Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139342e33342e3235322e302f32342d3234203d3e203239383032.roa
File: 3139342e33342e3235322e302f32342d3234203d3e203239383032.roa (raw, json)
Hash identifier: MPp6Igfxvoo4H6VVtRMvz7wqXYqi9rOeS8G4+bL/Qls=
Subject key identifier: B8:F8:64:9F:AE:E7:66:62:DB:6E:F5:6B:87:0C:A0:60:76:07:58:62
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 257142E9F66683B9B92849A677CF7D941F02FAE2
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139342e33342e3235322e302f32342d3234203d3e203239383032.roa
Signing time: Sun 12 Jan 2025 22:17:25 +0000
ROA not before: Sun 12 Jan 2025 22:12:25 +0000
ROA not after: Sun 11 Jan 2026 22:17:25 +0000
asID: 29802
IP address blocks: 194.34.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:71:42:e9:f6:66:83:b9:b9:28:49:a6:77:cf:7d:94:1f:02:fa:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Jan 12 22:12:25 2025 GMT
Not After : Jan 11 22:17:25 2026 GMT
Subject: CN=B8F8649FAEE76662DB6EF56B870CA06076075862
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b9:b7:95:1b:1d:f2:69:b4:43:b1:8e:db:71:
d5:6a:93:32:38:17:36:95:48:0f:72:a2:ef:fe:d8:
df:28:03:3d:8d:b4:47:56:72:1d:da:2c:4d:8f:c4:
10:f4:54:25:1c:9f:87:e9:95:f5:63:66:ce:fe:88:
73:5e:c3:e3:d3:7d:b8:d9:90:73:24:67:e9:99:14:
39:65:f5:73:d5:19:d7:c6:57:ed:db:79:34:88:bb:
b6:e1:2b:59:6a:cc:59:0d:91:3b:48:08:3d:ea:b1:
97:e2:cd:8f:58:de:94:b0:27:a3:fa:24:ca:9c:4c:
c4:02:41:5f:46:3c:97:a1:7b:f6:7d:57:a8:a5:42:
40:eb:de:16:5b:e9:4f:8b:9c:ac:d5:c2:73:78:aa:
ee:bc:91:59:1a:57:b9:0a:da:cb:60:1d:8f:0b:8f:
70:cf:dd:7a:5f:c8:8b:33:62:50:3a:9d:e4:2e:5e:
30:1d:4e:db:12:1a:ef:bb:a5:b4:5a:96:70:6d:ba:
1b:28:d9:c0:6a:e7:16:06:fe:2b:95:60:60:df:b5:
fa:b8:94:22:cb:fd:8b:ec:2f:92:cb:62:80:89:3c:
5a:ed:9a:0e:f5:ca:0d:16:9a:2e:08:1b:5b:29:11:
0e:03:ba:ab:6a:d5:be:de:2e:26:a6:5a:a2:ea:5c:
94:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:F8:64:9F:AE:E7:66:62:DB:6E:F5:6B:87:0C:A0:60:76:07:58:62
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139342e33342e3235322e302f32342d3234203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.34.252.0/24
Signature Algorithm: sha256WithRSAEncryption
19:e2:4c:c1:2d:de:79:30:d0:84:dc:9d:c0:fb:b0:99:c5:83:
20:23:11:05:b4:9d:ea:96:03:1f:b9:3b:a3:af:39:83:e2:48:
79:cd:66:a4:4f:48:4c:23:b6:78:79:53:be:f3:d5:1d:36:c1:
f2:89:50:fc:61:d1:58:45:92:1d:15:7c:87:59:25:41:30:ab:
87:3f:33:fb:c5:4f:fe:82:b0:54:30:83:1f:a1:5b:b1:8a:32:
68:ae:27:45:d1:d1:fd:3e:ca:53:43:9e:e3:27:36:66:4e:66:
7b:b2:d3:94:93:2a:a3:fa:71:45:08:d3:b1:e0:65:7d:b2:8e:
da:ae:38:d3:ee:1d:95:f4:c9:14:ba:a0:3c:3e:c9:37:b4:e7:
dc:73:b7:ab:70:fb:9e:0a:fe:65:39:72:a1:7a:a5:ba:aa:e5:
0b:6a:f1:ab:36:81:18:6f:79:0a:e1:74:d0:e0:94:c4:13:27:
1f:a9:39:89:8d:c2:9f:a8:cf:b3:ba:79:5c:a3:15:4f:23:51:
55:fb:ea:e7:8b:7a:b2:17:6c:dc:7a:6d:23:5e:0f:bc:88:5b:
78:70:4f:7f:8b:ec:ca:bb:aa:55:b9:f9:1f:03:4b:b2:b8:6f:
71:35:35:88:16:45:43:02:ec:b4:ba:98:78:14:f6:a2:2b:a7:
c3:cd:14:68
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUJXFC6fZmg7m5KEmmd899lB8C+uIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNTAxMTIyMjEyMjVaFw0yNjAxMTEyMjE3MjVaMDMxMTAvBgNV
BAMTKEI4Rjg2NDlGQUVFNzY2NjJEQjZFRjU2Qjg3MENBMDYwNzYwNzU4NjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzubeVGx3yabRDsY7bcdVqkzI4
FzaVSA9you/+2N8oAz2NtEdWch3aLE2PxBD0VCUcn4fplfVjZs7+iHNew+PTfbjZ
kHMkZ+mZFDll9XPVGdfGV+3beTSIu7bhK1lqzFkNkTtICD3qsZfizY9Y3pSwJ6P6
JMqcTMQCQV9GPJehe/Z9V6ilQkDr3hZb6U+LnKzVwnN4qu68kVkaV7kK2stgHY8L
j3DP3XpfyIszYlA6neQuXjAdTtsSGu+7pbRalnBtuhso2cBq5xYG/iuVYGDftfq4
lCLL/YvsL5LLYoCJPFrtmg71yg0Wmi4IG1spEQ4Duqtq1b7eLiamWqLqXJSlAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUuPhkn67nZmLbbvVrhwygYHYHWGIwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzOTM0MmUzMzM0MmUzMjM1
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM5MzgzMDMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wiL8MA0GCSqGSIb3DQEBCwUAA4IBAQAZ4kzBLd55MNCE3J3A+7CZxYMgIxEFtJ3q
lgMfuTujrzmD4kh5zWakT0hMI7Z4eVO+89UdNsHyiVD8YdFYRZIdFXyHWSVBMKuH
PzP7xU/+grBUMIMfoVuxijJoridF0dH9PspTQ57jJzZmTmZ7stOUkyqj+nFFCNOx
4GV9so7arjjT7h2V9MkUuqA8Psk3tOfcc7ercPueCv5lOXKheqW6quULavGrNoEY
b3kK4XTQ4JTEEycfqTmJjcKfqM+zunlcoxVPI1FV++rni3qyF2zcem0jXg+8iFt4
cE9/i+zKu6pVufkfA0uyuG9xNTWIFkVDAuy0uph4FPaiK6fDzRRo
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:38:31 2025 by rpki-client