Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e35312e302f32342d3234203d3e20383334.roa
File: 3134332e32302e35312e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: 7iassqIc0R7SgxXP1PLHGDFV+JLylO8/ZhkDRVNXqTs=
Subject key identifier: 16:DF:78:AF:8E:83:71:03:BA:55:BE:8C:3B:AB:20:FD:DD:D7:5A:37
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 357BF10398C5DC5A634477B6C5BFD8E0A24CBEDA
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e35312e302f32342d3234203d3e20383334.roa
Signing time: Fri 30 May 2025 13:09:10 +0000
ROA not before: Fri 30 May 2025 13:04:10 +0000
ROA not after: Fri 29 May 2026 13:09:10 +0000
asID: 834
IP address blocks: 143.20.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:7b:f1:03:98:c5:dc:5a:63:44:77:b6:c5:bf:d8:e0:a2:4c:be:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 30 13:04:10 2025 GMT
Not After : May 29 13:09:10 2026 GMT
Subject: CN=16DF78AF8E837103BA55BE8C3BAB20FDDDD75A37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:fd:db:14:f8:84:07:93:36:33:d7:e4:d0:3e:
ef:8f:6c:0f:7e:cd:7a:36:25:ac:90:0b:db:79:cc:
8b:86:51:3f:0f:a2:1d:f4:f7:76:29:99:fd:65:1f:
57:13:37:8e:06:72:07:fe:0c:f9:71:de:cf:ca:61:
e5:53:04:8c:e8:a8:8d:6b:4a:0c:6c:e7:d3:2e:a0:
81:0b:f4:0f:92:c9:a0:85:9c:17:f5:30:76:b2:73:
82:c1:65:cb:f6:a8:3f:80:0f:cb:72:db:db:b4:f1:
ff:d4:92:07:7e:93:18:0f:02:4b:64:0d:e3:73:b5:
ab:27:f0:53:94:e1:ef:e7:74:06:1e:35:41:93:ac:
ad:2e:df:6f:9e:dc:c5:7d:4b:c0:c9:97:7c:f4:4a:
0d:3b:04:29:70:27:8c:56:76:df:52:53:62:87:18:
dc:c4:e7:96:09:73:36:f8:a6:c9:f9:01:4c:72:7c:
7a:bd:7a:93:43:19:63:5f:b0:b2:8f:4b:37:ce:d7:
14:91:22:0a:13:1c:77:86:1f:28:3c:bd:41:d0:77:
91:b9:df:17:a5:57:aa:f7:d5:37:e9:ce:01:02:2e:
a1:29:d8:76:e0:7b:e0:e9:45:ed:b9:b2:14:a8:f2:
96:6d:30:b4:d4:df:8d:57:d7:83:4e:12:19:ca:c5:
30:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:DF:78:AF:8E:83:71:03:BA:55:BE:8C:3B:AB:20:FD:DD:D7:5A:37
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e35312e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.51.0/24
Signature Algorithm: sha256WithRSAEncryption
db:24:c6:64:ef:94:92:37:1a:d4:0d:6b:d8:1d:28:49:ae:2c:
76:ed:d3:2b:66:9f:0b:38:9b:a7:c3:29:3c:9b:b2:76:c4:41:
cf:56:de:d1:91:f1:f2:4b:f2:84:18:53:d7:ea:e4:13:33:25:
12:7e:96:f7:a8:ee:80:d6:6f:05:e5:84:aa:c8:52:04:5c:f9:
db:75:92:e7:b1:f0:28:23:58:73:bb:2f:6f:3b:d7:55:c0:14:
a0:f7:84:29:23:1e:07:d5:a0:c1:3b:a4:72:c2:0a:63:82:d1:
f4:27:d6:71:60:0d:10:ef:bd:5c:d8:1d:79:c9:43:6e:14:3b:
21:62:80:1d:6f:c6:db:01:23:fa:a2:d3:44:cf:f6:bb:39:8d:
26:22:fe:26:4a:a5:d6:f6:8d:53:be:36:a4:c7:af:0a:e6:34:
99:6a:7e:81:18:b3:d9:be:6c:14:86:dd:c2:b0:48:f2:26:26:
27:cc:48:5f:64:ac:c7:d0:a3:16:45:39:8a:6d:9a:b7:1c:6b:
b2:12:c7:b0:82:15:fc:c1:e0:51:3f:15:41:ff:25:19:48:29:
ac:c7:53:df:d8:b3:ac:1a:41:08:c4:f2:be:d5:fa:f7:9d:8a:
a2:f5:f6:0b:d7:2f:93:b1:4c:88:cf:85:77:55:05:cf:e0:01:
85:54:8e:75
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUNXvxA5jF3FpjRHe2xb/Y4KJMvtowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MzAxMzA0MTBaFw0yNjA1MjkxMzA5MTBaMDMxMTAvBgNV
BAMTKDE2REY3OEFGOEU4MzcxMDNCQTU1QkU4QzNCQUIyMEZERERENzVBMzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCT/dsU+IQHkzYz1+TQPu+PbA9+
zXo2JayQC9t5zIuGUT8Poh3093Ypmf1lH1cTN44Gcgf+DPlx3s/KYeVTBIzoqI1r
Sgxs59MuoIEL9A+SyaCFnBf1MHayc4LBZcv2qD+AD8ty29u08f/Ukgd+kxgPAktk
DeNztasn8FOU4e/ndAYeNUGTrK0u32+e3MV9S8DJl3z0Sg07BClwJ4xWdt9SU2KH
GNzE55YJczb4psn5AUxyfHq9epNDGWNfsLKPSzfO1xSRIgoTHHeGHyg8vUHQd5G5
3xelV6r31TfpzgECLqEp2Hbge+DpRe25shSo8pZtMLTU341X14NOEhnKxTBdAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUFt94r46DcQO6Vb6MO6sg/d3XWjcwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzNTMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjxQzMA0G
CSqGSIb3DQEBCwUAA4IBAQDbJMZk75SSNxrUDWvYHShJrix27dMrZp8LOJunwyk8
m7J2xEHPVt7RkfHyS/KEGFPX6uQTMyUSfpb3qO6A1m8F5YSqyFIEXPnbdZLnsfAo
I1hzuy9vO9dVwBSg94QpIx4H1aDBO6RywgpjgtH0J9ZxYA0Q771c2B15yUNuFDsh
YoAdb8bbASP6otNEz/a7OY0mIv4mSqXW9o1Tvjakx68K5jSZan6BGLPZvmwUht3C
sEjyJiYnzEhfZKzH0KMWRTmKbZq3HGuyEsewghX8weBRPxVB/yUZSCmsx1Pf2LOs
GkEIxPK+1fr3nYqi9fYL1y+TsUyIz4V3VQXP4AGFVI51
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:22:30 2025 by rpki-client