Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3137382e302f32342d3234203d3e20313531333338.roa
File: 3134332e32302e3137382e302f32342d3234203d3e20313531333338.roa (raw, json)
Hash identifier: fj35aGoLb3mUZcY4NHx4TN8JLqgqyNCqtN0nqAGxFT4=
Subject key identifier: 97:B1:49:EF:69:3D:B3:20:DF:37:E7:39:B3:D5:14:45:96:69:7B:EF
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 39B47891BD16786E5B3CE693AE8F2EB2AF5EF834
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3137382e302f32342d3234203d3e20313531333338.roa
Signing time: Tue 13 May 2025 06:35:28 +0000
ROA not before: Tue 13 May 2025 06:30:28 +0000
ROA not after: Tue 12 May 2026 06:35:28 +0000
asID: 151338
IP address blocks: 143.20.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:b4:78:91:bd:16:78:6e:5b:3c:e6:93:ae:8f:2e:b2:af:5e:f8:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 13 06:30:28 2025 GMT
Not After : May 12 06:35:28 2026 GMT
Subject: CN=97B149EF693DB320DF37E739B3D5144596697BEF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a9:61:92:80:2d:3a:62:ba:06:ab:45:2c:ff:
e9:67:a1:14:63:47:70:34:e2:ed:0c:61:11:23:be:
d2:d7:dd:d1:c6:6d:f7:23:bd:87:49:9d:36:80:65:
90:0a:b2:99:71:12:91:e0:07:de:24:f7:72:3c:a5:
81:a3:d7:93:81:1e:c3:a3:23:5b:92:4e:3c:c9:32:
f1:03:ae:41:29:df:66:16:b4:bc:c3:13:ff:a3:4e:
b2:c7:2d:ec:3b:b5:21:72:1e:d9:cd:79:6a:1f:44:
69:a8:bb:89:fa:d4:51:14:af:68:92:c3:e3:3a:f0:
f4:77:37:af:b5:53:b0:5e:3a:0f:85:8c:11:6e:ed:
c2:43:42:a5:63:ff:cd:db:9d:16:2d:59:6a:06:67:
f8:1b:d1:eb:7d:98:a6:59:b6:1e:5e:22:fb:11:70:
79:1f:6c:f2:e7:37:19:c8:da:a8:b2:6a:17:20:07:
37:b5:b5:40:ea:a7:75:ed:3d:21:47:86:58:e7:dd:
94:25:18:19:13:db:cf:3b:20:91:e0:5d:44:95:e0:
e6:fa:92:db:b5:3c:cd:90:94:25:e0:ae:e4:c1:fc:
14:36:80:03:ea:a6:af:ab:df:fd:88:31:e3:14:d4:
97:8b:1f:ea:69:6f:c1:9e:1e:84:de:6a:81:f7:f1:
0e:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:B1:49:EF:69:3D:B3:20:DF:37:E7:39:B3:D5:14:45:96:69:7B:EF
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3137382e302f32342d3234203d3e20313531333338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.178.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:af:30:a7:9b:1a:b5:ae:96:65:80:28:45:5d:b0:fc:f1:f6:
6e:98:73:78:b4:30:47:24:94:9b:8d:2c:59:0b:d8:d4:bc:54:
32:94:27:fa:3c:71:a5:a4:a5:5e:1c:e9:fe:77:92:a3:03:79:
f2:92:c9:dd:fa:b9:f4:37:0a:15:fd:57:78:24:3c:43:d4:3e:
27:6f:7d:76:32:3d:77:98:dc:c6:fb:c4:7d:15:d6:af:20:2d:
6b:19:4c:f5:bc:7e:dd:39:9d:48:b2:14:96:fa:c0:75:8f:f4:
1b:02:5a:31:5d:4d:d9:49:e9:b7:98:1d:ee:eb:68:94:20:99:
7b:12:4a:b9:f7:c8:27:e6:5b:5c:5f:32:d9:f9:50:82:67:0a:
a5:a7:26:7c:62:63:04:b2:42:f9:e7:64:2f:35:31:07:49:d4:
0f:be:d8:2e:2d:ae:6c:e0:5c:27:c8:50:4d:a5:6b:88:bc:1a:
f6:50:6e:77:28:97:97:c4:1e:3c:42:42:f7:2d:45:9e:21:c5:
9e:70:90:f6:4f:3f:02:8d:81:1f:a2:6a:67:6e:4f:d7:b8:c0:
11:5c:20:b9:e5:f8:58:40:b8:51:6f:cd:b6:e6:6d:8e:50:b4:
79:63:14:07:be:46:f0:06:2e:fe:db:ca:23:5e:4a:1d:6c:6e:
ca:00:6b:37
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUObR4kb0WeG5bPOaTro8usq9e+DQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MTMwNjMwMjhaFw0yNjA1MTIwNjM1MjhaMDMxMTAvBgNV
BAMTKDk3QjE0OUVGNjkzREIzMjBERjM3RTczOUIzRDUxNDQ1OTY2OTdCRUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFqWGSgC06YroGq0Us/+lnoRRj
R3A04u0MYREjvtLX3dHGbfcjvYdJnTaAZZAKsplxEpHgB94k93I8pYGj15OBHsOj
I1uSTjzJMvEDrkEp32YWtLzDE/+jTrLHLew7tSFyHtnNeWofRGmou4n61FEUr2iS
w+M68PR3N6+1U7BeOg+FjBFu7cJDQqVj/83bnRYtWWoGZ/gb0et9mKZZth5eIvsR
cHkfbPLnNxnI2qiyahcgBze1tUDqp3XtPSFHhljn3ZQlGBkT2887IJHgXUSV4Ob6
ktu1PM2QlCXgruTB/BQ2gAPqpq+r3/2IMeMU1JeLH+ppb8GeHoTeaoH38Q6TAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUl7FJ72k9syDfN+c5s9UURZZpe+8wHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzMTM3
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM1MzEzMzMzMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACPFLIwDQYJKoZIhvcNAQELBQADggEBAKWvMKebGrWulmWAKEVdsPzx9m6Yc3i0
MEcklJuNLFkL2NS8VDKUJ/o8caWkpV4c6f53kqMDefKSyd36ufQ3ChX9V3gkPEPU
PidvfXYyPXeY3Mb7xH0V1q8gLWsZTPW8ft05nUiyFJb6wHWP9BsCWjFdTdlJ6beY
He7raJQgmXsSSrn3yCfmW1xfMtn5UIJnCqWnJnxiYwSyQvnnZC81MQdJ1A++2C4t
rmzgXCfIUE2la4i8GvZQbncol5fEHjxCQvctRZ4hxZ5wkPZPPwKNgR+iamduT9e4
wBFcILnl+FhAuFFvzbbmbY5QtHljFAe+RvAGLv7byiNeSh1sbsoAazc=
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:38:23 2025 by rpki-client