Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37322e302f32342d3234203d3e203230383630.roa
File: 3231332e3133392e37322e302f32342d3234203d3e203230383630.roa (raw, json)
Hash identifier: NjWmld7in/C2wyn6DXt7Xnv7mQPq1jiHpZcTZuGeBQ0=
Subject key identifier: 1C:56:D8:89:15:20:3F:9A:84:67:75:3A:06:D3:92:A1:73:0C:3B:E7
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 4DEBDB657EB87A45D707AFF736401E9B253A6D66
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37322e302f32342d3234203d3e203230383630.roa
Signing time: Tue 21 Jan 2025 16:53:51 +0000
ROA not before: Tue 21 Jan 2025 16:48:51 +0000
ROA not after: Tue 20 Jan 2026 16:53:51 +0000
asID: 20860
IP address blocks: 213.139.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:eb:db:65:7e:b8:7a:45:d7:07:af:f7:36:40:1e:9b:25:3a:6d:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Jan 21 16:48:51 2025 GMT
Not After : Jan 20 16:53:51 2026 GMT
Subject: CN=1C56D88915203F9A8467753A06D392A1730C3BE7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:66:0c:9a:44:8a:62:35:d9:17:25:f2:30:bf:
25:b9:5f:1e:a8:0d:68:03:ac:37:8e:68:20:a0:0e:
c7:b5:f3:61:67:e7:af:34:6c:ec:0c:b8:81:3b:2b:
ca:f0:42:ae:57:fb:b6:29:0f:94:55:cc:ac:57:04:
2c:9d:39:fc:cd:cf:b1:d6:af:71:43:59:9a:92:a9:
6e:e5:f7:d8:00:24:16:c6:ec:6a:36:6f:ec:e1:a0:
29:2f:e5:c6:69:3b:d1:57:f3:a3:88:bd:44:f0:99:
ec:9c:65:bd:ad:9e:65:5b:0b:8a:90:6e:ea:cc:fb:
bc:63:fe:be:c7:6d:a3:cc:97:61:d4:53:fa:a7:10:
3c:5e:df:39:03:0f:2e:b1:a6:73:81:d8:0f:53:3a:
16:91:6a:13:51:db:ab:fc:e7:c3:4e:f0:f4:d0:9a:
fb:bf:ca:a0:d8:e4:cd:20:75:14:bd:d2:97:86:1c:
ea:e1:8a:d0:e9:16:95:22:62:57:f3:3c:6d:74:58:
e2:35:95:2b:1d:32:a6:28:5e:21:e2:16:8b:4b:d3:
60:2d:dd:bd:8f:67:09:26:38:ed:8b:88:22:c9:71:
51:57:51:90:88:2c:8e:af:b9:a7:05:82:e4:8e:b2:
09:9e:56:b0:5d:bb:55:fc:8e:e1:c2:bd:24:38:80:
0f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:56:D8:89:15:20:3F:9A:84:67:75:3A:06:D3:92:A1:73:0C:3B:E7
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37322e302f32342d3234203d3e203230383630.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.72.0/24
Signature Algorithm: sha256WithRSAEncryption
13:cb:53:d3:48:28:ea:5c:cd:43:5a:55:57:92:f4:57:db:4c:
9d:b5:2f:61:fa:7d:21:13:67:9a:ef:44:95:ec:49:ba:d3:ee:
3d:80:c2:52:f9:ba:f8:12:6f:ea:04:c9:07:e5:59:46:7a:08:
68:ee:0a:b8:37:45:34:ac:94:99:10:28:e6:a4:a7:f9:f6:32:
60:cc:ef:d6:81:c8:96:5b:4c:2c:9d:9f:8f:e4:e2:2e:54:62:
36:1b:84:d1:b1:dc:a5:a6:29:d7:8e:c6:41:33:2a:96:b7:be:
18:65:c7:f6:a5:3e:63:e2:8d:64:f5:0b:f1:30:9d:8f:21:49:
c3:b2:53:8b:e7:2b:3e:54:cf:40:80:d1:39:45:dc:e4:7e:13:
72:3c:59:5e:5c:9a:e6:3f:d4:21:8e:f6:ba:fc:46:a4:e1:f5:
64:da:ab:30:25:33:ff:80:05:5c:a2:cb:6d:d8:07:0a:8a:01:
7c:ee:11:de:78:05:51:60:3e:39:3b:55:98:32:52:73:de:56:
54:5a:b1:bd:8b:a0:b1:21:71:39:48:e8:d3:e2:75:aa:04:c4:
f6:0b:a8:e5:9b:10:4a:48:30:3f:d2:0f:56:9a:0b:f4:9c:bd:
fd:01:5c:aa:0d:9f:5d:92:a5:85:94:9a:67:af:33:94:bc:40:
85:3b:dd:c0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUTevbZX64ekXXB6/3NkAemyU6bWYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNTAxMjExNjQ4NTFaFw0yNjAxMjAxNjUzNTFaMDMxMTAvBgNV
BAMTKDFDNTZEODg5MTUyMDNGOUE4NDY3NzUzQTA2RDM5MkExNzMwQzNCRTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD0ZgyaRIpiNdkXJfIwvyW5Xx6o
DWgDrDeOaCCgDse182Fn5680bOwMuIE7K8rwQq5X+7YpD5RVzKxXBCydOfzNz7HW
r3FDWZqSqW7l99gAJBbG7Go2b+zhoCkv5cZpO9FX86OIvUTwmeycZb2tnmVbC4qQ
burM+7xj/r7HbaPMl2HUU/qnEDxe3zkDDy6xpnOB2A9TOhaRahNR26v858NO8PTQ
mvu/yqDY5M0gdRS90peGHOrhitDpFpUiYlfzPG10WOI1lSsdMqYoXiHiFotL02At
3b2PZwkmOO2LiCLJcVFXUZCILI6vuacFguSOsgmeVrBdu1X8juHCvSQ4gA9hAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUHFbYiRUgP5qEZ3U6BtOSoXMMO+cwHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM3
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzgzNjMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1YtIMA0GCSqGSIb3DQEBCwUAA4IBAQATy1PTSCjqXM1DWlVXkvRX20ydtS9h+n0h
E2ea70SV7Em60+49gMJS+br4Em/qBMkH5VlGegho7gq4N0U0rJSZECjmpKf59jJg
zO/WgciWW0wsnZ+P5OIuVGI2G4TRsdylpinXjsZBMyqWt74YZcf2pT5j4o1k9Qvx
MJ2PIUnDslOL5ys+VM9AgNE5RdzkfhNyPFleXJrmP9Qhjva6/Eak4fVk2qswJTP/
gAVcostt2AcKigF87hHeeAVRYD45O1WYMlJz3lZUWrG9i6CxIXE5SOjT4nWqBMT2
C6jlmxBKSDA/0g9Wmgv0nL39AVyqDZ9dkqWFlJpnrzOUvECFO93A
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:33:45 2025 by rpki-client