Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e3135302e3230342e302f32342d3234203d3e20323132333335.roa
File: 3139342e3135302e3230342e302f32342d3234203d3e20323132333335.roa (raw, json)
Hash identifier: 63C/hNRb0Drc8LY5qjMfJwTosG+OCfPY0R9pguNis8c=
Subject key identifier: 02:D9:2A:0F:90:B5:43:8A:53:90:07:E5:16:87:31:09:46:62:2B:63
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 179F286B67A30C10BB5E73332C65460E8CEE2041
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e3135302e3230342e302f32342d3234203d3e20323132333335.roa
Signing time: Tue 27 May 2025 06:54:08 +0000
ROA not before: Tue 27 May 2025 06:49:08 +0000
ROA not after: Tue 26 May 2026 06:54:08 +0000
asID: 212335
IP address blocks: 194.150.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.mft
rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:9f:28:6b:67:a3:0c:10:bb:5e:73:33:2c:65:46:0e:8c:ee:20:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: May 27 06:49:08 2025 GMT
Not After : May 26 06:54:08 2026 GMT
Subject: CN=02D92A0F90B5438A539007E51687310946622B63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a8:d1:51:55:c5:3f:54:31:99:5e:d7:bc:f0:
e8:e2:96:9a:d4:40:49:a1:df:36:b4:da:83:1b:df:
25:b7:59:87:55:b9:54:6a:51:67:4e:48:cf:a8:8a:
da:4f:03:5b:88:6f:3a:ea:3e:9b:c8:e0:0b:30:80:
9a:23:ab:2c:55:56:90:81:ac:b7:a2:98:40:98:bf:
b7:20:a7:3a:c8:f1:8c:43:ad:0f:33:c9:d3:08:3c:
4f:a2:6d:ee:fe:1a:fc:c9:dd:19:8d:43:78:aa:af:
2a:bb:a6:c0:d2:46:24:f5:07:09:35:7d:e8:16:1d:
45:9e:75:62:8d:f0:e7:3c:4a:e4:ee:37:48:2c:fc:
da:85:cf:7c:25:1c:25:e6:0e:06:d2:57:1e:b3:6e:
ec:b2:cf:b3:d2:bf:4a:43:1e:16:8e:a6:08:c8:f2:
f2:78:c6:ce:c7:90:d7:e9:91:fa:7d:6f:e0:82:b1:
b3:0b:07:c0:e1:d7:08:3b:bc:86:ed:8c:72:d9:db:
72:d0:80:19:60:1d:f3:ef:47:c0:6e:f9:f5:99:d5:
f3:78:83:76:02:0c:04:2d:a0:cb:19:5b:fc:f4:c8:
0a:7c:17:b4:5f:f9:0b:3e:23:d9:56:8d:7a:da:a5:
76:3d:45:49:8f:77:09:55:a6:f6:ba:b1:9a:5a:f4:
16:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:D9:2A:0F:90:B5:43:8A:53:90:07:E5:16:87:31:09:46:62:2B:63
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e3135302e3230342e302f32342d3234203d3e20323132333335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.150.204.0/24
Signature Algorithm: sha256WithRSAEncryption
56:bc:f5:2c:6c:04:7c:12:05:9c:9c:3b:49:e7:03:e7:1e:d6:
70:b5:c9:03:a8:38:2a:0d:1f:1a:df:b9:aa:4c:93:08:0b:cf:
59:67:8a:07:50:ad:b9:b6:6a:6c:cf:03:6b:2a:dd:de:3c:1b:
c0:0a:05:7a:6c:a1:b9:79:40:7b:0c:1f:c6:bb:10:43:c1:88:
ed:a5:38:e4:9b:3f:24:24:a7:82:07:62:f4:28:da:fd:ca:41:
8f:56:68:7a:da:72:80:70:f6:e8:15:4d:18:22:9b:69:24:9c:
7e:d5:ec:6a:57:8a:02:da:ad:31:da:7a:55:63:38:86:54:f9:
76:ab:74:90:5a:2b:c7:c3:2c:ca:cf:64:01:54:6c:20:d9:80:
c7:c2:a0:71:b9:e1:bf:ed:5e:3a:35:3b:7e:71:f8:6e:52:60:
93:bc:e5:e6:af:2c:a1:a9:32:13:18:23:b5:9b:fe:ac:39:ea:
cc:4e:59:c7:dc:0d:67:a3:bf:64:43:11:83:e2:fa:df:4b:c0:
6e:4a:2d:af:df:66:75:40:f0:01:11:a8:83:d9:99:9a:58:fd:
c7:72:93:cd:af:da:b9:1a:2f:38:d1:a4:d0:d3:90:14:31:15:
6e:4e:ad:89:b3:b2:96:a5:f1:91:de:89:9d:2c:7b:84:54:a0:
c1:a4:83:2e
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUF58oa2ejDBC7XnMzLGVGDozuIEEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNTA1MjcwNjQ5MDhaFw0yNjA1MjYwNjU0MDhaMDMxMTAvBgNV
BAMTKDAyRDkyQTBGOTBCNTQzOEE1MzkwMDdFNTE2ODczMTA5NDY2MjJCNjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCRqNFRVcU/VDGZXte88OjilprU
QEmh3za02oMb3yW3WYdVuVRqUWdOSM+oitpPA1uIbzrqPpvI4AswgJojqyxVVpCB
rLeimECYv7cgpzrI8YxDrQ8zydMIPE+ibe7+GvzJ3RmNQ3iqryq7psDSRiT1Bwk1
fegWHUWedWKN8Oc8SuTuN0gs/NqFz3wlHCXmDgbSVx6zbuyyz7PSv0pDHhaOpgjI
8vJ4xs7HkNfpkfp9b+CCsbMLB8Dh1wg7vIbtjHLZ23LQgBlgHfPvR8Bu+fWZ1fN4
g3YCDAQtoMsZW/z0yAp8F7Rf+Qs+I9lWjXrapXY9RUmPdwlVpva6sZpa9BbnAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUAtkqD5C1Q4pTkAflFocxCUZiK2MwHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzEzOTM0MmUzMTM1MzAyZTMy
MzAzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMzMzMzNS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMKWzDANBgkqhkiG9w0BAQsFAAOCAQEAVrz1LGwEfBIFnJw7SecD5x7WcLXJ
A6g4Kg0fGt+5qkyTCAvPWWeKB1CtubZqbM8Dayrd3jwbwAoFemyhuXlAewwfxrsQ
Q8GI7aU45Js/JCSnggdi9Cja/cpBj1ZoetpygHD26BVNGCKbaSScftXsaleKAtqt
Mdp6VWM4hlT5dqt0kForx8Msys9kAVRsINmAx8Kgcbnhv+1eOjU7fnH4blJgk7zl
5q8soakyExgjtZv+rDnqzE5Zx9wNZ6O/ZEMRg+L630vAbkotr99mdUDwARGog9mZ
mlj9x3KTza/auRovONGk0NOQFDEVbk6tibOylqXxkd6JnSx7hFSgwaSDLg==
-----END CERTIFICATE-----
Generated at Fri Jun 6 19:33:34 2025 by rpki-client