Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3235302e302f32342d3234203d3e2035303635.roa
File: 3134332e32302e3235302e302f32342d3234203d3e2035303635.roa (raw, json)
Hash identifier: ilSXv8XE2UiTNlvR1PLoH6IpRDmp4XIFGvEWoANXmzM=
Subject key identifier: 77:DE:FF:ED:D8:24:09:E9:DA:75:FB:90:DA:31:C0:9B:D6:4B:90:87
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 595056BE7E141C8A181C91989DC6B2DCCE76A6E1
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3235302e302f32342d3234203d3e2035303635.roa
Signing time: Tue 06 May 2025 06:35:29 +0000
ROA not before: Tue 06 May 2025 06:30:29 +0000
ROA not after: Tue 05 May 2026 06:35:29 +0000
asID: 5065
IP address blocks: 143.20.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:50:56:be:7e:14:1c:8a:18:1c:91:98:9d:c6:b2:dc:ce:76:a6:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 6 06:30:29 2025 GMT
Not After : May 5 06:35:29 2026 GMT
Subject: CN=77DEFFEDD82409E9DA75FB90DA31C09BD64B9087
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b1:30:38:f3:c6:9f:39:a1:7b:f9:04:74:b5:
2b:00:fa:ad:c5:5a:ac:a2:c0:66:d4:8e:81:31:3c:
69:c4:54:6a:c6:05:09:29:76:03:32:86:fe:47:5a:
5f:e0:6e:22:5a:a7:bb:83:29:ae:04:a8:13:aa:8b:
06:43:61:7b:f2:b9:a1:5f:d3:4e:d4:9a:d8:bf:59:
68:24:45:5b:25:ee:05:1f:48:83:eb:1d:9f:91:77:
d6:2e:50:38:9c:e8:a2:e2:f5:e9:5f:e1:e4:b3:b6:
bf:8f:c9:4f:4b:88:c7:91:14:92:03:01:84:8d:05:
35:b1:bc:c3:d3:df:7b:e3:7a:6a:27:8b:1f:0a:52:
b2:68:75:d8:09:a4:48:74:79:f3:8d:eb:85:10:90:
31:bd:4c:0b:e8:c2:22:d9:c6:cd:0d:d2:33:02:05:
9b:a7:15:d8:d2:12:80:a7:3b:9a:e3:87:8f:ad:67:
26:d2:d2:2a:d7:ea:ed:07:a0:09:31:9d:37:26:0e:
19:3f:25:f2:12:81:d8:fd:6f:a1:ea:f7:ae:67:b3:
bc:f8:b4:48:fb:cb:0c:ec:d0:14:b6:a0:85:54:1d:
78:84:22:1c:85:d6:90:25:e0:7f:1b:d6:8d:44:58:
92:53:4a:75:c0:da:73:40:da:bf:35:b0:bd:9a:fa:
bc:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:DE:FF:ED:D8:24:09:E9:DA:75:FB:90:DA:31:C0:9B:D6:4B:90:87
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3235302e302f32342d3234203d3e2035303635.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.250.0/24
Signature Algorithm: sha256WithRSAEncryption
80:ab:d2:4a:6b:6c:b5:65:e9:c2:43:e1:a5:f1:19:d0:be:43:
93:2c:81:d7:f0:1a:1d:37:ad:fc:1d:46:47:1a:9f:29:ec:6d:
d2:10:d3:63:6c:f8:a6:59:29:44:87:0e:a0:a5:80:ba:76:d5:
d1:19:df:51:75:5c:6b:0f:79:8d:a0:31:60:c6:d6:a4:7c:9f:
24:7d:1e:d8:9f:07:c5:55:17:db:0b:31:d8:fb:8b:4f:36:78:
34:55:54:5c:82:b7:74:f9:06:74:cf:dd:1d:82:22:b4:0b:a1:
ec:ff:39:ce:d4:0e:53:9a:19:f8:2f:1c:6e:e7:b1:6e:76:d5:
ae:94:ae:b6:81:c5:d2:26:a3:dd:4f:79:e2:b0:a4:26:e7:38:
0d:3e:a1:b5:6a:aa:09:c9:93:2c:40:76:0f:8b:0c:06:ac:99:
a0:66:c8:e9:7e:b4:25:ec:40:71:0e:61:ef:51:15:93:58:6e:
b6:22:02:7d:6d:89:84:69:2c:4c:1c:04:a5:d3:d2:f8:4b:fe:
80:3f:3a:b6:1f:67:46:54:a8:8e:0f:e6:b3:69:b9:69:59:de:
6f:4c:2e:30:0e:4b:77:9b:5b:00:56:a8:94:91:88:7c:d2:76:
5b:e9:b3:dc:3b:12:5f:db:96:d4:c1:2d:9f:dc:25:17:32:01:
e1:d0:d7:d5
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUWVBWvn4UHIoYHJGYncay3M52puEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MDYwNjMwMjlaFw0yNjA1MDUwNjM1MjlaMDMxMTAvBgNV
BAMTKDc3REVGRkVERDgyNDA5RTlEQTc1RkI5MERBMzFDMDlCRDY0QjkwODcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCysTA488afOaF7+QR0tSsA+q3F
WqyiwGbUjoExPGnEVGrGBQkpdgMyhv5HWl/gbiJap7uDKa4EqBOqiwZDYXvyuaFf
007Umti/WWgkRVsl7gUfSIPrHZ+Rd9YuUDic6KLi9elf4eSztr+PyU9LiMeRFJID
AYSNBTWxvMPT33vjemonix8KUrJoddgJpEh0efON64UQkDG9TAvowiLZxs0N0jMC
BZunFdjSEoCnO5rjh4+tZybS0irX6u0HoAkxnTcmDhk/JfISgdj9b6Hq965ns7z4
tEj7ywzs0BS2oIVUHXiEIhyF1pAl4H8b1o1EWJJTSnXA2nNA2r81sL2a+rzXAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUd97/7dgkCenadfuQ2jHAm9ZLkIcwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzMjM1
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTMwMzYzNS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAI8U
+jANBgkqhkiG9w0BAQsFAAOCAQEAgKvSSmtstWXpwkPhpfEZ0L5DkyyB1/AaHTet
/B1GRxqfKext0hDTY2z4plkpRIcOoKWAunbV0RnfUXVcaw95jaAxYMbWpHyfJH0e
2J8HxVUX2wsx2PuLTzZ4NFVUXIK3dPkGdM/dHYIitAuh7P85ztQOU5oZ+C8cbuex
bnbVrpSutoHF0iaj3U954rCkJuc4DT6htWqqCcmTLEB2D4sMBqyZoGbI6X60JexA
cQ5h71EVk1hutiICfW2JhGksTBwEpdPS+Ev+gD86th9nRlSojg/ms2m5aVneb0wu
MA5Ld5tbAFaolJGIfNJ2W+mz3DsSX9uW1MEtn9wlFzIB4dDX1Q==
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:25:21 2025 by rpki-client