Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/3139342e3132342e3233342e302f32342d3234203d3e203534333339.roa
File: 3139342e3132342e3233342e302f32342d3234203d3e203534333339.roa (raw, json)
Hash identifier: wdUsagydvVBIUao6PJHWRop4oPMEKXc9pJyNsG4SW9o=
Subject key identifier: 90:AD:38:21:67:48:1D:71:0F:3D:DA:E5:AD:24:33:FE:E9:AE:8E:F8
Certificate issuer: /CN=cb29a77669df5a7a5cb506d839ee8aa4337ccaac
Certificate serial: 7E65D2C4D0FB9ECB6C34AF5B627C28CE1E524D29
Authority key identifier: CB:29:A7:76:69:DF:5A:7A:5C:B5:06:D8:39:EE:8A:A4:33:7C:CA:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yymndmnfWnpctQbYOe6KpDN8yqw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/3139342e3132342e3233342e302f32342d3234203d3e203534333339.roa
Signing time: Mon 31 Mar 2025 05:59:50 +0000
ROA not before: Mon 31 Mar 2025 05:54:50 +0000
ROA not after: Mon 30 Mar 2026 05:59:50 +0000
asID: 54339
IP address blocks: 194.124.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/CB29A77669DF5A7A5CB506D839EE8AA4337CCAAC.crl
rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/CB29A77669DF5A7A5CB506D839EE8AA4337CCAAC.mft
rsync://rpki.ripe.net/repository/DEFAULT/yymndmnfWnpctQbYOe6KpDN8yqw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:24:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:65:d2:c4:d0:fb:9e:cb:6c:34:af:5b:62:7c:28:ce:1e:52:4d:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb29a77669df5a7a5cb506d839ee8aa4337ccaac
Validity
Not Before: Mar 31 05:54:50 2025 GMT
Not After : Mar 30 05:59:50 2026 GMT
Subject: CN=90AD382167481D710F3DDAE5AD2433FEE9AE8EF8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:4b:12:1f:c1:66:11:01:aa:79:8c:fc:32:6b:
04:90:e9:37:f5:d4:87:ef:b5:45:a9:b6:5b:93:18:
c4:f8:ef:e9:37:60:19:5e:83:7c:84:dc:1c:f6:01:
81:ea:28:bc:d3:10:34:e1:04:c8:d2:d5:b7:2c:ff:
76:d1:14:3c:63:7f:36:dd:72:fd:67:51:a6:b1:50:
48:b5:40:eb:7f:43:c0:bf:5b:ec:51:20:6f:60:82:
11:7f:0d:68:94:89:25:1d:8e:8f:04:ec:84:65:70:
d1:f9:c0:9d:54:7a:34:04:64:3a:f5:90:f4:de:bf:
93:fc:02:62:30:52:69:70:5a:16:3b:6a:82:d2:57:
74:e1:dc:2f:23:55:d7:02:09:cb:1e:49:cd:85:a9:
44:b6:af:e5:de:f8:70:70:f2:9f:71:cd:51:12:98:
ae:8e:6a:79:0c:85:ee:7f:3b:da:09:cb:44:ff:25:
04:a2:14:87:d1:3d:43:11:46:08:c3:f2:21:75:8d:
e3:bc:7e:f4:f9:c9:3b:a4:3b:d1:d7:90:35:91:87:
2e:b4:fe:d4:8a:51:a3:63:0a:af:a9:6d:c1:36:e7:
c8:41:05:79:11:ff:e7:08:3c:3f:1d:d9:27:df:fe:
be:06:77:0e:c1:2c:c3:73:5a:9a:3a:4e:da:78:14:
a4:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:AD:38:21:67:48:1D:71:0F:3D:DA:E5:AD:24:33:FE:E9:AE:8E:F8
X509v3 Authority Key Identifier:
keyid:CB:29:A7:76:69:DF:5A:7A:5C:B5:06:D8:39:EE:8A:A4:33:7C:CA:AC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/CB29A77669DF5A7A5CB506D839EE8AA4337CCAAC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yymndmnfWnpctQbYOe6KpDN8yqw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/3139342e3132342e3233342e302f32342d3234203d3e203534333339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.124.234.0/24
Signature Algorithm: sha256WithRSAEncryption
64:d6:82:22:3e:9f:9e:c0:7c:da:11:93:52:f1:0b:cf:f0:bc:
77:b4:86:65:66:cc:96:84:b2:b6:7e:b1:4e:7d:6d:fd:b2:a6:
24:64:74:3b:cf:bb:3d:d1:76:30:38:71:e0:76:4e:75:d6:2d:
8d:83:6d:38:b5:a7:77:b3:2c:9b:0d:87:e8:16:f0:2b:52:c1:
f8:23:95:71:02:ec:73:d0:a4:bd:e6:78:4d:1d:cc:eb:52:c6:
d3:0b:72:48:a4:c9:62:25:c8:33:74:fb:d6:ca:7e:96:40:74:
6a:1a:d7:26:76:61:55:9b:76:1d:02:c1:ea:bd:9c:3b:3a:c3:
15:1c:97:7f:ba:26:78:50:bd:df:52:8c:56:dd:85:55:80:e1:
fc:05:5c:d3:e0:58:0c:46:d9:fa:bb:31:03:03:13:bb:5c:fd:
a1:93:a3:08:29:cb:34:89:2c:d2:35:c9:89:c3:82:a6:20:72:
dc:78:87:c5:65:a8:2c:8e:cb:ae:46:aa:7e:92:76:a8:17:0d:
59:b9:5f:fb:83:45:09:6f:92:93:ed:17:f4:ec:bd:29:a1:3a:
f1:a0:44:d0:23:d2:54:de:9f:28:46:db:2a:70:b1:99:85:9d:
a5:44:63:8f:53:35:8c:f8:c9:4b:02:26:12:99:2e:37:5c:aa:
39:3a:1e:72
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUfmXSxND7nstsNK9bYnwozh5STSkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2IyOWE3NzY2OWRmNWE3YTVjYjUwNmQ4MzllZThhYTQz
MzdjY2FhYzAeFw0yNTAzMzEwNTU0NTBaFw0yNjAzMzAwNTU5NTBaMDMxMTAvBgNV
BAMTKDkwQUQzODIxNjc0ODFENzEwRjNEREFFNUFEMjQzM0ZFRTlBRThFRjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbSxIfwWYRAap5jPwyawSQ6Tf1
1IfvtUWptluTGMT47+k3YBleg3yE3Bz2AYHqKLzTEDThBMjS1bcs/3bRFDxjfzbd
cv1nUaaxUEi1QOt/Q8C/W+xRIG9gghF/DWiUiSUdjo8E7IRlcNH5wJ1UejQEZDr1
kPTev5P8AmIwUmlwWhY7aoLSV3Th3C8jVdcCCcseSc2FqUS2r+Xe+HBw8p9xzVES
mK6OankMhe5/O9oJy0T/JQSiFIfRPUMRRgjD8iF1jeO8fvT5yTukO9HXkDWRhy60
/tSKUaNjCq+pbcE258hBBXkR/+cIPD8d2Sff/r4Gdw7BLMNzWpo6Ttp4FKRXAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUkK04IWdIHXEPPdrlrSQz/umujvgwHwYDVR0j
BBgwFoAUyymndmnfWnpctQbYOe6KpDN8yqwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmIyNWQwNjgtN2Y5Yy00YjBlLWE2OTUtMTc3OWI3ZDhm
MDZlLzAvQ0IyOUE3NzY2OURGNUE3QTVDQjUwNkQ4MzlFRThBQTQzMzdDQ0FBQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3l5bW5kbW5mV25wY3RRYllPZTZLcERO
OHlxdy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmIyNWQwNjgt
N2Y5Yy00YjBlLWE2OTUtMTc3OWI3ZDhmMDZlLzAvMzEzOTM0MmUzMTMyMzQyZTMy
MzMzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzQzMzMzMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCfOowDQYJKoZIhvcNAQELBQADggEBAGTWgiI+n57AfNoRk1LxC8/wvHe0hmVm
zJaEsrZ+sU59bf2ypiRkdDvPuz3RdjA4ceB2TnXWLY2DbTi1p3ezLJsNh+gW8CtS
wfgjlXEC7HPQpL3meE0dzOtSxtMLckikyWIlyDN0+9bKfpZAdGoa1yZ2YVWbdh0C
weq9nDs6wxUcl3+6JnhQvd9SjFbdhVWA4fwFXNPgWAxG2fq7MQMDE7tc/aGTowgp
yzSJLNI1yYnDgqYgctx4h8VlqCyOy65Gqn6SdqgXDVm5X/uDRQlvkpPtF/TsvSmh
OvGgRNAj0lTenyhG2ypwsZmFnaVEY49TNYz4yUsCJhKZLjdcqjk6HnI=
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:15:39 2025 by rpki-client