Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3134362e31392e3136372e302f32342d3234203d3e20313432313131.roa
File: 3134362e31392e3136372e302f32342d3234203d3e20313432313131.roa (raw, json)
Hash identifier: 1cwuvx0f/bXZ/DwexRmaaQu0tTmkULuIbOfrQVnX4ao=
Subject key identifier: 0E:E6:BD:17:20:4A:CC:05:9E:1F:16:63:BB:C7:BC:E8:DE:C6:F5:A8
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 63D08BF8FFA9318A9EC904A675A0DFA88DBED877
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3134362e31392e3136372e302f32342d3234203d3e20313432313131.roa
Signing time: Mon 30 Jun 2025 21:08:29 +0000
ROA not before: Mon 30 Jun 2025 21:03:29 +0000
ROA not after: Mon 29 Jun 2026 21:08:29 +0000
asID: 142111
IP address blocks: 146.19.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 31 Jul 2025 08:06:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:d0:8b:f8:ff:a9:31:8a:9e:c9:04:a6:75:a0:df:a8:8d:be:d8:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Jun 30 21:03:29 2025 GMT
Not After : Jun 29 21:08:29 2026 GMT
Subject: CN=0EE6BD17204ACC059E1F1663BBC7BCE8DEC6F5A8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f1:e3:51:3b:fe:5d:39:de:53:95:6b:3d:65:
d0:17:67:94:a9:ef:ae:59:30:23:a6:d4:96:3f:06:
08:ae:ae:4c:44:8c:dd:9d:3b:eb:c0:83:76:79:56:
f4:44:d9:71:ca:c7:a4:8c:ac:9a:41:d3:c4:4a:ab:
48:c5:d4:98:50:0b:70:80:e3:07:29:7c:93:b9:f9:
73:18:6a:4d:15:ce:54:bc:f4:f2:d1:d0:bf:14:74:
41:bb:fa:04:ca:e1:9d:e9:25:c5:9a:be:af:21:81:
70:16:07:95:e6:2a:1d:ca:09:f0:74:a7:7c:b7:6b:
ad:eb:22:7b:71:ad:47:45:85:f3:2b:d9:c9:c8:18:
a4:3b:54:45:fa:f6:5d:47:ec:22:e2:71:52:8d:32:
39:5a:67:89:9b:0c:5b:cb:83:db:ff:46:38:75:55:
4b:50:54:20:71:9b:c0:e0:b5:a9:48:3b:f3:76:15:
92:c0:ca:db:e0:4d:bb:4a:cc:74:32:22:d9:48:9a:
1a:e5:bb:24:ee:ca:e3:b8:8a:f5:5e:00:f5:3e:91:
6e:c3:80:27:05:d4:46:60:d4:89:5d:08:e0:2b:24:
12:fe:68:ab:d7:49:21:fa:27:64:c4:81:e7:23:a7:
a5:dc:d5:2b:98:ac:ea:c3:d9:22:6b:e2:62:91:20:
3e:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:E6:BD:17:20:4A:CC:05:9E:1F:16:63:BB:C7:BC:E8:DE:C6:F5:A8
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3134362e31392e3136372e302f32342d3234203d3e20313432313131.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.167.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:41:55:70:90:76:10:69:6f:f2:85:31:bc:97:8b:70:0f:3b:
c8:22:de:88:84:60:d5:44:a1:5d:f6:a4:f8:f7:b6:51:dd:97:
4b:ec:42:22:9a:ae:e7:ed:2a:56:43:ce:d9:b5:ae:c8:bb:ee:
e0:18:70:0e:bc:20:82:11:9a:f3:7f:94:36:41:9c:97:f7:da:
32:8f:e3:ef:ad:44:f2:ea:b7:7f:f5:21:03:6c:5c:fd:3a:b3:
6f:35:96:8d:fd:1e:85:3d:3a:5a:c5:7f:06:84:6d:ac:e8:ad:
b6:2e:67:06:67:9e:0f:89:86:4c:34:d0:8a:d1:ec:33:6e:21:
0c:ef:53:83:40:eb:72:0e:fe:18:cf:b7:65:9f:8b:66:8f:d9:
7c:4f:bc:e2:0c:ce:2a:10:91:90:9c:6b:2e:a2:39:be:3c:25:
57:aa:0c:6b:7b:43:aa:1f:67:0c:7f:d9:76:92:b6:1c:19:bb:
4e:06:99:24:bb:e4:57:23:1e:7a:de:6b:aa:fb:72:47:75:ca:
bf:8c:e9:21:9e:0f:b0:37:98:83:33:9a:ee:a2:2b:9e:eb:b2:
1e:5f:ad:10:4b:0f:49:35:b8:a3:de:1e:34:fa:f4:83:74:15:
1f:f4:6b:fd:97:fa:69:d8:74:1f:31:ba:b0:e4:54:9f:eb:68:
38:e9:85:0b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUY9CL+P+pMYqeyQSmdaDfqI2+2HcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNTA2MzAyMTAzMjlaFw0yNjA2MjkyMTA4MjlaMDMxMTAvBgNV
BAMTKDBFRTZCRDE3MjA0QUNDMDU5RTFGMTY2M0JCQzdCQ0U4REVDNkY1QTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCe8eNRO/5dOd5TlWs9ZdAXZ5Sp
765ZMCOm1JY/BgiurkxEjN2dO+vAg3Z5VvRE2XHKx6SMrJpB08RKq0jF1JhQC3CA
4wcpfJO5+XMYak0VzlS89PLR0L8UdEG7+gTK4Z3pJcWavq8hgXAWB5XmKh3KCfB0
p3y3a63rIntxrUdFhfMr2cnIGKQ7VEX69l1H7CLicVKNMjlaZ4mbDFvLg9v/Rjh1
VUtQVCBxm8DgtalIO/N2FZLAytvgTbtKzHQyItlImhrluyTuyuO4ivVeAPU+kW7D
gCcF1EZg1IldCOArJBL+aKvXSSH6J2TEgecjp6Xc1SuYrOrD2SJr4mKRID43AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUDua9FyBKzAWeHxZju8e86N7G9agwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzEzNDM2MmUzMTM5MmUzMTM2
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM0MzIzMTMxMzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACSE6cwDQYJKoZIhvcNAQELBQADggEBALFBVXCQdhBpb/KFMbyXi3APO8gi3oiE
YNVEoV32pPj3tlHdl0vsQiKaruftKlZDztm1rsi77uAYcA68IIIRmvN/lDZBnJf3
2jKP4++tRPLqt3/1IQNsXP06s281lo39HoU9OlrFfwaEbazorbYuZwZnng+Jhkw0
0IrR7DNuIQzvU4NA63IO/hjPt2Wfi2aP2XxPvOIMzioQkZCcay6iOb48JVeqDGt7
Q6ofZwx/2XaSthwZu04GmSS75FcjHnrea6r7ckd1yr+M6SGeD7A3mIMzmu6iK57r
sh5frRBLD0k1uKPeHjT69IN0FR/0a/2X+mnYdB8xurDkVJ/raDjphQs=
-----END CERTIFICATE-----
Generated at Wed Jul 30 19:04:36 2025 by rpki-client