Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3235342e302f32342d3234203d3e2035303635.roa
File: 3134332e32302e3235342e302f32342d3234203d3e2035303635.roa (raw, json)
Hash identifier: Ys2pLC+EZBZf5uiiiUaVWKo2CoKfnEbEdwk/gyxugW0=
Subject key identifier: 41:90:F0:6D:81:EC:4D:C1:EB:15:AD:5A:E6:EE:05:31:21:B6:9B:EF
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 6736EB724B235E4442BDEC09C1F410E3A57BF0B8
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3235342e302f32342d3234203d3e2035303635.roa
Signing time: Tue 06 May 2025 06:35:36 +0000
ROA not before: Tue 06 May 2025 06:30:36 +0000
ROA not after: Tue 05 May 2026 06:35:36 +0000
asID: 5065
IP address blocks: 143.20.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:36:eb:72:4b:23:5e:44:42:bd:ec:09:c1:f4:10:e3:a5:7b:f0:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 6 06:30:36 2025 GMT
Not After : May 5 06:35:36 2026 GMT
Subject: CN=4190F06D81EC4DC1EB15AD5AE6EE053121B69BEF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:5e:03:40:60:89:63:74:52:76:0e:a4:cd:93:
de:10:59:b3:f1:87:5c:da:94:c9:04:b8:c2:1b:e9:
1a:b6:9f:90:65:f6:85:b9:3c:00:f5:df:af:7c:16:
ea:7a:98:eb:2c:e8:c9:42:b8:7c:77:e8:dd:45:c0:
ee:3a:38:2d:48:1f:b8:3e:59:95:a9:bb:b1:d3:df:
fa:d8:fd:a1:cf:59:04:aa:46:e1:b0:8f:e5:55:4c:
e1:8a:a5:ad:c1:ea:67:dc:bc:b0:35:5d:b1:7a:7d:
38:d0:17:ca:51:ef:36:8b:70:7e:7a:0d:a0:27:69:
04:41:cd:71:9e:a5:28:74:74:6c:23:28:90:8f:23:
48:d0:a7:0b:95:6c:ee:16:f0:22:a9:ea:c2:82:83:
9b:1a:c9:1f:0a:6c:61:f2:3a:a0:52:73:ec:1f:85:
f5:0e:ca:77:e1:bd:21:af:54:ec:6c:7d:c9:4d:59:
31:f1:b8:4c:d7:2f:ff:61:e5:3b:0e:a4:83:1b:0d:
8a:38:72:84:68:ab:ef:18:10:8d:ec:af:6a:e6:ba:
fe:13:5e:06:44:65:c1:a5:c4:80:3f:55:fc:95:b4:
93:e5:b0:c7:e8:79:51:eb:b0:b6:d5:2d:b5:f7:2a:
d1:00:d9:fd:5a:b6:9b:47:94:45:a7:28:02:03:48:
b5:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:90:F0:6D:81:EC:4D:C1:EB:15:AD:5A:E6:EE:05:31:21:B6:9B:EF
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3235342e302f32342d3234203d3e2035303635.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.254.0/24
Signature Algorithm: sha256WithRSAEncryption
03:de:ea:35:2b:e4:74:fb:80:a0:7e:10:6c:ff:89:1f:c9:7d:
87:42:aa:28:b7:1a:ce:72:4d:92:8e:23:d7:fd:8f:20:0d:37:
50:a5:b3:63:47:28:20:de:6d:e1:2a:97:b3:08:c9:83:0f:54:
29:0b:24:ae:f9:3c:b5:b3:f0:2f:bf:54:88:f0:14:9d:ad:40:
f5:79:a6:16:26:9f:7b:e9:02:f7:ef:96:5e:81:58:1d:b3:dc:
8b:41:c2:56:8c:2a:8c:38:ff:2d:d7:96:fa:a3:7c:b3:fd:9c:
21:b8:d9:14:55:e3:61:5b:d1:0b:fc:96:5e:1d:19:6b:94:dd:
20:b3:40:93:87:27:ab:89:d6:6d:b4:d4:b8:26:61:33:28:ef:
02:ae:50:8a:84:d9:0d:e5:ba:5d:60:b2:28:34:72:34:98:7c:
25:ad:29:9c:70:b6:e5:19:c3:f1:aa:98:6b:a2:55:45:e9:9f:
0a:6e:8b:0d:0a:92:e2:40:08:a2:42:9c:d8:46:ad:41:c4:b9:
00:8b:0d:9c:9d:a0:7a:d9:ac:4f:89:85:43:47:97:16:41:2d:
d9:96:5f:0e:4a:fb:94:16:6a:a4:02:be:ec:e5:33:d2:c1:a0:
63:dc:d8:a2:e5:43:32:1a:a6:f5:de:4b:3f:22:ac:fb:71:40:
77:4b:a7:61
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUZzbrcksjXkRCvewJwfQQ46V78LgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MDYwNjMwMzZaFw0yNjA1MDUwNjM1MzZaMDMxMTAvBgNV
BAMTKDQxOTBGMDZEODFFQzREQzFFQjE1QUQ1QUU2RUUwNTMxMjFCNjlCRUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcXgNAYIljdFJ2DqTNk94QWbPx
h1zalMkEuMIb6Rq2n5Bl9oW5PAD13698Fup6mOss6MlCuHx36N1FwO46OC1IH7g+
WZWpu7HT3/rY/aHPWQSqRuGwj+VVTOGKpa3B6mfcvLA1XbF6fTjQF8pR7zaLcH56
DaAnaQRBzXGepSh0dGwjKJCPI0jQpwuVbO4W8CKp6sKCg5sayR8KbGHyOqBSc+wf
hfUOynfhvSGvVOxsfclNWTHxuEzXL/9h5TsOpIMbDYo4coRoq+8YEI3sr2rmuv4T
XgZEZcGlxIA/VfyVtJPlsMfoeVHrsLbVLbX3KtEA2f1atptHlEWnKAIDSLVpAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUQZDwbYHsTcHrFa1a5u4FMSG2m+8wHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzMjM1
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTMwMzYzNS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAI8U
/jANBgkqhkiG9w0BAQsFAAOCAQEAA97qNSvkdPuAoH4QbP+JH8l9h0KqKLcaznJN
ko4j1/2PIA03UKWzY0coIN5t4SqXswjJgw9UKQskrvk8tbPwL79UiPAUna1A9Xmm
Fiafe+kC9++WXoFYHbPci0HCVowqjDj/LdeW+qN8s/2cIbjZFFXjYVvRC/yWXh0Z
a5TdILNAk4cnq4nWbbTUuCZhMyjvAq5QioTZDeW6XWCyKDRyNJh8Ja0pnHC25RnD
8aqYa6JVRemfCm6LDQqS4kAIokKc2EatQcS5AIsNnJ2getmsT4mFQ0eXFkEt2ZZf
Dkr7lBZqpAK+7OUz0sGgY9zYouVDMhqm9d5LPyKs+3FAd0unYQ==
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:20:54 2025 by rpki-client