Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139342e33342e3235342e302f32342d3234203d3e20313532363732.roa
File: 3139342e33342e3235342e302f32342d3234203d3e20313532363732.roa (raw, json)
Hash identifier: hKPfS0qlA4vPTLhw9nwXVGJzFe2/vcx6+01rQ/Eesqo=
Subject key identifier: 28:01:27:D4:34:93:59:39:B3:B5:44:FE:E6:5C:F2:E0:BE:76:19:B0
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 4B49D32838B2360F1596A1FAC33048C0A6226944
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139342e33342e3235342e302f32342d3234203d3e20313532363732.roa
Signing time: Sun 29 Jun 2025 17:18:05 +0000
ROA not before: Sun 29 Jun 2025 17:13:05 +0000
ROA not after: Sun 28 Jun 2026 17:18:05 +0000
asID: 152672
IP address blocks: 194.34.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 00:29:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:49:d3:28:38:b2:36:0f:15:96:a1:fa:c3:30:48:c0:a6:22:69:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Jun 29 17:13:05 2025 GMT
Not After : Jun 28 17:18:05 2026 GMT
Subject: CN=280127D434935939B3B544FEE65CF2E0BE7619B0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:5d:50:1a:5f:f3:69:12:d9:e3:49:d7:45:f7:
e7:9e:f2:56:fd:72:e9:a3:cb:6f:56:a7:c5:21:92:
2e:54:16:d7:d6:23:2d:12:35:bf:a8:bb:ed:1b:e6:
64:61:04:d0:50:f4:ad:18:a1:b0:da:ea:04:8c:c0:
b8:86:64:3e:d9:1f:59:68:46:c6:8f:e7:44:bf:9d:
ef:27:20:2e:8a:3f:aa:b4:6a:f0:cc:62:2e:1e:41:
c5:1a:61:5b:c8:6a:39:42:51:63:a7:e4:be:ad:5b:
eb:69:e6:b0:11:1f:e7:a8:60:82:62:80:bb:ec:fa:
4a:b9:13:c8:6b:d0:f9:b3:46:42:bf:3e:d3:bd:ff:
08:95:a8:51:1e:6f:6d:7d:fe:c0:a3:92:e6:e4:86:
3a:75:94:bf:f0:fd:fb:82:7a:89:cc:76:2a:ca:99:
f3:86:12:18:92:54:4e:46:b8:f5:c0:bf:77:38:fc:
3f:56:16:4c:ad:6f:21:f5:b6:e8:d2:cf:18:0c:24:
8e:5a:5c:3e:9a:3b:19:c5:fd:1c:09:8c:de:80:b8:
85:2e:29:76:88:41:1a:dd:57:ec:3e:15:2d:4b:06:
40:9f:ce:98:f9:9d:7c:f7:3b:c1:88:e0:93:dc:2c:
57:b3:db:fd:1e:c7:8e:0d:06:1d:ce:00:8c:2b:39:
47:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:01:27:D4:34:93:59:39:B3:B5:44:FE:E6:5C:F2:E0:BE:76:19:B0
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139342e33342e3235342e302f32342d3234203d3e20313532363732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.34.254.0/24
Signature Algorithm: sha256WithRSAEncryption
08:8a:3b:31:45:c6:0c:d5:83:52:8c:14:49:ea:5b:f9:ce:5c:
db:6b:f5:12:8a:d3:40:a3:80:e1:ed:d8:50:bd:05:3a:e4:28:
3e:87:bc:a4:54:11:08:29:9d:bb:6f:ea:f5:74:f5:7a:d3:b6:
5a:bf:72:d5:66:3c:9e:13:81:f7:d6:66:d7:f4:67:09:bb:5e:
8e:5b:2b:0d:ca:19:d5:ab:28:0d:e8:1c:68:d3:d0:cf:8f:46:
43:61:2a:3e:ba:3f:dc:97:1f:af:c0:fe:dd:b0:1c:5e:07:e3:
d9:a2:55:bd:75:9f:5d:90:1b:03:15:f1:a4:bc:26:df:be:8e:
c5:b4:21:3f:09:0b:cb:54:7e:9b:d9:3e:66:2c:5d:93:74:a4:
0f:b4:ce:d4:fe:a7:b2:2a:02:31:32:de:19:fb:8d:27:59:64:
d5:ae:11:dc:e9:53:e6:a5:e5:32:b9:f0:c7:95:18:bb:36:78:
59:9b:ab:57:fa:88:55:67:cf:95:67:8d:86:6e:68:ba:bf:eb:
ef:72:3c:7c:bc:8f:9a:11:31:90:16:cb:dd:d3:08:15:f0:26:
66:44:68:0a:b8:6f:cc:03:ca:b6:1f:e7:77:ab:39:9b:cc:78:
5c:d7:cc:b1:6e:ce:83:ee:58:65:c7:ee:1c:3f:43:5d:d8:c0:
11:33:b6:0a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUS0nTKDiyNg8VlqH6wzBIwKYiaUQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNTA2MjkxNzEzMDVaFw0yNjA2MjgxNzE4MDVaMDMxMTAvBgNV
BAMTKDI4MDEyN0Q0MzQ5MzU5MzlCM0I1NDRGRUU2NUNGMkUwQkU3NjE5QjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTXVAaX/NpEtnjSddF9+ee8lb9
cumjy29Wp8Uhki5UFtfWIy0SNb+ou+0b5mRhBNBQ9K0YobDa6gSMwLiGZD7ZH1lo
RsaP50S/ne8nIC6KP6q0avDMYi4eQcUaYVvIajlCUWOn5L6tW+tp5rARH+eoYIJi
gLvs+kq5E8hr0PmzRkK/PtO9/wiVqFEeb219/sCjkubkhjp1lL/w/fuCeonMdirK
mfOGEhiSVE5GuPXAv3c4/D9WFkytbyH1tujSzxgMJI5aXD6aOxnF/RwJjN6AuIUu
KXaIQRrdV+w+FS1LBkCfzpj5nXz3O8GI4JPcLFez2/0ex44NBh3OAIwrOUdVAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUKAEn1DSTWTmztUT+5lzy4L52GbAwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzOTM0MmUzMzM0MmUzMjM1
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM1MzIzNjM3MzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCIv4wDQYJKoZIhvcNAQELBQADggEBAAiKOzFFxgzVg1KMFEnqW/nOXNtr9RKK
00CjgOHt2FC9BTrkKD6HvKRUEQgpnbtv6vV09XrTtlq/ctVmPJ4TgffWZtf0Zwm7
Xo5bKw3KGdWrKA3oHGjT0M+PRkNhKj66P9yXH6/A/t2wHF4H49miVb11n12QGwMV
8aS8Jt++jsW0IT8JC8tUfpvZPmYsXZN0pA+0ztT+p7IqAjEy3hn7jSdZZNWuEdzp
U+al5TK58MeVGLs2eFmbq1f6iFVnz5VnjYZuaLq/6+9yPHy8j5oRMZAWy93TCBXw
JmZEaAq4b8wDyrYf53erOZvMeFzXzLFuzoPuWGXH7hw/Q13YwBEztgo=
-----END CERTIFICATE-----
Generated at Thu Jul 24 11:53:23 2025 by rpki-client