Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e36372e302f32342d3234203d3e20383334.roa
File: 3231332e3133392e36372e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: D6SogqGmOJbzVtDCb1JuxW8Fgqo7v+Dc/bOrJE9HIsI=
Subject key identifier: 3D:F6:82:4D:F8:01:BD:9F:37:09:8A:C8:7F:AC:04:92:CD:51:14:D3
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 4A37DE883B00DB01C0A3AD9B0556054871C6A8E8
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e36372e302f32342d3234203d3e20383334.roa
Signing time: Fri 28 Feb 2025 00:02:32 +0000
ROA not before: Thu 27 Feb 2025 23:57:32 +0000
ROA not after: Fri 27 Feb 2026 00:02:32 +0000
asID: 834
IP address blocks: 213.139.67.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:15:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:37:de:88:3b:00:db:01:c0:a3:ad:9b:05:56:05:48:71:c6:a8:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Feb 27 23:57:32 2025 GMT
Not After : Feb 27 00:02:32 2026 GMT
Subject: CN=3DF6824DF801BD9F37098AC87FAC0492CD5114D3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b2:2c:c2:f9:4d:92:b9:7b:8f:1a:c9:43:01:
09:71:07:8d:4c:d1:00:ca:e9:7b:17:c0:49:8f:2b:
7d:cd:de:44:2c:d6:f8:56:6d:6d:c4:a6:6b:88:0c:
f8:ac:77:13:0b:d2:aa:a7:ae:af:8c:75:99:cd:c1:
30:88:91:95:40:9e:62:e3:ba:c4:1b:b6:a7:95:c4:
f2:69:df:05:63:c2:33:e7:ce:d3:87:69:a6:82:04:
bc:28:1f:bb:d9:7c:50:64:20:86:5a:54:d3:ab:7b:
d6:e2:6e:d4:9f:40:ac:d3:e2:0d:98:8a:e7:5d:e5:
80:e2:66:97:8a:10:60:13:34:d6:0a:3b:3b:e9:1e:
5e:7c:78:52:55:64:b0:11:2a:fd:80:cc:1a:be:75:
5a:e0:51:7d:ca:31:63:91:64:f4:10:b6:97:e6:bf:
7c:94:76:79:dc:f3:63:28:e8:6e:fd:fb:89:69:ed:
57:f6:24:f4:2e:d7:2d:ae:e9:88:71:54:42:7a:02:
60:e9:3f:0d:6c:85:b1:e2:bf:13:06:29:9f:70:1c:
72:11:56:e3:48:f1:85:42:01:ee:a1:10:2a:c5:7a:
df:ea:5e:e5:1a:34:4d:0e:f2:a1:67:2f:ec:8b:aa:
ca:a0:79:ea:74:00:c2:b5:7d:d3:eb:4d:7e:66:9d:
dc:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:F6:82:4D:F8:01:BD:9F:37:09:8A:C8:7F:AC:04:92:CD:51:14:D3
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e36372e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.67.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:be:8c:1e:ee:72:07:ec:45:96:df:60:36:ef:76:29:21:39:
47:11:ba:52:69:95:ed:45:ea:b6:52:23:78:f7:99:5c:db:c9:
82:93:68:57:bb:d1:7a:2c:73:37:fc:c1:77:85:5d:df:9b:96:
60:e8:2c:90:5f:0f:24:86:5f:35:2e:2d:c7:17:31:d5:09:a2:
d1:8b:10:b1:2f:28:1d:21:2f:fd:b5:b4:be:f1:ee:c9:c5:4b:
c8:94:17:7c:2f:ca:d7:6b:61:1d:59:c7:89:f4:0a:e4:11:cb:
70:9c:4f:f5:88:49:82:b2:48:09:ac:3c:77:64:6d:e7:7c:bd:
60:ab:6d:b9:b5:f8:11:c4:98:45:17:c6:65:95:4f:f3:a3:2a:
81:f4:37:da:cb:ce:c6:d7:46:8c:93:3b:d9:3e:62:11:e2:05:
fa:43:78:0d:e4:f5:34:48:14:f6:04:c0:04:68:50:eb:10:58:
16:21:85:cd:46:9e:aa:cd:df:40:c3:bd:63:89:c5:f8:0d:7b:
bb:da:67:07:1c:54:c9:f3:33:d6:36:59:fa:8c:91:3f:00:4a:
80:00:45:a6:a4:14:da:99:cf:70:ce:46:87:59:26:53:17:05:
54:7a:ef:0b:e0:57:19:06:44:2c:ed:71:37:47:0e:ee:89:b2:
2e:3a:c8:2d
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUSjfeiDsA2wHAo62bBVYFSHHGqOgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNTAyMjcyMzU3MzJaFw0yNjAyMjcwMDAyMzJaMDMxMTAvBgNV
BAMTKDNERjY4MjRERjgwMUJEOUYzNzA5OEFDODdGQUMwNDkyQ0Q1MTE0RDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWsizC+U2SuXuPGslDAQlxB41M
0QDK6XsXwEmPK33N3kQs1vhWbW3EpmuIDPisdxML0qqnrq+MdZnNwTCIkZVAnmLj
usQbtqeVxPJp3wVjwjPnztOHaaaCBLwoH7vZfFBkIIZaVNOre9bibtSfQKzT4g2Y
iudd5YDiZpeKEGATNNYKOzvpHl58eFJVZLARKv2AzBq+dVrgUX3KMWORZPQQtpfm
v3yUdnnc82Mo6G79+4lp7Vf2JPQu1y2u6YhxVEJ6AmDpPw1shbHivxMGKZ9wHHIR
VuNI8YVCAe6hECrFet/qXuUaNE0O8qFnL+yLqsqgeep0AMK1fdPrTX5mndyJAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUPfaCTfgBvZ83CYrIf6wEks1RFNMwHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM2
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADVi0Mw
DQYJKoZIhvcNAQELBQADggEBABu+jB7ucgfsRZbfYDbvdikhOUcRulJple1F6rZS
I3j3mVzbyYKTaFe70Xosczf8wXeFXd+blmDoLJBfDySGXzUuLccXMdUJotGLELEv
KB0hL/21tL7x7snFS8iUF3wvytdrYR1Zx4n0CuQRy3CcT/WISYKySAmsPHdkbed8
vWCrbbm1+BHEmEUXxmWVT/OjKoH0N9rLzsbXRoyTO9k+YhHiBfpDeA3k9TRIFPYE
wARoUOsQWBYhhc1GnqrN30DDvWOJxfgNe7vaZwccVMnzM9Y2WfqMkT8ASoAARaak
FNqZz3DORodZJlMXBVR67wvgVxkGRCztcTdHDu6Jsi46yC0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:53:06 2025 by rpki-client