Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e38342e302f32342d3234203d3e2039333034.roa
File: 3134332e32302e38342e302f32342d3234203d3e2039333034.roa (raw, json)
Hash identifier: /zAiP268Z/WIDynsQeaSk38SNVKq+nFj8dqEEcwFGcc=
Subject key identifier: C8:12:28:13:9A:E4:15:A7:8A:97:F5:09:40:A2:2C:8C:4C:8A:36:71
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 6363FCA05CCEC4BB667C5F7F013703FAD93CB858
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e38342e302f32342d3234203d3e2039333034.roa
Signing time: Fri 30 May 2025 08:06:26 +0000
ROA not before: Fri 30 May 2025 08:01:26 +0000
ROA not after: Fri 29 May 2026 08:06:26 +0000
asID: 9304
IP address blocks: 143.20.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:63:fc:a0:5c:ce:c4:bb:66:7c:5f:7f:01:37:03:fa:d9:3c:b8:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 30 08:01:26 2025 GMT
Not After : May 29 08:06:26 2026 GMT
Subject: CN=C81228139AE415A78A97F50940A22C8C4C8A3671
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:30:5d:8b:9c:4d:b8:77:01:f1:1b:11:30:5b:
5d:cb:97:8d:c0:e7:9d:f1:14:15:8e:d5:a0:1e:40:
b3:83:1d:7f:a9:0f:bc:52:ce:9f:f9:c6:ad:42:e9:
e5:35:8a:5a:b3:0d:36:d9:ad:7d:65:e5:3c:e6:93:
c6:e6:12:d8:18:28:bb:b9:e8:8c:81:c5:72:26:6c:
ac:5e:59:d4:c3:ff:25:62:c8:9a:91:f0:75:10:a2:
ea:0d:71:90:f2:e9:48:3b:49:12:a7:49:4f:30:12:
bf:20:fd:be:6f:0f:e3:92:70:92:5f:44:eb:1c:14:
d5:22:35:ee:eb:1b:34:35:7c:1e:7b:2c:19:c7:61:
68:04:a7:b6:c6:d9:f8:9d:f2:d6:9f:57:ed:54:69:
43:a1:e3:34:18:ad:76:5b:97:7f:a3:b0:f2:bd:4f:
ea:89:e1:6e:83:67:d4:5b:e1:66:6a:94:8c:01:47:
49:5f:69:1d:c6:11:b4:d9:19:15:ef:34:6f:11:6f:
47:9e:e6:e6:a5:56:8a:07:48:c3:92:bb:37:d8:21:
5d:25:51:be:d9:f8:de:ae:b8:ff:06:1a:ff:2b:4c:
24:cb:3b:f5:4d:a4:76:d9:55:68:a5:33:e9:d3:13:
27:24:55:40:5e:c7:17:3e:3d:25:53:17:40:d9:c3:
ea:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:12:28:13:9A:E4:15:A7:8A:97:F5:09:40:A2:2C:8C:4C:8A:36:71
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e38342e302f32342d3234203d3e2039333034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.84.0/24
Signature Algorithm: sha256WithRSAEncryption
41:a2:f1:d4:d2:58:c5:20:f0:49:a2:3d:7c:b1:28:cb:3d:08:
0a:b3:48:5d:f3:3d:19:a9:04:bf:9e:94:87:69:b4:1c:20:d7:
be:d5:d5:64:94:cd:55:b2:5e:8f:c9:2c:42:0e:d4:cb:4f:91:
e1:bf:87:05:46:f7:7c:8b:6c:0e:f1:c7:e3:4c:73:f5:db:ec:
01:b0:67:1f:8d:d2:1b:1b:1a:f2:6e:f0:ff:d5:e4:2b:25:83:
d0:6b:ee:b0:a0:f6:5e:00:5c:e6:9f:ef:e9:e8:80:99:98:50:
b1:a9:ee:b3:9b:13:0e:a5:5d:fc:37:0a:fa:fa:4b:de:4c:2d:
a4:0f:ff:3f:09:38:77:d8:4b:46:85:ec:79:ab:78:cd:9b:58:
ef:68:48:7b:d5:bb:12:a7:ed:8f:c3:2d:8e:48:a2:03:f2:60:
7d:ab:76:94:9b:81:0a:e9:85:b8:d6:9b:7c:20:db:3a:f9:3a:
42:1e:27:78:a6:38:f6:67:71:5c:ad:f8:39:a1:7b:1c:f6:06:
d3:d1:22:95:18:14:72:6a:38:bb:f0:cf:73:54:90:8f:15:31:
1a:cf:04:b4:5a:95:b2:8d:0f:e4:0b:60:21:76:b1:79:10:34:
99:c0:43:97:47:e8:73:13:dd:13:90:e0:e6:f1:df:88:26:a5:
fc:9a:76:90
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUY2P8oFzOxLtmfF9/ATcD+tk8uFgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MzAwODAxMjZaFw0yNjA1MjkwODA2MjZaMDMxMTAvBgNV
BAMTKEM4MTIyODEzOUFFNDE1QTc4QTk3RjUwOTQwQTIyQzhDNEM4QTM2NzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsMF2LnE24dwHxGxEwW13Ll43A
553xFBWO1aAeQLODHX+pD7xSzp/5xq1C6eU1ilqzDTbZrX1l5Tzmk8bmEtgYKLu5
6IyBxXImbKxeWdTD/yViyJqR8HUQouoNcZDy6Ug7SRKnSU8wEr8g/b5vD+OScJJf
ROscFNUiNe7rGzQ1fB57LBnHYWgEp7bG2fid8tafV+1UaUOh4zQYrXZbl3+jsPK9
T+qJ4W6DZ9Rb4WZqlIwBR0lfaR3GEbTZGRXvNG8Rb0ee5ualVooHSMOSuzfYIV0l
Ub7Z+N6uuP8GGv8rTCTLO/VNpHbZVWilM+nTEyckVUBexxc+PSVTF0DZw+oVAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUyBIoE5rkFaeKl/UJQKIsjEyKNnEwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzODM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzkzMzMwMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACPFFQw
DQYJKoZIhvcNAQELBQADggEBAEGi8dTSWMUg8EmiPXyxKMs9CAqzSF3zPRmpBL+e
lIdptBwg177V1WSUzVWyXo/JLEIO1MtPkeG/hwVG93yLbA7xx+NMc/Xb7AGwZx+N
0hsbGvJu8P/V5Cslg9Br7rCg9l4AXOaf7+nogJmYULGp7rObEw6lXfw3Cvr6S95M
LaQP/z8JOHfYS0aF7HmreM2bWO9oSHvVuxKn7Y/DLY5IogPyYH2rdpSbgQrphbjW
m3wg2zr5OkIeJ3imOPZncVyt+Dmhexz2BtPRIpUYFHJqOLvwz3NUkI8VMRrPBLRa
lbKND+QLYCF2sXkQNJnAQ5dH6HMT3ROQ4Obx34gmpfyadpA=
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:17:05 2025 by rpki-client