Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139342e33342e3235352e302f32342d3234203d3e203536353934.roa
File: 3139342e33342e3235352e302f32342d3234203d3e203536353934.roa (raw, json)
Hash identifier: x2RfjpSN3xicSqXOSngzYM3QyNU0bV4bA1DJ2SOK7nM=
Subject key identifier: 13:3B:05:6E:8E:BC:54:4A:FF:00:CA:6C:A4:78:D9:CF:FB:D6:3A:3B
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 15C3E00D63364E8243CC6446453D7278A365500B
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139342e33342e3235352e302f32342d3234203d3e203536353934.roa
Signing time: Sun 12 Jan 2025 06:37:28 +0000
ROA not before: Sun 12 Jan 2025 06:32:28 +0000
ROA not after: Sun 11 Jan 2026 06:37:28 +0000
asID: 56594
IP address blocks: 194.34.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:c3:e0:0d:63:36:4e:82:43:cc:64:46:45:3d:72:78:a3:65:50:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Jan 12 06:32:28 2025 GMT
Not After : Jan 11 06:37:28 2026 GMT
Subject: CN=133B056E8EBC544AFF00CA6CA478D9CFFBD63A3B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a3:c0:04:52:6e:16:c9:df:e9:62:7c:d3:6f:
9d:51:2b:22:3b:37:9c:36:8f:5c:4f:b5:fd:55:06:
d6:d4:4f:8a:e8:68:24:72:68:86:fa:99:73:99:08:
74:93:ea:f1:4b:89:78:da:c3:5f:87:43:82:d9:3e:
73:d0:1c:a9:5b:a9:94:62:97:6f:91:53:24:55:e3:
94:0d:2e:c3:a9:8d:de:73:cd:1f:a5:e4:68:55:98:
b6:75:15:f4:59:fc:8e:81:76:0d:70:97:66:37:f9:
1b:29:ab:dd:f0:cd:00:da:f8:cc:5c:56:91:c2:9f:
c9:b6:6f:2f:9c:9a:33:e0:21:97:07:77:f0:0d:ea:
e7:4a:13:50:1c:2c:12:c9:31:79:2e:eb:4e:03:b6:
96:91:df:bb:5f:9f:a9:ed:ef:5b:69:c9:79:53:05:
35:23:0b:0f:9c:ed:30:98:91:90:b7:ed:8c:fa:f1:
71:50:38:87:46:50:32:03:65:ae:67:d5:4d:35:2a:
14:a0:14:d0:ca:d5:26:78:12:02:30:bb:e3:fd:65:
e7:22:90:77:f7:96:76:a4:80:77:92:b9:0e:b8:e3:
63:c5:be:85:66:d6:3e:18:28:17:7e:5d:f7:f0:ed:
bc:40:17:e1:52:9a:06:25:38:72:e7:f9:15:db:b5:
ba:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:3B:05:6E:8E:BC:54:4A:FF:00:CA:6C:A4:78:D9:CF:FB:D6:3A:3B
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139342e33342e3235352e302f32342d3234203d3e203536353934.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.34.255.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:bd:b1:03:2d:0e:21:65:3b:21:44:f9:5f:a8:39:e0:36:ca:
42:29:00:1a:4e:af:ef:e4:ac:91:48:fa:cf:c8:f3:5e:f3:81:
6a:48:90:5f:2e:83:46:5c:fe:8b:48:cc:b4:f7:b6:9d:83:b1:
61:e9:22:8d:70:b5:96:a5:af:1d:d1:f6:a7:d2:54:33:93:09:
51:f7:b0:0e:e3:63:f0:31:65:87:62:38:8c:31:af:9c:bb:90:
72:84:76:cd:bd:94:6f:59:15:8b:31:d9:af:6a:46:40:90:4b:
48:08:18:b7:e9:96:ee:65:46:86:5c:f3:86:f0:9b:be:fe:cb:
a0:82:7b:d9:a9:ec:ce:ae:bc:5a:7c:49:c5:29:e5:73:d2:98:
95:0f:16:1a:3f:8b:20:90:a4:16:cd:5d:72:f3:b4:10:5f:71:
9d:94:f7:fb:f2:66:b4:a3:de:6b:5f:81:0a:ba:3d:cb:4e:ad:
03:b1:12:ee:93:cc:10:e3:a2:8a:a4:c6:54:14:44:c5:38:96:
72:1c:7e:86:7a:52:83:e9:98:99:4a:3e:12:04:d6:84:13:ad:
b6:88:3a:da:ab:7d:2e:9d:42:c5:8d:87:c3:ac:1f:20:88:d4:
52:0c:d7:dc:bb:f8:04:01:f4:a6:0f:ee:ff:2c:3e:6f:54:0a:
83:15:7d:fc
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUFcPgDWM2ToJDzGRGRT1yeKNlUAswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNTAxMTIwNjMyMjhaFw0yNjAxMTEwNjM3MjhaMDMxMTAvBgNV
BAMTKDEzM0IwNTZFOEVCQzU0NEFGRjAwQ0E2Q0E0NzhEOUNGRkJENjNBM0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6o8AEUm4Wyd/pYnzTb51RKyI7
N5w2j1xPtf1VBtbUT4roaCRyaIb6mXOZCHST6vFLiXjaw1+HQ4LZPnPQHKlbqZRi
l2+RUyRV45QNLsOpjd5zzR+l5GhVmLZ1FfRZ/I6Bdg1wl2Y3+Rspq93wzQDa+Mxc
VpHCn8m2by+cmjPgIZcHd/AN6udKE1AcLBLJMXku604DtpaR37tfn6nt71tpyXlT
BTUjCw+c7TCYkZC37Yz68XFQOIdGUDIDZa5n1U01KhSgFNDK1SZ4EgIwu+P9Zeci
kHf3lnakgHeSuQ6442PFvoVm1j4YKBd+Xffw7bxAF+FSmgYlOHLn+RXbtbq1AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUEzsFbo68VEr/AMpspHjZz/vWOjswHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzOTM0MmUzMzM0MmUzMjM1
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTM2MzUzOTM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wiL/MA0GCSqGSIb3DQEBCwUAA4IBAQAOvbEDLQ4hZTshRPlfqDngNspCKQAaTq/v
5KyRSPrPyPNe84FqSJBfLoNGXP6LSMy097adg7Fh6SKNcLWWpa8d0fan0lQzkwlR
97AO42PwMWWHYjiMMa+cu5ByhHbNvZRvWRWLMdmvakZAkEtICBi36ZbuZUaGXPOG
8Ju+/suggnvZqezOrrxafEnFKeVz0piVDxYaP4sgkKQWzV1y87QQX3GdlPf78ma0
o95rX4EKuj3LTq0DsRLuk8wQ46KKpMZUFETFOJZyHH6GelKD6ZiZSj4SBNaEE622
iDraq30unULFjYfDrB8giNRSDNfcu/gEAfSmD+7/LD5vVAqDFX38
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:42:47 2025 by rpki-client