Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e36392e302f32342d3234203d3e20313337353137.roa
File: 3231332e3133392e36392e302f32342d3234203d3e20313337353137.roa (raw, json)
Hash identifier: HH3jqYI0MpU2yLi9Hw8yJjtic3EBakXCP+g63lrfqjg=
Subject key identifier: A8:E9:54:EE:11:5B:43:C2:11:09:B2:93:5D:FB:96:58:AC:D0:FA:11
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 79D09B1DCDE887981CD04279C2802B0FC6BA6796
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e36392e302f32342d3234203d3e20313337353137.roa
Signing time: Mon 06 Jan 2025 02:46:05 +0000
ROA not before: Mon 06 Jan 2025 02:41:05 +0000
ROA not after: Mon 05 Jan 2026 02:46:05 +0000
asID: 137517
IP address blocks: 213.139.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 06:56:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:d0:9b:1d:cd:e8:87:98:1c:d0:42:79:c2:80:2b:0f:c6:ba:67:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Jan 6 02:41:05 2025 GMT
Not After : Jan 5 02:46:05 2026 GMT
Subject: CN=A8E954EE115B43C21109B2935DFB9658ACD0FA11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:89:8c:ff:2b:18:73:ba:6f:42:e8:bd:56:c5:
e1:11:89:83:46:2b:0b:b0:66:90:1e:e5:4a:0c:6f:
d8:5e:ab:d1:c4:5d:70:2b:71:69:a3:a0:54:a1:37:
98:2b:3e:fe:95:30:a0:60:63:2a:56:02:ea:19:56:
43:95:73:7f:c4:26:68:ab:f2:e0:11:69:eb:e8:c8:
74:a1:30:80:d8:83:a3:81:15:6b:82:01:7a:a0:2d:
58:9b:0b:f7:d8:38:53:12:81:cf:9c:dd:4b:1c:09:
b9:c4:08:52:44:76:fe:83:0d:83:8e:85:9b:40:bc:
bb:c0:30:54:bc:62:cc:d3:e4:9b:31:86:37:8f:18:
76:09:95:8c:8d:07:e6:2c:f1:00:7d:b7:f5:05:7a:
21:99:a0:12:26:a5:4d:70:ca:9d:de:23:c0:a9:69:
ce:ba:30:09:bd:4c:5c:3e:79:61:43:0a:e7:c7:b0:
66:75:70:93:dc:f0:fe:11:56:3a:62:9f:87:0b:99:
b1:e7:24:6d:d4:5b:09:66:23:b5:a7:ce:03:a3:64:
67:a7:d2:3a:9f:72:c2:1f:52:7c:46:4a:d6:68:1f:
25:cf:42:34:23:2e:d7:01:5a:26:1d:a2:7d:17:c9:
d2:70:5b:48:13:af:8e:fe:94:92:49:49:5a:76:7a:
56:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:E9:54:EE:11:5B:43:C2:11:09:B2:93:5D:FB:96:58:AC:D0:FA:11
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e36392e302f32342d3234203d3e20313337353137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.69.0/24
Signature Algorithm: sha256WithRSAEncryption
54:ae:a2:59:ad:bf:7d:fc:56:08:f8:e0:21:a3:13:ea:24:48:
7c:ca:31:69:3a:18:5b:9d:b6:ca:7c:b7:f5:d3:83:e0:d3:4c:
2d:5a:e0:e2:60:3f:df:79:10:10:28:79:b5:f6:93:a9:94:ea:
05:b4:8f:0c:27:e0:b5:06:ef:58:6d:9f:c7:d9:c8:ab:06:c0:
6a:9c:c3:22:21:74:ee:ab:ca:02:9c:e9:56:9d:f8:40:5b:91:
9d:e9:37:41:92:b6:01:d0:65:8d:42:40:d1:9e:48:1a:fd:34:
cf:45:bd:bd:0b:2d:68:7f:77:9e:f9:d3:14:5a:1e:61:62:3b:
a1:b4:c9:fc:32:9a:ec:03:02:22:b7:9f:d5:e3:b4:b1:15:09:
0c:09:16:82:c3:1c:f7:04:5c:ba:1b:c9:9a:9f:5d:6a:94:fe:
80:29:2c:57:97:ee:c6:80:57:2e:5a:ac:8f:21:9b:ae:98:fa:
e8:5c:f9:03:9b:cd:0e:8b:6f:8a:10:30:0c:5b:b3:07:2d:7f:
d3:21:1e:17:ed:46:c5:a5:a1:99:0f:bd:44:b1:07:78:c2:f7:
84:f9:f1:38:5c:6d:63:c8:cb:10:ee:5f:c1:26:68:e5:03:48:
fc:d6:68:b9:54:8c:bf:8d:e8:91:c3:21:57:a8:2e:45:7a:04:
cc:db:1a:5b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUedCbHc3oh5gc0EJ5woArD8a6Z5YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNTAxMDYwMjQxMDVaFw0yNjAxMDUwMjQ2MDVaMDMxMTAvBgNV
BAMTKEE4RTk1NEVFMTE1QjQzQzIxMTA5QjI5MzVERkI5NjU4QUNEMEZBMTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCViYz/Kxhzum9C6L1WxeERiYNG
KwuwZpAe5UoMb9heq9HEXXArcWmjoFShN5grPv6VMKBgYypWAuoZVkOVc3/EJmir
8uARaevoyHShMIDYg6OBFWuCAXqgLVibC/fYOFMSgc+c3UscCbnECFJEdv6DDYOO
hZtAvLvAMFS8YszT5JsxhjePGHYJlYyNB+Ys8QB9t/UFeiGZoBImpU1wyp3eI8Cp
ac66MAm9TFw+eWFDCufHsGZ1cJPc8P4RVjpin4cLmbHnJG3UWwlmI7WnzgOjZGen
0jqfcsIfUnxGStZoHyXPQjQjLtcBWiYdon0XydJwW0gTr47+lJJJSVp2elbFAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUqOlU7hFbQ8IRCbKTXfuWWKzQ+hEwHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM2
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzczNTMxMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADVi0UwDQYJKoZIhvcNAQELBQADggEBAFSuolmtv338Vgj44CGjE+okSHzKMWk6
GFudtsp8t/XTg+DTTC1a4OJgP995EBAoebX2k6mU6gW0jwwn4LUG71htn8fZyKsG
wGqcwyIhdO6rygKc6Vad+EBbkZ3pN0GStgHQZY1CQNGeSBr9NM9Fvb0LLWh/d575
0xRaHmFiO6G0yfwymuwDAiK3n9XjtLEVCQwJFoLDHPcEXLobyZqfXWqU/oApLFeX
7saAVy5arI8hm66Y+uhc+QObzQ6Lb4oQMAxbswctf9MhHhftRsWloZkPvUSxB3jC
94T58ThcbWPIyxDuX8EmaOUDSPzWaLlUjL+N6JHDIVeoLkV6BMzbGls=
-----END CERTIFICATE-----
Generated at Wed Apr 9 00:12:40 2025 by rpki-client