Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3134332e302f32342d3234203d3e20313531333338.roa
File: 3134332e32302e3134332e302f32342d3234203d3e20313531333338.roa (raw, json)
Hash identifier: K2+YG87uR0MnbWjKvVVYtDBBB8GUri/yhjyuhlTlciw=
Subject key identifier: 3F:63:2D:7E:96:8C:3E:09:4E:2C:F8:D9:E3:7F:B4:85:EE:17:CA:C0
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 1D30AA29A582918053B5F900B037A6FB86242FCD
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3134332e302f32342d3234203d3e20313531333338.roa
Signing time: Tue 13 May 2025 06:36:32 +0000
ROA not before: Tue 13 May 2025 06:31:32 +0000
ROA not after: Tue 12 May 2026 06:36:32 +0000
asID: 151338
IP address blocks: 143.20.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:30:aa:29:a5:82:91:80:53:b5:f9:00:b0:37:a6:fb:86:24:2f:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 13 06:31:32 2025 GMT
Not After : May 12 06:36:32 2026 GMT
Subject: CN=3F632D7E968C3E094E2CF8D9E37FB485EE17CAC0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e5:16:c1:d0:09:32:e0:03:a9:16:9c:a2:a3:
92:73:a5:7f:da:1f:69:fa:f0:54:b3:34:36:fb:2d:
82:a9:bd:1d:1e:a9:92:35:d1:c3:24:1c:d0:c9:ae:
d2:54:a8:23:1e:21:5f:f0:f5:fa:a6:1c:73:ee:e1:
37:51:d3:cb:9e:03:87:fd:5a:c5:7f:59:6c:35:cc:
a2:a0:ad:a2:13:fe:dd:80:98:17:98:90:3b:2d:1d:
4d:db:a4:1a:0d:cd:60:99:18:3e:37:97:c6:28:d8:
ac:09:bf:11:2d:0b:0f:75:a6:a1:3c:b9:5b:58:ba:
50:09:e5:6b:04:b7:82:56:03:de:06:e5:f4:2c:6f:
8e:27:f0:bc:ee:e3:bc:50:c9:fc:b7:5f:a4:e1:41:
fe:70:53:d5:bd:dc:d2:5d:82:1a:91:dc:da:03:4e:
4d:d4:6f:e7:b4:b1:74:4d:53:97:ac:a2:d1:11:87:
d5:16:26:9d:bb:b3:f7:78:48:1b:fe:81:46:7c:92:
1b:ca:70:ab:68:1a:2c:e1:9d:0c:4c:1e:fb:fa:ac:
2e:4e:21:72:21:4e:13:6c:8c:81:9c:b6:22:90:e2:
4d:0b:d2:38:5b:49:12:86:84:37:f7:b7:c5:aa:b0:
40:3f:59:3f:da:1e:5d:7e:a0:5e:70:ed:3a:8b:1f:
7d:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:63:2D:7E:96:8C:3E:09:4E:2C:F8:D9:E3:7F:B4:85:EE:17:CA:C0
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3134332e302f32342d3234203d3e20313531333338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.143.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:47:d7:35:f2:03:e2:5f:3d:38:bf:fa:82:be:a3:cb:6f:92:
e5:71:49:c5:84:01:0f:7c:10:ee:f2:c4:6d:10:1a:23:24:6d:
f6:01:1e:8e:c1:78:0a:f9:07:76:b1:cf:09:02:95:51:8a:1d:
4d:50:a0:4e:ec:45:58:f8:c3:fc:e5:66:4a:c8:75:40:c0:82:
96:3b:80:73:eb:38:6e:03:4f:41:10:19:ec:25:ef:be:66:1c:
2b:c9:25:03:64:99:3f:b3:ed:cb:b6:1a:4b:87:fa:8a:a0:a6:
9e:c8:fd:95:4a:43:ef:60:61:46:5e:47:5f:5a:19:bc:7e:79:
06:09:50:5c:21:91:55:4f:0c:61:31:25:46:a3:9b:a8:a1:91:
55:6e:81:b7:6d:9f:0e:31:86:ee:14:ba:75:43:86:4e:5b:fa:
71:32:9b:02:67:4e:24:52:78:cb:91:50:47:14:10:38:2e:a2:
fb:5e:ab:ea:11:af:bd:31:3b:aa:8e:eb:d9:e9:e8:f1:b7:ea:
3a:da:b4:3a:5f:8b:be:c3:75:ee:75:f2:f4:a6:5f:c6:b4:0c:
1b:c1:85:5f:de:03:94:60:56:c4:48:e3:2b:9c:c8:7a:ec:39:
25:c3:fb:ed:c5:1e:db:c5:fd:84:42:7b:35:c0:69:db:d3:72:
10:5c:15:78
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUHTCqKaWCkYBTtfkAsDem+4YkL80wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MTMwNjMxMzJaFw0yNjA1MTIwNjM2MzJaMDMxMTAvBgNV
BAMTKDNGNjMyRDdFOTY4QzNFMDk0RTJDRjhEOUUzN0ZCNDg1RUUxN0NBQzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCe5RbB0Aky4AOpFpyio5JzpX/a
H2n68FSzNDb7LYKpvR0eqZI10cMkHNDJrtJUqCMeIV/w9fqmHHPu4TdR08ueA4f9
WsV/WWw1zKKgraIT/t2AmBeYkDstHU3bpBoNzWCZGD43l8Yo2KwJvxEtCw91pqE8
uVtYulAJ5WsEt4JWA94G5fQsb44n8Lzu47xQyfy3X6ThQf5wU9W93NJdghqR3NoD
Tk3Ub+e0sXRNU5esotERh9UWJp27s/d4SBv+gUZ8khvKcKtoGizhnQxMHvv6rC5O
IXIhThNsjIGctiKQ4k0L0jhbSRKGhDf3t8WqsEA/WT/aHl1+oF5w7TqLH30dAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUP2MtfpaMPglOLPjZ43+0he4XysAwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzMTM0
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM1MzEzMzMzMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACPFI8wDQYJKoZIhvcNAQELBQADggEBAG9H1zXyA+JfPTi/+oK+o8tvkuVxScWE
AQ98EO7yxG0QGiMkbfYBHo7BeAr5B3axzwkClVGKHU1QoE7sRVj4w/zlZkrIdUDA
gpY7gHPrOG4DT0EQGewl775mHCvJJQNkmT+z7cu2GkuH+oqgpp7I/ZVKQ+9gYUZe
R19aGbx+eQYJUFwhkVVPDGExJUajm6ihkVVugbdtnw4xhu4UunVDhk5b+nEymwJn
TiRSeMuRUEcUEDguovteq+oRr70xO6qO69np6PG36jratDpfi77Dde518vSmX8a0
DBvBhV/eA5RgVsRI4yucyHrsOSXD++3FHtvF/YRCezXAadvTchBcFXg=
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:40:46 2025 by rpki-client