Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3134312e39382e37342e302f32342d3234203d3e20343030383130.roa
File: 3134312e39382e37342e302f32342d3234203d3e20343030383130.roa (raw, json)
Hash identifier: KVa82wI/FeK7G+zHplEfv7DPRWirQW5iuszUr5TC2UY=
Subject key identifier: FC:39:C5:15:9D:EC:5E:EC:A6:C8:10:DD:C6:88:37:25:1C:CD:36:AF
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 75A487E4100C12FD311CFCBD70ABFB45FAB2AD61
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3134312e39382e37342e302f32342d3234203d3e20343030383130.roa
Signing time: Thu 06 Mar 2025 11:53:55 +0000
ROA not before: Thu 06 Mar 2025 11:48:55 +0000
ROA not after: Thu 05 Mar 2026 11:53:55 +0000
asID: 400810
IP address blocks: 141.98.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 02:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:a4:87:e4:10:0c:12:fd:31:1c:fc:bd:70:ab:fb:45:fa:b2:ad:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Mar 6 11:48:55 2025 GMT
Not After : Mar 5 11:53:55 2026 GMT
Subject: CN=FC39C5159DEC5EECA6C810DDC68837251CCD36AF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:27:7f:43:28:14:32:9c:c1:b0:9b:b8:6b:dd:
86:b8:d1:c4:b8:74:f9:fa:79:38:8d:30:5b:be:60:
10:96:8f:58:78:ba:03:a0:c8:70:cb:6a:7f:4c:2d:
2c:39:06:a6:0f:8c:35:ea:50:de:59:74:a0:40:3d:
2f:37:dd:01:1b:d1:db:14:bf:60:ad:48:d9:10:00:
5b:a5:71:7e:cb:85:72:67:9f:99:3a:fa:be:e8:84:
f8:71:30:c9:72:40:3b:92:28:0e:dd:2c:45:1e:c6:
32:0a:5f:b2:9f:5e:b5:08:e3:23:5e:b9:86:2d:27:
a1:91:d4:29:fa:7c:48:0d:ef:4d:98:8a:c3:f9:f0:
b9:5f:e3:01:b6:9e:7d:ec:0b:e7:19:87:2e:e4:c8:
a2:bf:46:ea:44:a9:1e:40:d9:f2:6f:eb:37:67:17:
12:2a:48:00:8d:b8:c8:71:68:b8:7f:83:64:2c:25:
b8:26:41:b3:1e:b7:ee:21:87:20:a0:56:bf:6f:b8:
f2:02:20:85:f4:71:09:9c:1f:87:0a:4d:e2:e7:3a:
1c:d1:d8:c6:57:8d:33:88:a5:b6:0a:fd:16:5f:78:
f4:12:08:32:19:10:36:64:0d:e9:07:0b:85:b2:55:
ad:01:30:9f:17:4b:57:73:ba:a2:3b:99:85:cf:6a:
1f:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:39:C5:15:9D:EC:5E:EC:A6:C8:10:DD:C6:88:37:25:1C:CD:36:AF
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3134312e39382e37342e302f32342d3234203d3e20343030383130.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.74.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:34:a9:fe:c3:f6:3f:e5:f6:91:72:00:68:22:3a:54:ad:33:
26:48:98:cd:3b:e4:48:f0:39:cc:11:27:22:ee:c3:16:d2:d3:
3d:02:0b:e9:9e:99:c9:99:6c:c0:29:71:ac:c6:14:9e:e8:94:
6d:35:41:cd:f7:b8:c6:59:23:0e:7f:6a:86:03:c3:86:e6:ec:
a2:5c:a9:f6:9d:8d:0b:9b:13:19:00:fc:06:02:fe:e9:12:24:
b5:21:3f:b0:2e:8d:dd:96:a4:20:62:3d:77:e2:91:a9:2f:98:
8d:cf:c0:67:de:8f:fd:cf:62:29:dc:6a:06:88:31:bb:d7:f0:
6a:92:ca:16:5a:0a:5f:e2:f3:de:de:10:8d:30:36:3d:ae:58:
0a:63:2c:9b:da:4b:82:39:7f:54:c0:28:7d:a3:e8:19:4f:dc:
27:f6:e3:a2:a2:f1:6e:cd:d0:36:ef:99:0e:8c:af:43:d5:3c:
23:ca:e2:0d:66:4b:84:98:93:cb:5c:cc:90:8a:ed:bd:31:0e:
e5:c2:dc:27:54:a0:4c:6c:0e:96:f3:fb:bf:a7:ff:11:a9:33:
7c:26:1e:cb:a6:19:e8:92:d0:98:70:d9:2c:7a:e0:83:56:13:
17:47:b5:02:23:4c:7a:25:64:7e:ea:06:ed:42:d5:9a:e5:95:
4d:a2:74:d3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUdaSH5BAMEv0xHPy9cKv7RfqyrWEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNTAzMDYxMTQ4NTVaFw0yNjAzMDUxMTUzNTVaMDMxMTAvBgNV
BAMTKEZDMzlDNTE1OURFQzVFRUNBNkM4MTBEREM2ODgzNzI1MUNDRDM2QUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzJ39DKBQynMGwm7hr3Ya40cS4
dPn6eTiNMFu+YBCWj1h4ugOgyHDLan9MLSw5BqYPjDXqUN5ZdKBAPS833QEb0dsU
v2CtSNkQAFulcX7LhXJnn5k6+r7ohPhxMMlyQDuSKA7dLEUexjIKX7KfXrUI4yNe
uYYtJ6GR1Cn6fEgN702YisP58Llf4wG2nn3sC+cZhy7kyKK/RupEqR5A2fJv6zdn
FxIqSACNuMhxaLh/g2QsJbgmQbMet+4hhyCgVr9vuPICIIX0cQmcH4cKTeLnOhzR
2MZXjTOIpbYK/RZfePQSCDIZEDZkDekHC4WyVa0BMJ8XS1dzuqI7mYXPah9dAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU/DnFFZ3sXuymyBDdxog3JRzNNq8wHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzEzNDMxMmUzOTM4MmUzNzM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMDMwMzgzMTMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
jWJKMA0GCSqGSIb3DQEBCwUAA4IBAQBsNKn+w/Y/5faRcgBoIjpUrTMmSJjNO+RI
8DnMESci7sMW0tM9AgvpnpnJmWzAKXGsxhSe6JRtNUHN97jGWSMOf2qGA8OG5uyi
XKn2nY0LmxMZAPwGAv7pEiS1IT+wLo3dlqQgYj134pGpL5iNz8Bn3o/9z2Ip3GoG
iDG71/BqksoWWgpf4vPe3hCNMDY9rlgKYyyb2kuCOX9UwCh9o+gZT9wn9uOiovFu
zdA275kOjK9D1TwjyuINZkuEmJPLXMyQiu29MQ7lwtwnVKBMbA6W8/u/p/8RqTN8
Jh7LphnoktCYcNkseuCDVhMXR7UCI0x6JWR+6gbtQtWa5ZVNonTT
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:52:08 2025 by rpki-client