212238
IP address blocks: 185.162.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.mft
rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:9b:70:80:61:0d:50:77:f3:6d:ea:76:1f:29:0c:9b:1f:1d:84:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Validity
Not Before: Jun 16 13:48:13 2025 GMT
Not After : Jun 15 13:53:13 2026 GMT
Subject: CN=D83A52B2556F1B37A973C7F105955FE43A1AEBD0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:cb:f9:15:5f:eb:a1:a5:91:a4:d3:7c:b4:fe:
22:58:79:e4:47:df:dc:e6:d4:ba:cb:01:3c:9a:e9:
70:f9:da:0a:b4:b1:85:f0:3a:bf:0e:11:6b:65:b2:
66:54:c2:b9:12:df:b6:2b:a0:a1:8c:20:53:4f:55:
9a:9a:c2:3f:ba:3d:c0:25:e4:ca:e9:a2:80:4e:a3:
ca:ed:7f:ec:7b:3c:a5:29:e5:03:e9:65:32:70:cf:
65:e0:9c:ea:f9:ad:0d:ba:05:3a:0c:ec:17:12:2a:
da:36:39:4a:95:13:83:38:9f:ee:a0:31:4a:34:0b:
39:2b:23:91:e6:50:47:73:78:6a:e8:8e:b2:94:6f:
2b:51:b5:b3:26:95:2b:02:2a:1e:98:32:b2:c7:45:
ac:02:22:f5:c1:ae:23:0b:90:5a:4d:89:4e:e6:ed:
44:75:54:09:15:87:bf:33:4d:69:f6:f5:1d:da:7c:
ba:eb:7e:0f:58:bb:11:73:7f:d2:8e:c3:84:e1:79:
df:96:29:62:c1:40:a1:e2:3b:25:d0:3f:22:e6:0d:
90:14:ad:50:dc:b2:61:39:f8:26:64:1b:61:c7:f6:
f9:f3:66:9b:76:56:5a:6a:ba:63:9e:12:7c:b1:c8:
b6:41:10:e4:cf:6e:51:68:49:0c:a3:d1:3c:cc:38:
11:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:3A:52:B2:55:6F:1B:37:A9:73:C7:F1:05:95:5F:E4:3A:1A:EB:D0
X509v3 Authority Key Identifier:
keyid:E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e3136322e3137362e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.162.176.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:46:6a:61:2c:ba:d1:b0:4d:0b:cb:7c:8d:bb:6e:ff:48:6b:
d1:f6:9e:d9:22:ab:b7:05:f0:e6:75:b2:60:7a:02:dd:5e:12:
b5:21:c8:dc:6d:31:3a:c9:e5:34:26:c3:9a:d0:bf:bd:ec:f8:
0b:75:2c:05:c5:33:a3:05:90:8c:72:b8:08:8f:85:07:39:6f:
3f:ec:f7:22:7d:a5:db:71:88:d8:3b:75:5e:de:73:c1:f9:94:
e6:35:79:e3:39:89:ca:52:2c:c9:b1:e5:ee:78:d3:0f:e1:0c:
10:96:bf:82:f7:39:b1:a4:ed:fe:f4:7c:5d:a6:1e:f3:c7:df:
d7:2f:55:03:0e:c1:36:d0:ea:8b:3f:18:ef:ba:01:09:e8:3f:
06:a8:a1:49:a3:0c:7d:9f:9d:85:a5:e1:d9:dc:6f:b1:60:e5:
fb:91:bf:de:e4:94:5f:7f:a5:d3:e2:f2:dc:fa:d7:d8:6f:bd:
c4:8c:46:48:97:3c:47:d5:85:50:84:53:a9:65:a4:21:4d:5f:
6c:a0:f4:db:43:95:36:ef:8e:73:c8:13:7c:79:33:6b:85:e5:
ce:cc:cb:45:33:55:92:60:fe:72:4e:96:e4:98:2b:f5:63:fd:
e9:d0:6c:ca:67:20:7b:5c:e4:cf:4c:cf:59:85:e3:90:e6:8b:
3f:f0:80:84
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUDptwgGENUHfzbep2HykMmx8dhBcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTFmMzUxMmY1MWRjNDJiYjllYjEyYWJjMGJiNTI5NjY4
YjJlZGVlNDAeFw0yNTA2MTYxMzQ4MTNaFw0yNjA2MTUxMzUzMTNaMDMxMTAvBgNV
BAMTKEQ4M0E1MkIyNTU2RjFCMzdBOTczQzdGMTA1OTU1RkU0M0ExQUVCRDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCty/kVX+uhpZGk03y0/iJYeeRH
39zm1LrLATya6XD52gq0sYXwOr8OEWtlsmZUwrkS37YroKGMIFNPVZqawj+6PcAl
5MrpooBOo8rtf+x7PKUp5QPpZTJwz2XgnOr5rQ26BToM7BcSKto2OUqVE4M4n+6g
MUo0CzkrI5HmUEdzeGrojrKUbytRtbMmlSsCKh6YMrLHRawCIvXBriMLkFpNiU7m
7UR1VAkVh78zTWn29R3afLrrfg9YuxFzf9KOw4Thed+WKWLBQKHiOyXQPyLmDZAU
rVDcsmE5+CZkG2HH9vnzZpt2VlpqumOeEnyxyLZBEOTPblFoSQyj0TzMOBEfAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU2DpSslVvGzepc8fxBZVf5Doa69AwHwYDVR0j
BBgwFoAU4fNRL1HcQruesSq8C7UpZosu3uQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgtZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3
OWE3LzAvRTFGMzUxMkY1MURDNDJCQjlFQjEyQUJDMEJCNTI5NjY4QjJFREVFNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRmTlJMMUhjUXJ1ZXNTcThDN1VwWm9z
dTN1US5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgt
ZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3OWE3LzAvMzEzODM1MmUzMTM2MzIyZTMx
MzczNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMyMzMzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALmisDANBgkqhkiG9w0BAQsFAAOCAQEAH0ZqYSy60bBNC8t8jbtu/0hr0fae
2SKrtwXw5nWyYHoC3V4StSHI3G0xOsnlNCbDmtC/vez4C3UsBcUzowWQjHK4CI+F
BzlvP+z3In2l23GI2Dt1Xt5zwfmU5jV54zmJylIsybHl7njTD+EMEJa/gvc5saTt
/vR8XaYe88ff1y9VAw7BNtDqiz8Y77oBCeg/BqihSaMMfZ+dhaXh2dxvsWDl+5G/
3uSUX3+l0+Ly3PrX2G+9xIxGSJc8R9WFUIRTqWWkIU1fbKD020OVNu+Oc8gTfHkz
a4XlzszLRTNVkmD+ck6W5Jgr9WP96dBsymcge1zkz0zPWYXjkOaLP/CAhA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 09:29:57 2025 by rpki-client