Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3231332e3232352e3233372e302f32342d3234203d3e203538303631.roa
File: 3231332e3232352e3233372e302f32342d3234203d3e203538303631.roa (raw, json)
Hash identifier: /wg3gTPHe5+eDxx0AOHsn87gI89vGKJVhux0/3gaI50=
Subject key identifier: E4:5F:68:6F:9C:45:93:58:87:C1:9A:CF:BD:20:7B:5F:8E:7E:56:65
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 3F5C1F21A553050BA7A75FB634549F62C9BF26A6
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3231332e3232352e3233372e302f32342d3234203d3e203538303631.roa
Signing time: Thu 06 Mar 2025 11:53:55 +0000
ROA not before: Thu 06 Mar 2025 11:48:55 +0000
ROA not after: Thu 05 Mar 2026 11:53:55 +0000
asID: 58061
IP address blocks: 213.225.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:42:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:5c:1f:21:a5:53:05:0b:a7:a7:5f:b6:34:54:9f:62:c9:bf:26:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Mar 6 11:48:55 2025 GMT
Not After : Mar 5 11:53:55 2026 GMT
Subject: CN=E45F686F9C45935887C19ACFBD207B5F8E7E5665
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:70:b0:e9:a0:5d:ae:be:43:b0:8b:b9:0d:80:
46:36:0c:0b:ef:da:cf:3c:a2:a4:95:d9:e9:f6:1a:
90:52:bc:cc:a8:9c:7e:b8:70:b0:ab:be:14:71:0d:
33:95:92:1b:1c:58:1d:e1:4b:ef:dd:a7:6b:99:69:
df:a6:12:15:db:84:7b:c3:19:a3:38:09:0d:61:68:
90:57:6a:7e:46:04:86:93:51:78:af:1b:f3:8e:af:
f4:dc:af:9f:8f:1d:a9:27:13:6e:5b:d5:7c:bd:35:
17:3d:19:7c:61:de:6e:5e:20:42:46:03:90:3b:4e:
3e:6a:02:2d:d1:a5:55:a2:93:28:4c:7a:ef:62:4d:
8d:6a:e7:7a:97:c7:2d:82:f4:7e:42:53:fd:33:da:
fb:95:f8:94:44:89:9a:27:c2:b6:e0:dc:d8:0c:b1:
fa:a5:64:0e:a0:b2:43:a2:e6:93:c5:8d:9a:19:bf:
5a:c3:1f:e3:84:a9:54:4d:03:77:9e:06:4f:25:3f:
08:6d:23:29:93:05:9f:f6:c3:88:26:e4:ba:b0:59:
3f:c0:27:01:d7:85:5e:72:02:1f:ff:a9:77:fe:ad:
da:fa:aa:0c:22:47:5b:13:d4:eb:be:9c:29:c6:f3:
cc:59:bd:16:2b:58:b3:61:bc:a2:08:91:7e:e0:1d:
8a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:5F:68:6F:9C:45:93:58:87:C1:9A:CF:BD:20:7B:5F:8E:7E:56:65
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3231332e3232352e3233372e302f32342d3234203d3e203538303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.225.237.0/24
Signature Algorithm: sha256WithRSAEncryption
62:3f:df:91:0f:7f:05:1c:a2:d2:59:be:3c:51:df:ee:05:6a:
38:8f:ef:47:4d:ee:36:fb:08:e1:af:a3:08:18:3d:96:15:91:
4b:d2:3a:f3:6f:76:88:f6:77:7d:07:41:90:1b:1a:5a:82:d4:
c2:b4:f3:94:30:a9:28:b5:b7:1d:a2:b9:c0:1c:5c:ff:3f:e7:
d1:bf:24:ee:85:5b:01:7d:9b:21:b1:bd:e5:ca:06:02:47:50:
86:97:fa:d6:c2:d7:b1:cd:62:5f:b8:55:a1:50:82:3a:93:36:
90:21:d9:cb:46:6e:c8:3e:e6:ff:57:9d:80:2b:4b:90:5b:a8:
ca:0b:8c:9a:18:57:49:d2:cf:40:75:0a:33:0b:81:2f:4a:f8:
4d:9f:54:9d:63:92:ea:a3:f3:29:6d:51:bf:b0:fb:63:3c:0c:
aa:59:37:36:05:6a:5e:1b:70:4d:be:ff:96:c0:6e:fd:c9:b9:
de:f6:91:b2:4c:d1:44:de:43:81:c9:1e:a2:df:a0:98:7e:cc:
40:68:39:a1:a9:51:cb:1e:de:56:7b:d7:fa:d4:6b:33:a4:ba:
a7:fe:42:b2:43:2f:b8:cf:c2:87:bf:d6:17:da:22:90:3b:e2:
61:66:77:76:5f:34:ca:7f:b3:b5:cb:11:6e:da:24:3c:21:bc:
bf:4c:f1:e9
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUP1wfIaVTBQunp1+2NFSfYsm/JqYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNTAzMDYxMTQ4NTVaFw0yNjAzMDUxMTUzNTVaMDMxMTAvBgNV
BAMTKEU0NUY2ODZGOUM0NTkzNTg4N0MxOUFDRkJEMjA3QjVGOEU3RTU2NjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHcLDpoF2uvkOwi7kNgEY2DAvv
2s88oqSV2en2GpBSvMyonH64cLCrvhRxDTOVkhscWB3hS+/dp2uZad+mEhXbhHvD
GaM4CQ1haJBXan5GBIaTUXivG/OOr/Tcr5+PHaknE25b1Xy9NRc9GXxh3m5eIEJG
A5A7Tj5qAi3RpVWikyhMeu9iTY1q53qXxy2C9H5CU/0z2vuV+JREiZonwrbg3NgM
sfqlZA6gskOi5pPFjZoZv1rDH+OEqVRNA3eeBk8lPwhtIymTBZ/2w4gm5LqwWT/A
JwHXhV5yAh//qXf+rdr6qgwiR1sT1Ou+nCnG88xZvRYrWLNhvKIIkX7gHYphAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU5F9ob5xFk1iHwZrPvSB7X45+VmUwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzIzMTMzMmUzMjMyMzUyZTMy
MzMzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzgzMDM2MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADV4e0wDQYJKoZIhvcNAQELBQADggEBAGI/35EPfwUcotJZvjxR3+4FajiP70dN
7jb7COGvowgYPZYVkUvSOvNvdoj2d30HQZAbGlqC1MK085QwqSi1tx2iucAcXP8/
59G/JO6FWwF9myGxveXKBgJHUIaX+tbC17HNYl+4VaFQgjqTNpAh2ctGbsg+5v9X
nYArS5BbqMoLjJoYV0nSz0B1CjMLgS9K+E2fVJ1jkuqj8yltUb+w+2M8DKpZNzYF
al4bcE2+/5bAbv3Jud72kbJM0UTeQ4HJHqLfoJh+zEBoOaGpUcse3lZ71/rUazOk
uqf+QrJDL7jPwoe/1hfaIpA74mFmd3ZfNMp/s7XLEW7aJDwhvL9M8ek=
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:11:35 2025 by rpki-client