Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37372e302f32342d3234203d3e20333938323536.roa
File: 3231332e3133392e37372e302f32342d3234203d3e20333938323536.roa (raw, json)
Hash identifier: g5+HgQMNB/UTKle+EeYcVpTadpH8hfCczM0Xj65Mm/0=
Subject key identifier: 79:0B:0B:11:CF:DA:CD:BD:48:72:A3:C7:9B:91:47:BA:6F:59:CC:D2
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 4B9A418163302F624292E36D3A013F06F53CE7DC
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37372e302f32342d3234203d3e20333938323536.roa
Signing time: Thu 22 May 2025 21:12:54 +0000
ROA not before: Thu 22 May 2025 21:07:54 +0000
ROA not after: Thu 21 May 2026 21:12:54 +0000
asID: 398256
IP address blocks: 213.139.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 22:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:9a:41:81:63:30:2f:62:42:92:e3:6d:3a:01:3f:06:f5:3c:e7:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: May 22 21:07:54 2025 GMT
Not After : May 21 21:12:54 2026 GMT
Subject: CN=790B0B11CFDACDBD4872A3C79B9147BA6F59CCD2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e9:ea:18:d4:03:c9:1b:53:09:25:a1:1c:f0:
fa:a6:a1:55:f3:3e:51:56:33:b2:e0:6e:aa:c9:2f:
21:1d:da:71:03:67:da:43:9e:3c:81:59:cb:12:3c:
c0:ff:82:b1:5f:ba:67:a6:01:88:f8:f4:ec:f6:74:
39:ca:5e:48:ea:60:41:31:8b:63:96:31:7b:d9:1b:
ec:e6:61:81:0d:07:8f:19:9f:30:0f:f1:9d:44:38:
ce:5e:4e:52:f5:de:9f:fd:e7:0a:91:87:b5:ba:07:
3d:c9:c9:8d:3a:cc:a7:8e:23:6e:b2:a4:ae:4f:89:
c8:77:3b:eb:df:d2:fc:1c:6f:30:ba:80:57:a7:09:
25:b9:1a:5c:10:5c:c4:b7:e0:7e:b3:f7:8b:0e:12:
10:66:26:53:26:83:af:ff:20:23:8f:ee:b3:42:39:
70:a7:26:9c:46:1c:68:b7:fb:a1:10:51:e5:5b:dc:
a4:96:3f:87:5d:8c:aa:3e:53:14:eb:5f:47:96:58:
18:91:ee:e6:b8:7b:b3:52:33:74:9d:fa:ad:c1:9b:
4e:b9:d7:91:c6:22:ac:43:fc:0a:c2:4f:31:1d:84:
7c:08:a3:d3:2f:05:6d:68:a5:89:8d:67:6a:12:11:
d8:3d:82:88:1f:a2:89:72:09:85:c3:8c:fe:4e:06:
a4:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:0B:0B:11:CF:DA:CD:BD:48:72:A3:C7:9B:91:47:BA:6F:59:CC:D2
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37372e302f32342d3234203d3e20333938323536.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.77.0/24
Signature Algorithm: sha256WithRSAEncryption
59:ef:50:e9:e4:1e:c1:a3:44:ab:54:f2:7f:93:b3:6c:9a:29:
08:19:80:76:e0:36:e1:4d:6e:df:6f:c9:d5:32:97:30:76:4c:
69:c6:22:00:4f:99:a4:78:54:80:20:2f:fc:c2:bf:b2:08:18:
43:81:7a:c9:77:6d:7a:40:7d:ef:43:25:73:80:81:87:24:15:
75:65:f3:b6:6d:49:8e:d7:16:85:6f:cf:f3:07:ab:36:37:08:
2d:1a:be:67:69:42:3a:e8:4c:bc:ea:8a:7f:f5:96:38:8d:6e:
5e:9d:60:3f:97:11:6d:bb:51:79:63:9a:20:99:e8:15:a6:95:
ac:fd:e2:df:9f:de:5a:d5:fc:03:f4:7a:ab:1c:5f:4e:c7:6b:
f0:f2:14:08:36:b9:4a:77:00:22:96:cf:6c:10:9d:01:63:7f:
f9:eb:85:26:27:bf:e8:b5:d7:5c:57:2a:94:64:3b:80:bf:91:
28:8d:cd:d1:06:23:5f:a6:a6:06:26:cf:b8:d8:78:42:6e:b9:
7c:c5:d0:1f:b2:0b:cf:90:a9:59:24:15:4c:cf:46:e6:b6:e2:
3a:f8:88:a3:02:79:94:44:9e:10:e2:ea:97:af:8f:9e:49:66:
c8:05:c7:8c:14:de:a3:98:42:30:5a:87:46:3d:81:9b:65:37:
48:f3:20:5c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUS5pBgWMwL2JCkuNtOgE/BvU859wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNTA1MjIyMTA3NTRaFw0yNjA1MjEyMTEyNTRaMDMxMTAvBgNV
BAMTKDc5MEIwQjExQ0ZEQUNEQkQ0ODcyQTNDNzlCOTE0N0JBNkY1OUNDRDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDR6eoY1APJG1MJJaEc8PqmoVXz
PlFWM7LgbqrJLyEd2nEDZ9pDnjyBWcsSPMD/grFfumemAYj49Oz2dDnKXkjqYEEx
i2OWMXvZG+zmYYENB48ZnzAP8Z1EOM5eTlL13p/95wqRh7W6Bz3JyY06zKeOI26y
pK5Pich3O+vf0vwcbzC6gFenCSW5GlwQXMS34H6z94sOEhBmJlMmg6//ICOP7rNC
OXCnJpxGHGi3+6EQUeVb3KSWP4ddjKo+UxTrX0eWWBiR7ua4e7NSM3Sd+q3Bm065
15HGIqxD/ArCTzEdhHwIo9MvBW1opYmNZ2oSEdg9gogfoolyCYXDjP5OBqRXAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUeQsLEc/azb1IcqPHm5FHum9ZzNIwHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM3
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzgzMjM1MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADVi00wDQYJKoZIhvcNAQELBQADggEBAFnvUOnkHsGjRKtU8n+Ts2yaKQgZgHbg
NuFNbt9vydUylzB2TGnGIgBPmaR4VIAgL/zCv7IIGEOBesl3bXpAfe9DJXOAgYck
FXVl87ZtSY7XFoVvz/MHqzY3CC0avmdpQjroTLzqin/1ljiNbl6dYD+XEW27UXlj
miCZ6BWmlaz94t+f3lrV/AP0eqscX07Ha/DyFAg2uUp3ACKWz2wQnQFjf/nrhSYn
v+i111xXKpRkO4C/kSiNzdEGI1+mpgYmz7jYeEJuuXzF0B+yC8+QqVkkFUzPRua2
4jr4iKMCeZREnhDi6pevj55JZsgFx4wU3qOYQjBah0Y9gZtlN0jzIFw=
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:14:03 2025 by rpki-client