Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/3231332e3233322e3235322e302f32342d3234203d3e2033333230.roa
File: 3231332e3233322e3235322e302f32342d3234203d3e2033333230.roa (raw, json)
Hash identifier: /Kq4VkHWPBjYK33PPSBMXdIWaIDemEZf9s/0PNOi978=
Subject key identifier: A6:F3:23:66:A3:8D:62:C6:C2:D7:95:A1:53:F9:3F:DB:B7:B8:6B:26
Certificate issuer: /CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Certificate serial: 5ADB59DC42A8C3386E7C7D5379FC29C3CCB8CDD5
Authority key identifier: FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/3231332e3233322e3235322e302f32342d3234203d3e2033333230.roa
Signing time: Mon 10 Mar 2025 18:37:38 +0000
ROA not before: Mon 10 Mar 2025 18:32:38 +0000
ROA not after: Mon 09 Mar 2026 18:37:38 +0000
asID: 3320
IP address blocks: 213.232.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.mft
rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:db:59:dc:42:a8:c3:38:6e:7c:7d:53:79:fc:29:c3:cc:b8:cd:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Validity
Not Before: Mar 10 18:32:38 2025 GMT
Not After : Mar 9 18:37:38 2026 GMT
Subject: CN=A6F32366A38D62C6C2D795A153F93FDBB7B86B26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:63:2f:72:67:bc:73:77:4c:b5:8a:d6:08:57:
b8:a0:83:a9:a1:09:23:5c:87:be:68:0d:9e:5e:f6:
71:44:14:86:a1:7e:61:1b:06:1a:a6:15:7c:66:77:
92:19:37:f3:7a:46:63:25:eb:d8:86:94:7a:8b:f2:
7b:26:6f:82:1c:44:ae:33:6f:1a:37:0c:24:03:57:
14:94:9b:92:5c:b5:a6:23:77:1f:7a:83:c5:ca:a3:
c8:39:dc:b8:96:44:f7:c5:e2:71:71:1d:c0:a7:2c:
f4:81:9d:e9:ae:65:ba:4b:20:a7:dc:cf:1a:10:d3:
2f:8f:51:3d:fa:76:f4:1f:04:43:94:27:83:b5:e7:
01:e6:01:b5:ca:8b:88:53:ae:19:8f:12:5a:68:f0:
4b:72:21:79:56:a0:64:b7:2f:70:4b:5f:84:a2:0b:
2f:d8:46:68:28:f8:7c:4d:a6:69:a6:fd:04:ab:27:
c6:42:be:53:d6:7c:da:a4:36:66:78:ab:20:b4:2e:
b9:ce:1c:14:ce:e2:7a:54:68:7f:9c:12:b8:00:93:
79:19:02:95:49:f0:83:06:c6:b1:b6:7e:37:c5:16:
51:ee:b5:7f:41:db:44:32:47:8c:03:1c:fa:98:ca:
f0:a1:67:77:38:0c:50:c8:8a:2f:ea:4f:b6:81:6e:
e0:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:F3:23:66:A3:8D:62:C6:C2:D7:95:A1:53:F9:3F:DB:B7:B8:6B:26
X509v3 Authority Key Identifier:
keyid:FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/3231332e3233322e3235322e302f32342d3234203d3e2033333230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.232.252.0/24
Signature Algorithm: sha256WithRSAEncryption
08:48:b4:57:ca:3b:12:24:9b:27:e2:fc:4d:bb:12:20:87:ab:
c2:7c:21:ec:1b:6a:b8:a2:7c:b4:5e:d3:16:53:25:9c:6c:77:
96:47:00:45:dc:81:d3:5d:0d:f5:91:20:49:7e:61:20:83:19:
42:eb:48:df:5f:af:86:d6:d7:57:8b:35:a0:d5:01:1e:cc:74:
4a:af:ee:4e:3a:74:36:0b:fd:31:a0:97:3e:d7:f6:2c:24:db:
39:92:72:83:7d:48:e3:cb:24:4f:30:8d:7f:b5:04:ba:66:56:
e1:7f:c3:9a:4c:5b:b0:44:5c:3e:3d:41:3d:b9:ce:c2:de:4f:
f5:d5:82:25:74:a1:97:af:6f:a0:7f:c6:06:de:67:4c:be:90:
2e:c6:09:75:42:22:c9:be:d1:fe:40:22:d3:ee:8d:1c:8f:62:
73:44:30:ba:f3:e0:a3:d5:81:0b:12:4e:ef:43:b6:34:87:3d:
ba:b0:7a:d3:0e:7f:52:7d:1f:16:84:6c:f6:2a:3d:00:33:22:
ac:7c:1f:8f:8f:ad:27:29:b7:6a:60:12:f2:40:3a:44:c4:b6:
63:d0:3e:2c:56:0b:4c:ef:eb:3d:cd:04:59:2b:b1:0d:b2:5e:
f2:05:92:4d:85:71:cf:34:1f:a6:a4:13:39:63:fa:b9:a3:0b:
8e:9e:4f:28
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUWttZ3EKowzhufH1Tefwpw8y4zdUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmY0MjZmMTliYTY3YmM4OWRlNWFlNmRmNDg3YzFjOGMx
ZTc1MmUyNzAeFw0yNTAzMTAxODMyMzhaFw0yNjAzMDkxODM3MzhaMDMxMTAvBgNV
BAMTKEE2RjMyMzY2QTM4RDYyQzZDMkQ3OTVBMTUzRjkzRkRCQjdCODZCMjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpYy9yZ7xzd0y1itYIV7igg6mh
CSNch75oDZ5e9nFEFIahfmEbBhqmFXxmd5IZN/N6RmMl69iGlHqL8nsmb4IcRK4z
bxo3DCQDVxSUm5JctaYjdx96g8XKo8g53LiWRPfF4nFxHcCnLPSBnemuZbpLIKfc
zxoQ0y+PUT36dvQfBEOUJ4O15wHmAbXKi4hTrhmPElpo8EtyIXlWoGS3L3BLX4Si
Cy/YRmgo+HxNpmmm/QSrJ8ZCvlPWfNqkNmZ4qyC0LrnOHBTO4npUaH+cErgAk3kZ
ApVJ8IMGxrG2fjfFFlHutX9B20QyR4wDHPqYyvChZ3c4DFDIii/qT7aBbuDfAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUpvMjZqONYsbC15WhU/k/27e4ayYwHwYDVR0j
BBgwFoAU/0JvGbpnvIneWubfSHwcjB51LicwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUtYmE5My00NjVmLTliNmUtN2ZiZDYzYmRm
ZjYzLzAvRkY0MjZGMTlCQTY3QkM4OURFNUFFNkRGNDg3QzFDOEMxRTc1MkUyNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL18wSnZHYnBudkluZVd1YmZTSHdjakI1
MUxpYy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUt
YmE5My00NjVmLTliNmUtN2ZiZDYzYmRmZjYzLzAvMzIzMTMzMmUzMjMzMzIyZTMy
MzUzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzMzMjMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1ej8MA0GCSqGSIb3DQEBCwUAA4IBAQAISLRXyjsSJJsn4vxNuxIgh6vCfCHsG2q4
ony0XtMWUyWcbHeWRwBF3IHTXQ31kSBJfmEggxlC60jfX6+G1tdXizWg1QEezHRK
r+5OOnQ2C/0xoJc+1/YsJNs5knKDfUjjyyRPMI1/tQS6Zlbhf8OaTFuwRFw+PUE9
uc7C3k/11YIldKGXr2+gf8YG3mdMvpAuxgl1QiLJvtH+QCLT7o0cj2JzRDC68+Cj
1YELEk7vQ7Y0hz26sHrTDn9SfR8WhGz2Kj0AMyKsfB+Pj60nKbdqYBLyQDpExLZj
0D4sVgtM7+s9zQRZK7ENsl7yBZJNhXHPNB+mpBM5Y/q5owuOnk8o
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:10:07 2025 by rpki-client