Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e3233342e3130302e302f32342d3234203d3e203335363631.roa
File: 3138352e3233342e3130302e302f32342d3234203d3e203335363631.roa (raw, json)
Hash identifier: 7IoW8V7sYCxYnK3GpV+L+iywqaWF/MSER2M0Aaj+ktk=
Subject key identifier: 9D:74:55:04:62:E7:AC:65:96:2B:B0:3B:A5:9A:FA:13:3D:07:9D:2D
Certificate issuer: /CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Certificate serial: 0E25A6D5C7FC67EBC1AFB5E6E21F745927BDCDEE
Authority key identifier: E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e3233342e3130302e302f32342d3234203d3e203335363631.roa
Signing time: Sun 15 Jun 2025 17:53:59 +0000
ROA not before: Sun 15 Jun 2025 17:48:59 +0000
ROA not after: Sun 14 Jun 2026 17:53:59 +0000
asID: 35661
IP address blocks: 185.234.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.mft
rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 19:15:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:25:a6:d5:c7:fc:67:eb:c1:af:b5:e6:e2:1f:74:59:27:bd:cd:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Validity
Not Before: Jun 15 17:48:59 2025 GMT
Not After : Jun 14 17:53:59 2026 GMT
Subject: CN=9D74550462E7AC65962BB03BA59AFA133D079D2D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:0b:cf:d0:f0:3e:79:86:9e:98:09:5b:48:be:
4e:d4:84:24:5c:65:85:da:f2:24:dc:97:a9:6b:97:
3c:7f:9b:6c:19:a0:a4:da:3f:97:cc:4f:85:6f:f4:
89:04:ee:e7:6e:44:78:57:ba:30:e8:32:9d:4a:f6:
26:4e:9f:e0:8f:1e:62:55:ba:2f:9c:09:75:5e:e0:
8f:3b:52:a5:55:ba:ca:dd:0a:c8:87:29:0f:82:dd:
3c:35:98:5a:0f:92:e1:ad:26:b2:3d:f8:94:0e:8e:
69:fb:ce:01:b9:78:2d:a1:5d:80:06:37:d6:f3:ed:
9e:5a:7b:82:d8:a2:5d:d4:27:ef:9b:e6:55:18:73:
9f:4d:c0:79:08:b6:82:3d:e5:1a:fc:8a:2b:f0:ac:
d7:7d:04:ef:b6:e5:5b:91:28:21:ba:74:92:4f:15:
45:da:81:d9:bd:6e:2e:f8:07:7e:25:bb:8f:e5:85:
6e:5e:94:6b:3f:cb:41:ca:38:10:d8:4d:fe:43:67:
2c:c5:5d:79:0b:50:67:80:a6:e1:59:64:46:fb:2c:
33:b3:12:9d:ed:e8:93:c9:50:7a:1f:64:80:e0:e4:
28:e4:e4:aa:e9:b1:76:71:0f:b5:e2:81:88:81:7f:
b1:4e:aa:7d:02:08:22:14:92:05:db:ee:1d:de:4a:
5c:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:74:55:04:62:E7:AC:65:96:2B:B0:3B:A5:9A:FA:13:3D:07:9D:2D
X509v3 Authority Key Identifier:
keyid:E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e3233342e3130302e302f32342d3234203d3e203335363631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.100.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:79:ea:0b:ac:b9:77:7e:96:42:74:4d:32:1e:4c:32:6c:75:
59:8b:14:10:26:18:47:9d:c2:b7:8a:cc:d4:93:fb:20:f2:27:
50:86:58:93:53:55:97:46:4a:b2:d3:40:71:74:c6:2a:1f:32:
c4:c8:47:d5:38:3d:fd:5e:e2:92:f4:0a:2d:47:63:7a:f9:15:
03:a2:6b:20:ac:9c:63:48:e5:98:e8:f1:70:77:99:30:92:15:
30:3a:78:93:98:14:6d:8b:be:58:7d:8e:dc:0b:a0:76:10:d0:
e1:b4:1f:17:76:8a:d2:38:23:c3:d9:7b:9f:d1:a3:e4:84:9a:
7b:2c:e2:1f:9e:d5:8a:af:89:5e:1b:fe:58:d5:11:fa:df:bb:
6a:2a:48:4b:12:79:49:d5:af:9f:60:eb:22:bb:62:45:80:67:
00:42:fd:8f:e6:f4:68:6b:2b:20:37:f0:19:d4:9d:48:ca:89:
4e:20:84:17:12:72:be:59:94:57:80:9a:73:09:6d:a5:03:11:
81:35:c3:9a:d1:c8:63:c2:a0:cf:fe:d0:df:90:cf:ce:68:41:
62:6f:d9:04:4c:86:57:2e:d6:9c:d4:ad:12:38:a1:65:bd:f2:
5e:a0:99:3f:ec:dc:f7:61:00:7a:5f:6e:f8:63:2d:ed:29:f0:
c5:51:54:8a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUDiWm1cf8Z+vBr7Xm4h90WSe9ze4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTFmMzUxMmY1MWRjNDJiYjllYjEyYWJjMGJiNTI5NjY4
YjJlZGVlNDAeFw0yNTA2MTUxNzQ4NTlaFw0yNjA2MTQxNzUzNTlaMDMxMTAvBgNV
BAMTKDlENzQ1NTA0NjJFN0FDNjU5NjJCQjAzQkE1OUFGQTEzM0QwNzlEMkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJC8/Q8D55hp6YCVtIvk7UhCRc
ZYXa8iTcl6lrlzx/m2wZoKTaP5fMT4Vv9IkE7uduRHhXujDoMp1K9iZOn+CPHmJV
ui+cCXVe4I87UqVVusrdCsiHKQ+C3Tw1mFoPkuGtJrI9+JQOjmn7zgG5eC2hXYAG
N9bz7Z5ae4LYol3UJ++b5lUYc59NwHkItoI95Rr8iivwrNd9BO+25VuRKCG6dJJP
FUXagdm9bi74B34lu4/lhW5elGs/y0HKOBDYTf5DZyzFXXkLUGeApuFZZEb7LDOz
Ep3t6JPJUHofZIDg5Cjk5KrpsXZxD7XigYiBf7FOqn0CCCIUkgXb7h3eSlzjAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUnXRVBGLnrGWWK7A7pZr6Ez0HnS0wHwYDVR0j
BBgwFoAU4fNRL1HcQruesSq8C7UpZosu3uQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgtZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3
OWE3LzAvRTFGMzUxMkY1MURDNDJCQjlFQjEyQUJDMEJCNTI5NjY4QjJFREVFNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRmTlJMMUhjUXJ1ZXNTcThDN1VwWm9z
dTN1US5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgt
ZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3OWE3LzAvMzEzODM1MmUzMjMzMzQyZTMx
MzAzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzUzNjM2MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC56mQwDQYJKoZIhvcNAQELBQADggEBAA556gusuXd+lkJ0TTIeTDJsdVmLFBAm
GEedwreKzNST+yDyJ1CGWJNTVZdGSrLTQHF0xiofMsTIR9U4Pf1e4pL0Ci1HY3r5
FQOiayCsnGNI5Zjo8XB3mTCSFTA6eJOYFG2Lvlh9jtwLoHYQ0OG0Hxd2itI4I8PZ
e5/Ro+SEmnss4h+e1YqviV4b/ljVEfrfu2oqSEsSeUnVr59g6yK7YkWAZwBC/Y/m
9GhrKyA38BnUnUjKiU4ghBcScr5ZlFeAmnMJbaUDEYE1w5rRyGPCoM/+0N+Qz85o
QWJv2QRMhlcu1pzUrRI4oWW98l6gmT/s3PdhAHpfbvhjLe0p8MVRVIo=
-----END CERTIFICATE-----
Generated at Tue Jul 1 09:11:34 2025 by rpki-client