Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3134362e31392e35332e302f32342d3234203d3e20313432313131.roa
File: 3134362e31392e35332e302f32342d3234203d3e20313432313131.roa (raw, json)
Hash identifier: 65asAzRxJvDe1YCujUmWbIiKCzT1TU5iNap0EoVkO3Y=
Subject key identifier: 26:05:9C:AC:7F:8E:16:52:C2:D2:DC:6C:80:D0:C7:92:46:BD:A8:E7
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 3F9EA568AE61FCBD7D51DC533B32BF1D5825EA07
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3134362e31392e35332e302f32342d3234203d3e20313432313131.roa
Signing time: Mon 30 Jun 2025 21:08:26 +0000
ROA not before: Mon 30 Jun 2025 21:03:26 +0000
ROA not after: Mon 29 Jun 2026 21:08:26 +0000
asID: 142111
IP address blocks: 146.19.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Jul 2025 16:53:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:9e:a5:68:ae:61:fc:bd:7d:51:dc:53:3b:32:bf:1d:58:25:ea:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Jun 30 21:03:26 2025 GMT
Not After : Jun 29 21:08:26 2026 GMT
Subject: CN=26059CAC7F8E1652C2D2DC6C80D0C79246BDA8E7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:40:60:b2:31:da:6a:0c:9e:30:72:f4:3b:07:
b1:53:38:32:4c:66:d1:2f:ee:49:08:da:b4:90:53:
eb:fc:8b:2f:67:9b:a7:58:47:11:92:66:29:54:86:
92:3a:0b:26:b3:85:0c:05:c0:32:90:6e:bf:4b:8a:
12:c5:2c:4f:b2:93:b5:45:fc:75:cb:ed:a1:f2:d6:
95:8c:f5:d5:09:89:98:ad:43:bb:ca:a6:04:87:df:
83:41:3f:af:61:e3:f9:d4:ce:2d:50:e1:9c:c5:b3:
e7:e0:05:57:a0:a6:89:53:4a:09:9a:49:12:73:d2:
d5:47:b1:c2:dc:4f:16:62:51:1b:b5:c5:ed:7b:af:
08:a6:3d:00:c4:53:65:fb:84:71:81:21:36:13:23:
3a:ea:d2:40:5e:0a:70:35:05:ef:a0:b5:08:37:07:
a9:a3:91:51:b2:9b:7b:6a:33:c0:a7:e9:ce:3f:90:
98:28:57:b9:2d:3c:78:62:e5:b3:97:da:61:91:81:
e1:c5:96:06:47:1f:cf:e5:37:3a:a0:49:5a:54:c2:
21:e6:9f:e5:e1:73:d5:87:fd:ac:10:72:11:f5:86:
4b:9a:9c:9f:d8:6e:4b:a3:42:bb:13:32:5f:5d:16:
51:3e:a7:13:c7:c0:c0:6b:f2:78:33:6a:b3:6d:df:
f7:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:05:9C:AC:7F:8E:16:52:C2:D2:DC:6C:80:D0:C7:92:46:BD:A8:E7
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3134362e31392e35332e302f32342d3234203d3e20313432313131.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.53.0/24
Signature Algorithm: sha256WithRSAEncryption
11:51:b4:ec:48:82:bc:80:97:a9:c9:33:80:f2:2f:72:6c:b8:
10:6f:65:f5:51:15:02:9d:9e:a3:de:0b:59:26:e6:ad:1d:39:
96:cf:6b:41:31:58:36:0c:de:43:b8:06:ff:6c:29:6a:13:3f:
87:62:a0:ba:02:59:fb:e0:f0:6f:9a:ec:89:89:ae:d3:cf:80:
75:a2:34:21:e7:9e:a0:88:19:09:ef:0c:a5:a4:a4:d0:e8:8a:
7e:08:02:e9:c3:d0:04:17:5b:a9:20:d5:61:ee:fb:72:69:ba:
4c:63:ee:cd:6c:d6:01:a5:e4:b1:a7:1c:0c:57:0b:e3:1f:fe:
2f:29:8d:3c:fe:df:8a:ce:cf:4e:6b:47:60:c3:cf:fe:3e:b8:
7e:19:89:78:7e:de:4f:87:23:a1:b7:bd:8a:22:85:01:f9:ec:
4e:71:39:aa:21:e6:d4:e9:2b:83:e9:f0:c9:81:df:47:a5:41:
11:ae:99:43:01:d3:2c:d5:b8:d0:b6:ec:82:92:88:e3:a1:c4:
03:f9:a8:7f:49:eb:28:a9:8f:67:c9:93:74:e1:b8:98:ef:67:
1b:42:e5:87:79:92:e9:ef:0f:6b:4b:63:93:89:1c:4c:d8:ad:
ca:3b:d1:67:3f:bf:c6:e2:99:43:4a:fb:a6:01:da:71:79:ca:
20:72:8e:18
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUP56laK5h/L19UdxTOzK/HVgl6gcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNTA2MzAyMTAzMjZaFw0yNjA2MjkyMTA4MjZaMDMxMTAvBgNV
BAMTKDI2MDU5Q0FDN0Y4RTE2NTJDMkQyREM2QzgwRDBDNzkyNDZCREE4RTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWQGCyMdpqDJ4wcvQ7B7FTODJM
ZtEv7kkI2rSQU+v8iy9nm6dYRxGSZilUhpI6CyazhQwFwDKQbr9LihLFLE+yk7VF
/HXL7aHy1pWM9dUJiZitQ7vKpgSH34NBP69h4/nUzi1Q4ZzFs+fgBVegpolTSgma
SRJz0tVHscLcTxZiURu1xe17rwimPQDEU2X7hHGBITYTIzrq0kBeCnA1Be+gtQg3
B6mjkVGym3tqM8Cn6c4/kJgoV7ktPHhi5bOX2mGRgeHFlgZHH8/lNzqgSVpUwiHm
n+Xhc9WH/awQchH1hkuanJ/YbkujQrsTMl9dFlE+pxPHwMBr8ngzarNt3/f7AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUJgWcrH+OFlLC0txsgNDHkka9qOcwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzEzNDM2MmUzMTM5MmUzNTMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNDMyMzEzMTMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
khM1MA0GCSqGSIb3DQEBCwUAA4IBAQARUbTsSIK8gJepyTOA8i9ybLgQb2X1URUC
nZ6j3gtZJuatHTmWz2tBMVg2DN5DuAb/bClqEz+HYqC6Aln74PBvmuyJia7Tz4B1
ojQh556giBkJ7wylpKTQ6Ip+CALpw9AEF1upINVh7vtyabpMY+7NbNYBpeSxpxwM
VwvjH/4vKY08/t+Kzs9Oa0dgw8/+Prh+GYl4ft5PhyOht72KIoUB+exOcTmqIebU
6SuD6fDJgd9HpUERrplDAdMs1bjQtuyCkojjocQD+ah/SesoqY9nyZN04biY72cb
QuWHeZLp7w9rS2OTiRxM2K3KO9FnP7/G4plDSvumAdpxecogco4Y
-----END CERTIFICATE-----
Generated at Fri Jul 4 02:21:55 2025 by rpki-client