Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/3133392e32382e32352e302f32342d3234203d3e20323030303137.roa
File: 3133392e32382e32352e302f32342d3234203d3e20323030303137.roa (raw, json)
Hash identifier: KTt7IBC5OKuP6muE0/6zCxuIwEkqcnypdMUhBFAyx18=
Subject key identifier: B4:2E:4F:4D:E9:AF:63:3B:6D:BB:48:2B:6E:E6:4D:EB:D0:44:68:5D
Certificate issuer: /CN=637fd1ba3fed44454d6d7030247709d28db3491a
Certificate serial: 532039DAF439FDB6F103070D446EABFAEBDF517C
Authority key identifier: 63:7F:D1:BA:3F:ED:44:45:4D:6D:70:30:24:77:09:D2:8D:B3:49:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y3_Ruj_tREVNbXAwJHcJ0o2zSRo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/3133392e32382e32352e302f32342d3234203d3e20323030303137.roa
Signing time: Tue 27 May 2025 08:01:07 +0000
ROA not before: Tue 27 May 2025 07:56:07 +0000
ROA not after: Tue 26 May 2026 08:01:07 +0000
asID: 200017
IP address blocks: 139.28.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/637FD1BA3FED44454D6D7030247709D28DB3491A.crl
rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/637FD1BA3FED44454D6D7030247709D28DB3491A.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y3_Ruj_tREVNbXAwJHcJ0o2zSRo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 20:42:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:20:39:da:f4:39:fd:b6:f1:03:07:0d:44:6e:ab:fa:eb:df:51:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=637fd1ba3fed44454d6d7030247709d28db3491a
Validity
Not Before: May 27 07:56:07 2025 GMT
Not After : May 26 08:01:07 2026 GMT
Subject: CN=B42E4F4DE9AF633B6DBB482B6EE64DEBD044685D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:7e:f3:72:e1:db:8d:20:f3:fa:61:4a:d2:e6:
d9:f4:26:7a:e2:fd:66:a3:ba:73:0a:f2:93:53:ce:
bd:60:12:25:ed:5d:f6:c7:3b:7e:be:a7:2d:11:25:
4c:4e:11:72:e5:97:1c:92:79:2b:38:d9:1b:22:31:
46:b9:49:f6:ad:be:02:62:11:2b:6e:ff:d8:8d:8a:
ef:12:45:e5:a6:33:88:ed:08:da:94:e2:2e:83:a6:
c0:0f:dd:d4:dd:5d:96:d1:34:f2:da:7f:e1:0d:fb:
36:4c:20:35:9d:97:f7:54:f2:d2:5a:88:16:ee:6e:
9e:89:08:27:a1:f3:93:4f:29:d6:98:a6:64:ef:5a:
c8:90:2f:b5:46:14:7a:42:c7:41:2e:34:7e:ca:fe:
0c:46:ac:a5:b4:54:17:25:16:ad:ec:ee:c4:07:a1:
eb:3b:36:b4:79:d4:9f:57:4e:3d:6a:69:9a:00:f5:
ec:6d:3c:a3:b7:04:75:0c:02:0e:b9:cc:5d:0d:20:
f9:67:fc:8c:b6:94:48:0f:ce:66:97:43:4f:f3:5c:
05:f0:7c:c1:75:4e:35:d4:e8:a1:bd:46:f7:ce:e7:
22:ea:a9:a9:01:90:49:5a:14:2e:22:d5:2c:03:58:
91:a4:d3:d3:0f:e8:76:1d:3d:20:d5:11:a3:54:36:
c8:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:2E:4F:4D:E9:AF:63:3B:6D:BB:48:2B:6E:E6:4D:EB:D0:44:68:5D
X509v3 Authority Key Identifier:
keyid:63:7F:D1:BA:3F:ED:44:45:4D:6D:70:30:24:77:09:D2:8D:B3:49:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/637FD1BA3FED44454D6D7030247709D28DB3491A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y3_Ruj_tREVNbXAwJHcJ0o2zSRo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/3133392e32382e32352e302f32342d3234203d3e20323030303137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.25.0/24
Signature Algorithm: sha256WithRSAEncryption
30:ae:7b:2e:f7:c1:b8:00:67:2f:e7:a7:9a:41:f8:df:fc:43:
21:53:88:9c:80:c9:ae:5f:da:bb:69:53:47:7e:7a:22:4d:c9:
26:b8:13:4b:51:ae:c7:03:ca:c4:02:af:04:fd:db:fb:2a:b1:
37:8f:69:0d:95:32:c3:f6:a9:6c:5f:80:d5:35:3f:6a:2b:99:
60:1f:29:b4:29:47:d9:d9:42:70:e3:c6:a4:1a:76:7c:55:42:
c2:94:ae:61:33:2d:26:e1:26:cf:c0:41:04:c7:ee:24:4b:3f:
21:f9:b3:7f:7d:9b:60:ac:52:5d:9e:87:89:64:68:13:68:3e:
da:15:ea:ac:03:65:3b:c2:77:53:28:68:14:a1:4d:45:9d:2e:
62:b9:fb:64:92:5a:67:64:14:69:36:5d:47:2e:1e:b1:a9:22:
18:c1:78:12:e0:a2:71:da:c9:9f:58:ea:0d:c3:c3:67:5a:e0:
11:39:f1:fb:0a:97:a5:1e:77:53:a7:78:c5:a4:5b:5c:d6:98:
a7:c3:3d:e8:43:f7:e1:c4:42:08:47:14:ca:b1:bb:16:6a:83:
f3:e4:22:78:8e:c8:cd:98:0e:5d:85:5b:04:73:ba:1e:94:78:
a1:6e:8c:75:9c:bd:8b:2b:30:90:fb:4e:2b:a5:62:d8:e9:75:
10:7f:49:0a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUUyA52vQ5/bbxAwcNRG6r+uvfUXwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM3ZmQxYmEzZmVkNDQ0NTRkNmQ3MDMwMjQ3NzA5ZDI4
ZGIzNDkxYTAeFw0yNTA1MjcwNzU2MDdaFw0yNjA1MjYwODAxMDdaMDMxMTAvBgNV
BAMTKEI0MkU0RjRERTlBRjYzM0I2REJCNDgyQjZFRTY0REVCRDA0NDY4NUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCfvNy4duNIPP6YUrS5tn0Jnri
/WajunMK8pNTzr1gEiXtXfbHO36+py0RJUxOEXLllxySeSs42RsiMUa5SfatvgJi
EStu/9iNiu8SReWmM4jtCNqU4i6DpsAP3dTdXZbRNPLaf+EN+zZMIDWdl/dU8tJa
iBbubp6JCCeh85NPKdaYpmTvWsiQL7VGFHpCx0EuNH7K/gxGrKW0VBclFq3s7sQH
oes7NrR51J9XTj1qaZoA9extPKO3BHUMAg65zF0NIPln/Iy2lEgPzmaXQ0/zXAXw
fMF1TjXU6KG9RvfO5yLqqakBkElaFC4i1SwDWJGk09MP6HYdPSDVEaNUNsg/AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUtC5PTemvYzttu0grbuZN69BEaF0wHwYDVR0j
BBgwFoAUY3/Ruj/tREVNbXAwJHcJ0o2zSRowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTk0ZGY3MTQtZDM3ZC00OTQyLThlOTQtOTFkZDg1M2Vm
N2UzLzAvNjM3RkQxQkEzRkVENDQ0NTRENkQ3MDMwMjQ3NzA5RDI4REIzNDkxQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1kzX1J1al90UkVWTmJYQXdKSGNKMG8y
elNSby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTk0ZGY3MTQt
ZDM3ZC00OTQyLThlOTQtOTFkZDg1M2VmN2UzLzAvMzEzMzM5MmUzMjM4MmUzMjM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMwMzAzMTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ixwZMA0GCSqGSIb3DQEBCwUAA4IBAQAwrnsu98G4AGcv56eaQfjf/EMhU4icgMmu
X9q7aVNHfnoiTckmuBNLUa7HA8rEAq8E/dv7KrE3j2kNlTLD9qlsX4DVNT9qK5lg
Hym0KUfZ2UJw48akGnZ8VULClK5hMy0m4SbPwEEEx+4kSz8h+bN/fZtgrFJdnoeJ
ZGgTaD7aFeqsA2U7wndTKGgUoU1FnS5iuftkklpnZBRpNl1HLh6xqSIYwXgS4KJx
2smfWOoNw8NnWuAROfH7CpelHndTp3jFpFtc1pinwz3oQ/fhxEIIRxTKsbsWaoPz
5CJ4jsjNmA5dhVsEc7oelHihbox1nL2LKzCQ+04rpWLY6XUQf0kK
-----END CERTIFICATE-----
Generated at Fri Jun 6 06:45:17 2025 by rpki-client