Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e36342e302f32322d3234203d3e20383334.roa
File: 3134332e32302e36342e302f32322d3234203d3e20383334.roa (raw, json)
Hash identifier: yKV8o2qL7arK20aa3aGarazVgg2EKsMXnhIHBDCjcs8=
Subject key identifier: 79:26:03:00:00:45:41:D6:FF:13:FB:3A:B0:0F:6A:A6:04:B1:85:6F
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 74A43A794FDA8ECFA9F1BB90F85EAE75028D453C
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e36342e302f32322d3234203d3e20383334.roa
Signing time: Sun 18 May 2025 17:41:35 +0000
ROA not before: Sun 18 May 2025 17:36:35 +0000
ROA not after: Sun 17 May 2026 17:41:35 +0000
asID: 834
IP address blocks: 143.20.64.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:a4:3a:79:4f:da:8e:cf:a9:f1:bb:90:f8:5e:ae:75:02:8d:45:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 18 17:36:35 2025 GMT
Not After : May 17 17:41:35 2026 GMT
Subject: CN=79260300004541D6FF13FB3AB00F6AA604B1856F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:1e:ce:b5:9e:b5:83:e6:6a:4a:62:bc:09:c3:
9f:bc:50:6f:48:4b:eb:00:17:d0:30:65:6b:15:e1:
cb:28:72:e6:67:03:22:a6:4b:45:20:d2:4c:10:a7:
60:fd:17:2d:84:07:3d:09:76:ff:46:c1:9a:6a:82:
0a:9d:b9:03:2e:71:87:42:8b:2d:ad:2a:a9:c0:39:
27:ff:d8:60:a2:89:29:ea:0c:d9:17:bf:13:b8:12:
fa:a7:ae:f9:41:f1:f4:8b:85:cc:43:16:c7:d6:4e:
f0:8b:7a:25:56:de:f7:24:6b:3f:bd:61:42:a6:3e:
eb:1a:89:22:44:47:f4:cd:3d:7c:c5:59:9b:e9:f2:
b2:bd:7e:07:0d:d1:fd:28:1f:db:c9:99:23:ad:dd:
66:8a:d5:39:eb:70:66:2a:43:60:c1:09:21:2f:ec:
b7:9b:2b:f7:2e:99:72:2b:25:68:4a:12:dd:6c:0c:
6c:b8:6d:05:1d:ce:90:e8:f9:9b:2f:c8:11:76:3f:
fb:c8:f9:c6:86:b3:ed:cb:91:0a:93:a6:da:69:7c:
32:12:b1:f5:a6:ad:fd:54:18:16:4f:70:e8:be:92:
c7:a3:7b:82:1b:67:e0:cd:0e:84:4a:bf:3d:cc:b2:
11:05:f0:82:3a:62:e9:e7:c9:a9:2d:ac:4b:f8:a7:
2f:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:26:03:00:00:45:41:D6:FF:13:FB:3A:B0:0F:6A:A6:04:B1:85:6F
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e36342e302f32322d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.64.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:25:25:35:12:83:d7:e7:d4:25:ad:13:f2:a9:3b:07:d6:92:
98:b7:2d:85:05:e7:77:e7:04:e4:de:57:7b:1e:19:78:8a:47:
71:7f:99:01:47:a3:06:45:a1:54:da:c5:56:4b:f0:02:16:31:
c9:14:b0:55:95:9a:cf:4a:29:83:20:c7:34:e9:cf:95:18:39:
6d:d6:be:ec:c4:6e:f7:67:33:8d:28:4f:c9:5d:83:86:3c:55:
26:7b:30:a8:65:f3:bc:99:d3:91:f9:9d:ef:5f:9e:ee:d7:cb:
3b:35:37:8e:c3:f0:dd:27:19:01:6c:1b:aa:2c:35:f0:a0:72:
f2:c8:10:aa:dd:0a:4c:04:e6:c4:24:78:06:89:39:76:e4:ec:
96:ed:0f:c6:dd:d7:65:ca:57:e3:6b:fe:d2:09:a3:8f:4f:0c:
f8:ea:0c:90:b7:33:7c:69:c6:3b:9a:b2:01:62:43:cc:0d:40:
35:ed:49:48:4d:ed:e6:dc:da:69:74:d6:81:2d:58:12:60:de:
bf:46:d9:ab:e0:ad:4f:1a:2d:4d:88:ab:0f:ea:40:60:64:de:
c6:df:92:51:d9:cc:29:f5:39:be:9a:74:21:9a:14:08:cf:ca:
5c:83:35:eb:f5:f0:58:3a:7a:e0:5c:83:bc:ee:d8:8f:6c:96:
08:f8:03:c7
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUdKQ6eU/ajs+p8buQ+F6udQKNRTwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MTgxNzM2MzVaFw0yNjA1MTcxNzQxMzVaMDMxMTAvBgNV
BAMTKDc5MjYwMzAwMDA0NTQxRDZGRjEzRkIzQUIwMEY2QUE2MDRCMTg1NkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeHs61nrWD5mpKYrwJw5+8UG9I
S+sAF9AwZWsV4csocuZnAyKmS0Ug0kwQp2D9Fy2EBz0Jdv9GwZpqggqduQMucYdC
iy2tKqnAOSf/2GCiiSnqDNkXvxO4EvqnrvlB8fSLhcxDFsfWTvCLeiVW3vckaz+9
YUKmPusaiSJER/TNPXzFWZvp8rK9fgcN0f0oH9vJmSOt3WaK1TnrcGYqQ2DBCSEv
7LebK/cumXIrJWhKEt1sDGy4bQUdzpDo+ZsvyBF2P/vI+caGs+3LkQqTptppfDIS
sfWmrf1UGBZPcOi+kseje4IbZ+DNDoRKvz3MshEF8II6YunnyaktrEv4py8/AgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUeSYDAABFQdb/E/s6sA9qpgSxhW8wHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzNjM0
MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCjxRAMA0G
CSqGSIb3DQEBCwUAA4IBAQAeJSU1EoPX59QlrRPyqTsH1pKYty2FBed35wTk3ld7
Hhl4ikdxf5kBR6MGRaFU2sVWS/ACFjHJFLBVlZrPSimDIMc06c+VGDlt1r7sxG73
ZzONKE/JXYOGPFUmezCoZfO8mdOR+Z3vX57u18s7NTeOw/DdJxkBbBuqLDXwoHLy
yBCq3QpMBObEJHgGiTl25OyW7Q/G3ddlylfja/7SCaOPTwz46gyQtzN8acY7mrIB
YkPMDUA17UlITe3m3NppdNaBLVgSYN6/Rtmr4K1PGi1NiKsP6kBgZN7G35JR2cwp
9Tm+mnQhmhQIz8pcgzXr9fBYOnrgXIO87tiPbJYI+APH
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:15:55 2025 by rpki-client