Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e36352e302f32342d3234203d3e203538303631.roa
File: 3231332e3133392e36352e302f32342d3234203d3e203538303631.roa (raw, json)
Hash identifier: HxNaisBkJTdT/IWWw5pF+Bzi3+444zF60jT8MgKJguc=
Subject key identifier: FA:21:1C:4E:69:6A:C0:AE:5E:A1:77:8A:E8:DB:44:D4:FB:D0:88:E9
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 3AD5B6F81D7FEDCB51B13B9FA0DAD73BB04F4918
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e36352e302f32342d3234203d3e203538303631.roa
Signing time: Mon 12 May 2025 14:02:15 +0000
ROA not before: Mon 12 May 2025 13:57:15 +0000
ROA not after: Mon 11 May 2026 14:02:15 +0000
asID: 58061
IP address blocks: 213.139.65.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:d5:b6:f8:1d:7f:ed:cb:51:b1:3b:9f:a0:da:d7:3b:b0:4f:49:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: May 12 13:57:15 2025 GMT
Not After : May 11 14:02:15 2026 GMT
Subject: CN=FA211C4E696AC0AE5EA1778AE8DB44D4FBD088E9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:53:96:32:0f:7d:e9:7e:b8:f6:9a:e3:7e:9b:
bf:86:bb:92:ef:fe:b4:32:75:08:f8:cc:c5:74:ec:
cd:9a:4a:15:b8:06:cb:79:a6:b7:b5:f6:0d:10:a7:
0f:a2:24:66:55:db:b4:15:77:90:5e:f8:b4:75:ed:
db:fc:a4:9f:22:73:e8:57:ee:de:c4:af:c0:a8:2a:
d2:40:35:0f:9d:0d:0d:93:77:36:2e:25:33:92:e4:
46:fc:68:db:00:84:77:af:f0:16:f8:be:7b:27:17:
71:a4:51:67:a6:ac:b7:6a:82:62:52:47:f1:f9:b1:
f6:5c:bf:56:86:92:c2:af:c9:91:34:89:22:b3:f7:
f5:ea:66:e2:90:78:07:07:c3:31:7d:78:7d:64:85:
fe:1a:98:97:32:f4:47:ec:a9:63:b6:69:9f:3b:d0:
bf:2b:d3:8e:8d:2c:1c:b3:e0:6c:62:bf:89:77:7e:
38:02:ef:59:a8:b9:b6:c2:2d:c5:0c:4c:1e:82:79:
c0:77:ce:bf:8a:e7:57:86:93:ef:e0:34:4b:6b:14:
79:2e:9b:62:04:01:ea:84:86:80:d4:b5:b2:78:c7:
87:bf:10:b3:b6:60:57:97:8c:53:d0:88:e8:27:98:
d1:4a:c1:f4:6d:50:c3:21:11:d7:1d:60:23:77:17:
a8:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:21:1C:4E:69:6A:C0:AE:5E:A1:77:8A:E8:DB:44:D4:FB:D0:88:E9
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e36352e302f32342d3234203d3e203538303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.65.0/24
Signature Algorithm: sha256WithRSAEncryption
17:68:d5:a3:9c:0d:9a:59:33:4c:8e:e5:80:af:b4:85:1b:52:
33:71:e7:a1:ca:b6:7f:0a:97:84:c7:9f:42:5d:20:a6:f0:dc:
5c:75:77:34:fe:2a:ad:93:c3:64:ae:e8:92:73:44:c4:e2:6e:
78:11:93:e5:78:05:a7:ee:d0:3c:e0:99:66:ea:0f:b8:fb:9b:
0d:17:c4:ed:80:aa:8f:5b:70:37:a3:b6:e9:bb:f9:d4:35:dd:
64:f2:47:c8:13:eb:51:e9:57:fa:d9:ff:ab:a1:7b:27:eb:a1:
2e:69:f4:d1:07:e8:4d:0e:fd:6f:83:fe:e8:50:b3:2a:f4:57:
dc:be:9d:c9:d5:a0:b2:10:5d:1a:67:58:53:56:cf:ee:0e:89:
4d:11:9f:8d:b0:77:4b:7d:83:5d:fb:06:f7:1b:8c:1b:8f:3d:
13:c1:c7:ec:bb:c8:ca:46:ca:32:a9:02:d1:08:4d:44:de:1f:
eb:95:d3:1c:41:9b:45:54:0a:bc:f5:df:b3:a9:91:53:ca:e5:
3a:37:bd:05:41:5c:23:d2:97:d5:2e:6c:db:93:83:d6:5c:37:
33:ee:12:a0:76:17:c7:15:59:c3:37:ae:4d:63:99:54:50:74:
e2:cc:e2:d1:f2:2a:a9:85:7b:6c:d2:b6:46:87:39:30:f4:9b:
46:47:49:fd
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUOtW2+B1/7ctRsTufoNrXO7BPSRgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNTA1MTIxMzU3MTVaFw0yNjA1MTExNDAyMTVaMDMxMTAvBgNV
BAMTKEZBMjExQzRFNjk2QUMwQUU1RUExNzc4QUU4REI0NEQ0RkJEMDg4RTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/U5YyD33pfrj2muN+m7+Gu5Lv
/rQydQj4zMV07M2aShW4Bst5pre19g0Qpw+iJGZV27QVd5Be+LR17dv8pJ8ic+hX
7t7Er8CoKtJANQ+dDQ2TdzYuJTOS5Eb8aNsAhHev8Bb4vnsnF3GkUWemrLdqgmJS
R/H5sfZcv1aGksKvyZE0iSKz9/XqZuKQeAcHwzF9eH1khf4amJcy9EfsqWO2aZ87
0L8r046NLByz4Gxiv4l3fjgC71moubbCLcUMTB6CecB3zr+K51eGk+/gNEtrFHku
m2IEAeqEhoDUtbJ4x4e/ELO2YFeXjFPQiOgnmNFKwfRtUMMhEdcdYCN3F6itAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU+iEcTmlqwK5eoXeK6NtE1PvQiOkwHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM2
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTM4MzAzNjMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1YtBMA0GCSqGSIb3DQEBCwUAA4IBAQAXaNWjnA2aWTNMjuWAr7SFG1IzceehyrZ/
CpeEx59CXSCm8NxcdXc0/iqtk8NkruiSc0TE4m54EZPleAWn7tA84Jlm6g+4+5sN
F8TtgKqPW3A3o7bpu/nUNd1k8kfIE+tR6Vf62f+roXsn66EuafTRB+hNDv1vg/7o
ULMq9Ffcvp3J1aCyEF0aZ1hTVs/uDolNEZ+NsHdLfYNd+wb3G4wbjz0Twcfsu8jK
RsoyqQLRCE1E3h/rldMcQZtFVAq89d+zqZFTyuU6N70FQVwj0pfVLmzbk4PWXDcz
7hKgdhfHFVnDN65NY5lUUHTizOLR8iqphXts0rZGhzkw9JtGR0n9
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:27:08 2025 by rpki-client