Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/3231332e3135372e3132322e302f32342d3234203d3e2039333034.roa
File: 3231332e3135372e3132322e302f32342d3234203d3e2039333034.roa (raw, json)
Hash identifier: aUvc4UTsIU7R0m9dsnmxWesOTPr9WQo6/RshJ5X0hb4=
Subject key identifier: 5F:D2:6F:51:3A:1C:1D:36:CC:60:6F:96:E7:EE:7A:F4:5C:59:76:B0
Certificate issuer: /CN=8184669b0189b7fabe05e700325a0d74957beb27
Certificate serial: 0634E0FA8540E8435D487DC19346C606B9C887D0
Authority key identifier: 81:84:66:9B:01:89:B7:FA:BE:05:E7:00:32:5A:0D:74:95:7B:EB:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gYRmmwGJt_q-BecAMloNdJV76yc.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/3231332e3135372e3132322e302f32342d3234203d3e2039333034.roa
Signing time: Mon 02 Jun 2025 16:10:36 +0000
ROA not before: Mon 02 Jun 2025 16:05:36 +0000
ROA not after: Mon 01 Jun 2026 16:10:36 +0000
asID: 9304
IP address blocks: 213.157.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/8184669B0189B7FABE05E700325A0D74957BEB27.crl
rsync://rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/8184669B0189B7FABE05E700325A0D74957BEB27.mft
rsync://rpki.ripe.net/repository/DEFAULT/gYRmmwGJt_q-BecAMloNdJV76yc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:34:e0:fa:85:40:e8:43:5d:48:7d:c1:93:46:c6:06:b9:c8:87:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8184669b0189b7fabe05e700325a0d74957beb27
Validity
Not Before: Jun 2 16:05:36 2025 GMT
Not After : Jun 1 16:10:36 2026 GMT
Subject: CN=5FD26F513A1C1D36CC606F96E7EE7AF45C5976B0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:62:72:4e:e1:80:98:55:85:4d:1e:17:88:09:
01:e8:3e:08:76:ab:b8:2b:36:e5:ec:fc:50:e8:d5:
92:68:e4:5e:97:d4:2f:72:9d:fa:0e:26:83:90:3a:
4f:9b:10:86:23:0c:df:f5:d0:d3:82:0c:3a:94:20:
48:92:e6:da:1f:5c:11:e2:d3:df:c8:f6:e4:c1:82:
4e:84:a0:34:76:82:88:40:11:dc:47:8b:d4:5c:9e:
33:b0:8a:65:ce:0e:d3:eb:ec:b4:a8:a7:6c:dc:ca:
f9:fb:ed:02:dc:01:fe:f2:13:29:77:62:1c:68:f1:
01:0d:95:33:d5:5d:df:e2:53:73:44:61:d0:44:3c:
dd:88:bd:7f:bd:c5:ef:7b:e5:60:27:8d:40:04:52:
94:59:4d:4a:a1:89:11:fc:6e:d6:4f:e6:e3:1d:e0:
bd:14:50:99:9e:0f:f0:f5:4f:4d:b7:90:ee:56:85:
bd:6e:cf:ab:e3:79:8a:7b:a0:95:ed:16:99:15:b3:
4c:50:f5:de:63:5d:fc:5b:8a:07:de:1e:73:d8:60:
3e:80:cf:9d:a1:24:ba:00:3e:67:54:58:0b:ab:9c:
85:6b:a5:44:37:07:fe:67:89:f9:6c:78:fc:c4:dd:
22:ab:5b:74:7b:77:a0:69:2f:6e:b0:a4:aa:49:00:
fe:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:D2:6F:51:3A:1C:1D:36:CC:60:6F:96:E7:EE:7A:F4:5C:59:76:B0
X509v3 Authority Key Identifier:
keyid:81:84:66:9B:01:89:B7:FA:BE:05:E7:00:32:5A:0D:74:95:7B:EB:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/8184669B0189B7FABE05E700325A0D74957BEB27.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gYRmmwGJt_q-BecAMloNdJV76yc.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/3231332e3135372e3132322e302f32342d3234203d3e2039333034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.157.122.0/24
Signature Algorithm: sha256WithRSAEncryption
29:e0:bb:42:a4:20:00:be:e9:e6:75:2f:0f:90:78:65:ea:3a:
1b:40:1a:24:6f:0c:6b:e9:7d:f1:b9:65:a4:38:50:07:c0:52:
1c:8a:ba:2b:36:ee:44:cd:cc:5d:e3:1a:4e:04:61:e3:03:f2:
e1:99:9a:b0:62:48:d5:02:eb:8f:22:2f:80:22:03:f4:c0:50:
03:03:63:f5:e4:8f:db:41:c7:00:dc:f6:a7:6c:b3:6a:b6:38:
ec:9a:3a:68:fb:b2:14:dd:25:6b:3c:09:54:a4:a4:a1:70:dd:
a8:8b:fe:5f:7e:76:d2:c5:f3:b6:bd:18:b2:30:03:5f:91:ee:
f9:6c:12:df:5d:89:f1:bc:5b:6e:da:4c:72:c6:03:b1:e5:31:
51:15:84:b5:d7:f8:88:67:05:84:c9:ec:23:5e:1c:bf:f5:21:
4c:44:76:5e:72:cf:db:99:5a:77:56:7e:1d:e0:8b:16:00:9c:
6b:12:96:19:4a:e7:be:5e:b9:86:44:33:37:55:11:50:56:a2:
18:1e:51:c5:70:04:e4:0b:34:cd:c9:ff:07:46:40:0d:7e:75:
f7:ab:eb:21:d8:ba:b4:ae:f1:fa:f7:96:20:9d:cd:db:02:78:
c8:f6:27:7c:d2:d8:64:ce:3d:52:aa:4c:6e:b2:b8:0b:3f:9e:
54:a1:c5:a8
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUBjTg+oVA6ENdSH3Bk0bGBrnIh9AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODE4NDY2OWIwMTg5YjdmYWJlMDVlNzAwMzI1YTBkNzQ5
NTdiZWIyNzAeFw0yNTA2MDIxNjA1MzZaFw0yNjA2MDExNjEwMzZaMDMxMTAvBgNV
BAMTKDVGRDI2RjUxM0ExQzFEMzZDQzYwNkY5NkU3RUU3QUY0NUM1OTc2QjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwYnJO4YCYVYVNHheICQHoPgh2
q7grNuXs/FDo1ZJo5F6X1C9ynfoOJoOQOk+bEIYjDN/10NOCDDqUIEiS5tofXBHi
09/I9uTBgk6EoDR2gohAEdxHi9RcnjOwimXODtPr7LSop2zcyvn77QLcAf7yEyl3
Yhxo8QENlTPVXd/iU3NEYdBEPN2IvX+9xe975WAnjUAEUpRZTUqhiRH8btZP5uMd
4L0UUJmeD/D1T023kO5Whb1uz6vjeYp7oJXtFpkVs0xQ9d5jXfxbigfeHnPYYD6A
z52hJLoAPmdUWAurnIVrpUQ3B/5niflsePzE3SKrW3R7d6BpL26wpKpJAP43AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUX9JvUTocHTbMYG+W5+569FxZdrAwHwYDVR0j
BBgwFoAUgYRmmwGJt/q+BecAMloNdJV76ycwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTQzMWU0MmUtMGQ3Zi00NGQwLTgxM2YtYjVlM2EyYWJi
ZTI1LzAvODE4NDY2OUIwMTg5QjdGQUJFMDVFNzAwMzI1QTBENzQ5NTdCRUIyNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2dZUm1td0dKdF9xLUJlY0FNbG9OZEpW
NzZ5Yy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTQzMWU0MmUt
MGQ3Zi00NGQwLTgxM2YtYjVlM2EyYWJiZTI1LzAvMzIzMTMzMmUzMTM1MzcyZTMx
MzIzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM5MzMzMDM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1Z16MA0GCSqGSIb3DQEBCwUAA4IBAQAp4LtCpCAAvunmdS8PkHhl6jobQBokbwxr
6X3xuWWkOFAHwFIcirorNu5Ezcxd4xpOBGHjA/LhmZqwYkjVAuuPIi+AIgP0wFAD
A2P15I/bQccA3PanbLNqtjjsmjpo+7IU3SVrPAlUpKShcN2oi/5ffnbSxfO2vRiy
MANfke75bBLfXYnxvFtu2kxyxgOx5TFRFYS11/iIZwWEyewjXhy/9SFMRHZecs/b
mVp3Vn4d4IsWAJxrEpYZSue+XrmGRDM3VRFQVqIYHlHFcATkCzTNyf8HRkANfnX3
q+sh2Lq0rvH695Ygnc3bAnjI9id80thkzj1SqkxusrgLP55UocWo
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:16:01 2025 by rpki-client