Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37362e302f32342d3234203d3e20323132333834.roa
File: 3231332e3133392e37362e302f32342d3234203d3e20323132333834.roa (raw, json)
Hash identifier: M5KJEFx6ngzgWcWaswPQRo9lko/DzsisbWDI/JPapI0=
Subject key identifier: 70:F8:F4:D8:DB:49:98:DB:8F:74:AE:A5:96:DE:93:B9:50:C1:B7:56
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 3CE84EBE32582E44E6C0F2BB58028E2316ABD733
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37362e302f32342d3234203d3e20323132333834.roa
Signing time: Thu 06 Feb 2025 07:53:53 +0000
ROA not before: Thu 06 Feb 2025 07:48:53 +0000
ROA not after: Thu 05 Feb 2026 07:53:53 +0000
asID: 212384
IP address blocks: 213.139.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:e8:4e:be:32:58:2e:44:e6:c0:f2:bb:58:02:8e:23:16:ab:d7:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Feb 6 07:48:53 2025 GMT
Not After : Feb 5 07:53:53 2026 GMT
Subject: CN=70F8F4D8DB4998DB8F74AEA596DE93B950C1B756
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a6:77:03:db:d5:3b:2f:38:ab:a0:67:51:01:
2f:99:8d:7d:bd:7a:96:c9:88:c2:25:75:92:a1:f4:
56:0f:4f:3e:24:e3:f1:9c:fe:6f:67:5c:0a:8b:3d:
22:10:b9:9b:17:b1:92:32:a5:d3:e9:ee:a8:d7:3c:
0d:17:0d:23:16:89:8f:ab:b6:0b:30:82:a2:ca:59:
69:66:7d:f0:a9:b8:e6:76:af:83:2e:7a:8d:30:d9:
21:5f:28:bf:b7:b7:df:d7:ff:19:34:01:f2:58:23:
16:68:6f:13:9f:9d:45:f5:e5:86:eb:2a:4b:1a:a9:
60:39:a7:09:04:60:bf:3a:b4:ed:a5:c3:e0:a1:fa:
78:79:db:ae:15:6f:f8:d4:86:0f:dd:93:28:a9:42:
40:f2:2f:fc:b8:fb:75:9c:99:8f:66:01:71:a3:57:
58:70:38:5b:09:51:45:ca:e2:cd:e5:71:bc:6d:57:
80:82:68:48:af:0e:8e:7a:70:b7:04:6c:2a:03:d0:
66:e8:28:c8:24:a8:f8:7d:b6:89:3c:5e:a3:fe:48:
8c:ae:4f:c6:6d:cc:7e:24:e6:fb:ce:7c:d9:5c:94:
ba:d5:65:b5:cd:c2:de:e9:b6:0c:9e:83:61:03:c6:
2c:6f:b4:cb:87:e8:fc:40:b8:d3:d2:34:2e:89:9e:
41:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:F8:F4:D8:DB:49:98:DB:8F:74:AE:A5:96:DE:93:B9:50:C1:B7:56
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37362e302f32342d3234203d3e20323132333834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.76.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:f7:8b:cc:75:60:ca:c1:83:92:32:0f:74:ae:70:0c:50:ca:
7a:a4:9b:bb:e9:83:aa:26:82:a8:68:36:62:93:c9:48:09:12:
3e:4a:b6:b9:f1:12:28:c5:bf:ed:a0:88:63:6a:a4:9e:a8:6c:
a4:8a:10:4b:b3:ad:99:f5:99:a8:01:0a:c9:50:42:cb:af:de:
51:22:ac:4e:0a:97:4e:c7:a0:f3:77:ae:fb:6a:42:ee:3f:3d:
3c:e3:43:6b:de:36:8c:82:f0:6d:63:e7:5f:33:53:c4:02:62:
c4:50:5a:28:ef:8a:87:ab:39:10:69:7e:9a:8d:44:80:cd:2a:
37:5c:e7:58:43:52:9f:ea:19:d1:dc:33:5f:fd:03:b6:72:f0:
e9:2c:4b:d3:96:6e:55:6a:68:1c:f1:e5:9d:be:af:5e:6f:19:
c8:d7:93:d7:07:0e:d4:e4:e0:1e:36:47:17:68:77:c1:fa:0c:
3a:75:36:e3:1a:30:e0:d2:f2:00:26:89:82:d1:69:b2:3a:d0:
20:c7:0c:9b:3d:62:31:d4:ae:ab:ab:50:d3:8f:36:ce:51:ab:
7e:b9:21:c1:1d:ef:49:16:8a:c7:53:0a:b9:41:ae:dc:fc:90:
59:bb:65:6d:c7:b1:e1:09:b9:e8:f0:f2:6d:07:8b:1f:7a:11:
7a:6a:3e:54
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUPOhOvjJYLkTmwPK7WAKOIxar1zMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNTAyMDYwNzQ4NTNaFw0yNjAyMDUwNzUzNTNaMDMxMTAvBgNV
BAMTKDcwRjhGNEQ4REI0OTk4REI4Rjc0QUVBNTk2REU5M0I5NTBDMUI3NTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZpncD29U7LziroGdRAS+ZjX29
epbJiMIldZKh9FYPTz4k4/Gc/m9nXAqLPSIQuZsXsZIypdPp7qjXPA0XDSMWiY+r
tgswgqLKWWlmffCpuOZ2r4Mueo0w2SFfKL+3t9/X/xk0AfJYIxZobxOfnUX15Ybr
KksaqWA5pwkEYL86tO2lw+Ch+nh5264Vb/jUhg/dkyipQkDyL/y4+3WcmY9mAXGj
V1hwOFsJUUXK4s3lcbxtV4CCaEivDo56cLcEbCoD0GboKMgkqPh9tok8XqP+SIyu
T8ZtzH4k5vvOfNlclLrVZbXNwt7ptgyeg2EDxixvtMuH6PxAuNPSNC6JnkFPAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUcPj02NtJmNuPdK6llt6TuVDBt1YwHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM3
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMzM4MzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADVi0wwDQYJKoZIhvcNAQELBQADggEBADv3i8x1YMrBg5IyD3SucAxQynqkm7vp
g6omgqhoNmKTyUgJEj5KtrnxEijFv+2giGNqpJ6obKSKEEuzrZn1magBCslQQsuv
3lEirE4Kl07HoPN3rvtqQu4/PTzjQ2veNoyC8G1j518zU8QCYsRQWijvioerORBp
fpqNRIDNKjdc51hDUp/qGdHcM1/9A7Zy8OksS9OWblVqaBzx5Z2+r15vGcjXk9cH
DtTk4B42Rxdod8H6DDp1NuMaMODS8gAmiYLRabI60CDHDJs9YjHUrqurUNOPNs5R
q365IcEd70kWisdTCrlBrtz8kFm7ZW3HseEJuejw8m0Hix96EXpqPlQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:30:04 2025 by rpki-client