Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3234352e302f32342d3234203d3e2035303635.roa
File: 3134332e32302e3234352e302f32342d3234203d3e2035303635.roa (raw, json)
Hash identifier: IvmJjRd4IC5Ni4Dh5q4B1oWcwJure8DJXhPFqMpwafY=
Subject key identifier: 7F:29:28:FC:F2:2D:C0:34:68:02:FB:A8:A3:DB:34:04:0A:65:FB:52
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 552878CF6EC0B85F7835C0BA7AF4536DDDC459A1
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3234352e302f32342d3234203d3e2035303635.roa
Signing time: Tue 06 May 2025 06:35:22 +0000
ROA not before: Tue 06 May 2025 06:30:22 +0000
ROA not after: Tue 05 May 2026 06:35:22 +0000
asID: 5065
IP address blocks: 143.20.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:28:78:cf:6e:c0:b8:5f:78:35:c0:ba:7a:f4:53:6d:dd:c4:59:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 6 06:30:22 2025 GMT
Not After : May 5 06:35:22 2026 GMT
Subject: CN=7F2928FCF22DC0346802FBA8A3DB34040A65FB52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:62:9e:e6:f8:c2:df:5c:09:62:63:1a:31:79:
a0:cc:84:37:c7:22:28:63:c2:52:01:83:2e:95:61:
27:25:a5:9b:e6:5d:20:7c:66:48:e1:c2:ac:b7:ed:
fa:5f:cd:cb:c3:32:ba:ae:63:1c:0b:04:bb:db:fa:
b0:07:36:57:ac:a2:19:42:68:4f:fc:d8:87:f1:35:
0e:3d:fe:f4:f1:d9:3b:7f:12:f4:ed:92:93:27:21:
fd:1b:0f:77:b1:b9:2e:00:b5:e9:6e:19:d1:63:20:
06:89:a4:9c:4a:93:a9:96:c8:fe:98:ed:87:80:a1:
77:e3:13:8c:ac:74:8b:05:ca:02:78:b3:cc:2a:df:
ec:a2:2b:59:85:55:b6:72:4b:bc:27:49:97:69:c5:
27:09:fe:ee:b0:bd:06:16:9e:5d:73:08:0b:77:eb:
a7:09:9a:d2:78:81:6a:4c:04:e3:3a:96:1c:02:a5:
0a:ac:5b:b7:a6:04:db:a9:c5:d9:33:88:df:79:d4:
31:b7:84:81:d7:6b:16:67:f1:7c:ed:5b:a9:08:80:
3a:5a:c8:8c:a6:b9:3e:f5:a4:9a:69:a7:4d:e9:ea:
b0:d7:f9:cf:75:27:e7:76:2c:b9:a9:ee:57:f1:b0:
0a:a5:a0:42:79:2c:a3:4b:73:97:60:82:74:46:03:
91:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:29:28:FC:F2:2D:C0:34:68:02:FB:A8:A3:DB:34:04:0A:65:FB:52
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3234352e302f32342d3234203d3e2035303635.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.245.0/24
Signature Algorithm: sha256WithRSAEncryption
12:6a:b0:86:34:15:09:de:e5:15:71:2d:3c:8e:d5:db:1d:26:
1b:3a:57:3a:52:5c:48:e6:01:98:97:37:99:40:3d:4a:fe:90:
b0:e5:09:cb:25:b9:07:de:ef:6e:b3:f2:dd:34:d6:65:f0:9f:
2f:35:d0:84:a7:89:86:9a:e1:58:62:30:33:03:59:f2:64:d5:
0d:f8:b8:bd:bb:24:09:62:17:42:29:68:9c:71:52:56:ba:6c:
d6:b4:b0:6a:de:42:08:1a:46:c5:c7:76:f1:af:36:00:30:b0:
ae:23:88:13:bc:34:9e:6f:34:86:8d:98:75:3b:d6:b2:a8:cb:
86:91:5f:ee:d0:f7:1b:93:bd:98:f8:ef:d6:c6:ff:00:26:11:
00:15:61:72:d0:70:d3:1f:d8:bb:b2:0e:99:f0:4a:3e:89:30:
05:2b:97:1d:08:64:d1:6c:89:9e:fd:b5:a1:0c:18:21:7d:65:
c9:64:c8:0b:34:9b:c4:34:a2:14:32:24:b8:3c:ac:22:b4:33:
41:bc:ec:4d:db:24:02:ce:b0:3d:bd:3a:b7:1f:0a:7a:8e:9a:
ff:09:f5:1c:d7:b4:41:2c:e2:c0:06:94:c3:7a:8b:a0:e8:a1:
0b:26:8c:97:5c:c0:a7:7d:68:bf:1a:09:fd:2a:8e:8e:a8:c1:
a4:7b:37:01
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUVSh4z27AuF94NcC6evRTbd3EWaEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MDYwNjMwMjJaFw0yNjA1MDUwNjM1MjJaMDMxMTAvBgNV
BAMTKDdGMjkyOEZDRjIyREMwMzQ2ODAyRkJBOEEzREIzNDA0MEE2NUZCNTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChYp7m+MLfXAliYxoxeaDMhDfH
IihjwlIBgy6VYSclpZvmXSB8Zkjhwqy37fpfzcvDMrquYxwLBLvb+rAHNlesohlC
aE/82IfxNQ49/vTx2Tt/EvTtkpMnIf0bD3exuS4AteluGdFjIAaJpJxKk6mWyP6Y
7YeAoXfjE4ysdIsFygJ4s8wq3+yiK1mFVbZyS7wnSZdpxScJ/u6wvQYWnl1zCAt3
66cJmtJ4gWpMBOM6lhwCpQqsW7emBNupxdkziN951DG3hIHXaxZn8XztW6kIgDpa
yIymuT71pJppp03p6rDX+c91J+d2LLmp7lfxsAqloEJ5LKNLc5dggnRGA5GjAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUfyko/PItwDRoAvuoo9s0BApl+1IwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzMjM0
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTMwMzYzNS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAI8U
9TANBgkqhkiG9w0BAQsFAAOCAQEAEmqwhjQVCd7lFXEtPI7V2x0mGzpXOlJcSOYB
mJc3mUA9Sv6QsOUJyyW5B97vbrPy3TTWZfCfLzXQhKeJhprhWGIwMwNZ8mTVDfi4
vbskCWIXQilonHFSVrps1rSwat5CCBpGxcd28a82ADCwriOIE7w0nm80ho2YdTvW
sqjLhpFf7tD3G5O9mPjv1sb/ACYRABVhctBw0x/Yu7IOmfBKPokwBSuXHQhk0WyJ
nv21oQwYIX1lyWTICzSbxDSiFDIkuDysIrQzQbzsTdskAs6wPb06tx8Keo6a/wn1
HNe0QSziwAaUw3qLoOihCyaMl1zAp31ovxoJ/SqOjqjBpHs3AQ==
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:26:29 2025 by rpki-client