Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3134362e31392e35332e302f32342d3234203d3e20313532363732.roa
File: 3134362e31392e35332e302f32342d3234203d3e20313532363732.roa (raw, json)
Hash identifier: R9JC3sHytncw5nwNxoiEF3pniUcJV4GyDa9/Vt4/Lgk=
Subject key identifier: 18:39:96:3C:4C:18:39:42:28:F7:51:3C:E2:C0:8A:D8:4B:7C:2E:28
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 5F4A475933B7DB8A896DB2C1E7C7F30E241D826E
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3134362e31392e35332e302f32342d3234203d3e20313532363732.roa
Signing time: Mon 30 Jun 2025 06:02:41 +0000
ROA not before: Mon 30 Jun 2025 05:57:41 +0000
ROA not after: Mon 29 Jun 2026 06:02:41 +0000
asID: 152672
IP address blocks: 146.19.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Jul 2025 16:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:4a:47:59:33:b7:db:8a:89:6d:b2:c1:e7:c7:f3:0e:24:1d:82:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Jun 30 05:57:41 2025 GMT
Not After : Jun 29 06:02:41 2026 GMT
Subject: CN=1839963C4C18394228F7513CE2C08AD84B7C2E28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:06:6a:92:a3:a8:a3:50:dc:4d:3e:91:49:ee:
59:e0:c8:69:93:ed:dd:49:94:bb:3c:b8:b9:dc:e1:
9f:16:33:e0:e3:51:e6:5d:20:4e:7d:39:1a:5d:f2:
fd:f5:3b:e1:9a:c9:62:37:55:00:79:89:8e:02:1c:
59:86:8d:0c:9b:0e:f9:ff:c9:38:5e:9e:7e:eb:ad:
c4:23:a1:41:66:70:bc:7c:e6:cd:19:db:03:2c:86:
c4:eb:51:4b:e6:db:f4:27:a9:6f:83:65:e3:82:04:
f6:72:46:a8:9b:fd:a4:e4:9f:5c:9d:fb:1b:23:b5:
2b:dc:20:a7:8d:2e:7e:f8:25:05:44:5e:1c:02:4d:
13:f2:5e:76:52:29:59:ce:89:92:e9:09:11:c9:00:
8d:d0:42:61:44:45:21:91:b9:16:7b:f3:5f:b6:c8:
cd:20:cc:22:87:be:9f:70:1e:cd:4d:68:e8:c7:c4:
2d:8a:dd:4a:2d:e3:52:b1:89:14:9c:ea:58:8a:3e:
ec:65:b7:40:5a:b1:3e:18:4b:13:3e:31:13:a3:fb:
58:c4:c6:fe:50:0b:14:c9:10:cd:bc:9d:6c:6a:ae:
08:9a:d6:0b:18:9c:15:1b:a9:5c:fb:04:57:49:cb:
55:3a:d8:57:55:8a:62:5a:b2:d3:11:ad:7d:ac:18:
b8:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:39:96:3C:4C:18:39:42:28:F7:51:3C:E2:C0:8A:D8:4B:7C:2E:28
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3134362e31392e35332e302f32342d3234203d3e20313532363732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.53.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:86:f5:71:3c:f6:1f:8a:10:41:2e:f0:af:0e:18:27:af:9f:
12:9d:10:70:b0:8c:fc:b6:02:e7:c8:b8:66:d1:af:f9:d8:2a:
58:a6:02:fe:37:ce:c0:76:e9:dc:50:bd:c1:20:09:46:66:43:
3b:ac:73:27:93:84:f5:6e:08:51:53:f0:e7:de:44:88:3c:0c:
bf:ee:ce:11:ad:7f:de:53:06:17:5d:23:81:e2:0a:8b:db:b4:
3c:a9:4b:4b:d7:05:9f:d6:9c:91:f5:73:d8:6a:28:ac:56:71:
82:46:c2:a9:f4:33:66:ec:cf:a6:d4:32:34:04:e0:f0:88:66:
c9:0d:c3:72:06:db:19:9f:31:3e:c2:ed:89:4e:52:0d:8d:dd:
b0:20:60:6c:38:87:f3:06:76:8e:64:98:c7:4e:8f:c7:94:db:
6b:74:c4:bd:b3:c2:ff:0d:d7:fb:15:cc:61:85:e2:8c:a0:08:
05:b8:ab:36:07:15:f9:95:06:fb:49:ca:8e:f4:2d:c8:00:06:
d5:dc:0a:22:06:8b:cc:87:80:91:dc:1f:f1:84:21:f4:24:b2:
23:97:4f:10:9a:1d:55:e5:dc:21:70:fe:39:dd:b8:1e:e0:12:
cc:1a:52:82:7f:49:1b:16:98:52:8a:9a:9c:49:dc:e1:e1:9e:
fa:79:5f:76
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUX0pHWTO324qJbbLB58fzDiQdgm4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNTA2MzAwNTU3NDFaFw0yNjA2MjkwNjAyNDFaMDMxMTAvBgNV
BAMTKDE4Mzk5NjNDNEMxODM5NDIyOEY3NTEzQ0UyQzA4QUQ4NEI3QzJFMjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeBmqSo6ijUNxNPpFJ7lngyGmT
7d1JlLs8uLnc4Z8WM+DjUeZdIE59ORpd8v31O+GayWI3VQB5iY4CHFmGjQybDvn/
yThenn7rrcQjoUFmcLx85s0Z2wMshsTrUUvm2/QnqW+DZeOCBPZyRqib/aTkn1yd
+xsjtSvcIKeNLn74JQVEXhwCTRPyXnZSKVnOiZLpCRHJAI3QQmFERSGRuRZ781+2
yM0gzCKHvp9wHs1NaOjHxC2K3Uot41KxiRSc6liKPuxlt0BasT4YSxM+MROj+1jE
xv5QCxTJEM28nWxqrgia1gsYnBUbqVz7BFdJy1U62FdVimJastMRrX2sGLjlAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUGDmWPEwYOUIo91E84sCK2Et8LigwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzEzNDM2MmUzMTM5MmUzNTMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNTMyMzYzNzMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
khM1MA0GCSqGSIb3DQEBCwUAA4IBAQCuhvVxPPYfihBBLvCvDhgnr58SnRBwsIz8
tgLnyLhm0a/52CpYpgL+N87AduncUL3BIAlGZkM7rHMnk4T1bghRU/Dn3kSIPAy/
7s4RrX/eUwYXXSOB4gqL27Q8qUtL1wWf1pyR9XPYaiisVnGCRsKp9DNm7M+m1DI0
BODwiGbJDcNyBtsZnzE+wu2JTlINjd2wIGBsOIfzBnaOZJjHTo/HlNtrdMS9s8L/
Ddf7FcxhheKMoAgFuKs2BxX5lQb7ScqO9C3IAAbV3AoiBovMh4CR3B/xhCH0JLIj
l08Qmh1V5dwhcP453bge4BLMGlKCf0kbFphSipqcSdzh4Z76eV92
-----END CERTIFICATE-----
Generated at Sat Jul 5 23:06:30 2025 by rpki-client