Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3133392e32382e3136302e302f32322d3234203d3e20333936333139.roa
File: 3133392e32382e3136302e302f32322d3234203d3e20333936333139.roa (raw, json)
Hash identifier: DT2hstxFia7bFuEi6wC/Z9ny+Eg7kaLYrWnrF73X73E=
Subject key identifier: F9:07:6D:68:A6:79:7B:3C:38:D5:C1:EA:2F:03:E7:8A:82:90:18:F4
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 0BF09C238B75F9665107BABDACA420E7D895D424
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3133392e32382e3136302e302f32322d3234203d3e20333936333139.roa
Signing time: Mon 27 Jan 2025 09:44:49 +0000
ROA not before: Mon 27 Jan 2025 09:39:49 +0000
ROA not after: Mon 26 Jan 2026 09:44:49 +0000
asID: 396319
IP address blocks: 139.28.160.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 15:28:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:f0:9c:23:8b:75:f9:66:51:07:ba:bd:ac:a4:20:e7:d8:95:d4:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Jan 27 09:39:49 2025 GMT
Not After : Jan 26 09:44:49 2026 GMT
Subject: CN=F9076D68A6797B3C38D5C1EA2F03E78A829018F4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a7:ff:fd:c4:c8:cf:7b:76:5a:0e:4f:00:dc:
de:3d:66:b5:be:56:dd:5f:a2:15:cb:36:19:65:16:
7d:a5:a3:4b:23:68:f7:00:9b:b0:5c:2b:97:9c:e8:
c2:fe:49:ed:94:fe:35:d7:e4:d3:9d:a1:41:73:d4:
6e:b6:b8:c8:c4:4e:c4:54:e5:6e:c4:fb:de:91:9d:
3c:29:7c:0a:8c:d4:9d:e1:ba:17:83:1d:3f:22:7d:
c7:df:db:02:92:d7:90:4d:b2:83:4c:48:c2:82:64:
89:11:c9:a2:0d:01:51:12:d7:67:03:5b:67:2f:3c:
b0:57:da:de:dd:65:e6:ec:76:de:1b:1f:3d:3d:e7:
39:86:f6:61:ad:fb:c4:c9:42:b4:c3:95:0b:4b:9d:
e5:0a:5e:00:2b:56:e1:19:64:4c:78:fa:f3:5f:51:
c7:2a:58:9c:e6:ce:56:08:44:8d:23:46:3a:92:85:
da:b7:65:91:7c:31:51:61:0a:e4:c2:16:6a:69:27:
2b:2b:b8:a5:0a:e6:44:b2:28:4b:94:28:d5:bb:1b:
61:24:75:a9:65:3e:d0:28:d5:b7:64:ff:72:1b:c4:
2f:6c:c5:f9:b8:f7:6f:93:31:1e:13:8c:2d:82:c2:
0e:47:ec:d2:3d:13:96:fc:8b:a9:ad:61:ad:0b:00:
d5:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:07:6D:68:A6:79:7B:3C:38:D5:C1:EA:2F:03:E7:8A:82:90:18:F4
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3133392e32382e3136302e302f32322d3234203d3e20333936333139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.160.0/22
Signature Algorithm: sha256WithRSAEncryption
56:3b:1f:16:17:6a:e1:1c:3e:0c:10:40:1e:cd:27:1f:ea:0e:
81:bc:06:ff:fc:09:11:59:2c:4d:92:dc:a0:48:3a:b6:19:5f:
91:d3:be:63:ec:7b:b4:ee:ee:50:65:44:35:37:4c:1d:25:ba:
db:03:a7:11:cd:fc:1b:0c:33:cb:26:78:72:cc:9f:53:45:15:
46:c7:9f:0a:5b:be:a9:45:b4:57:05:c8:0f:db:4f:60:9f:d0:
91:54:27:c9:a2:cd:84:16:77:22:84:4e:c0:cb:4b:1e:53:45:
63:e2:8f:17:65:56:88:dd:06:58:34:6c:e5:cf:45:b5:9c:f5:
89:ea:90:c2:2c:0e:ad:a7:3a:96:64:54:79:49:30:64:8d:9b:
3a:c0:da:44:76:a3:d6:80:c7:f4:c8:5c:2e:09:86:6d:69:27:
09:31:e8:76:63:f2:f5:a9:44:21:e7:72:08:73:30:01:69:4a:
a2:19:ba:89:4e:f0:6c:28:f9:ac:a6:21:e9:0f:d7:78:e8:6c:
bd:a9:6d:fb:36:4f:1b:7f:47:70:8c:ff:10:e3:62:61:5e:26:
e7:17:c6:3e:e6:4c:b1:03:2e:ba:7f:ad:f7:0e:c1:91:bb:e9:
6a:02:94:9d:35:50:78:9b:04:eb:62:42:66:c0:21:7c:d6:3f:
f4:5c:72:15
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUC/CcI4t1+WZRB7q9rKQg59iV1CQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTAxMjcwOTM5NDlaFw0yNjAxMjYwOTQ0NDlaMDMxMTAvBgNV
BAMTKEY5MDc2RDY4QTY3OTdCM0MzOEQ1QzFFQTJGMDNFNzhBODI5MDE4RjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/p//9xMjPe3ZaDk8A3N49ZrW+
Vt1fohXLNhllFn2lo0sjaPcAm7BcK5ec6ML+Se2U/jXX5NOdoUFz1G62uMjETsRU
5W7E+96RnTwpfAqM1J3huheDHT8ifcff2wKS15BNsoNMSMKCZIkRyaINAVES12cD
W2cvPLBX2t7dZebsdt4bHz095zmG9mGt+8TJQrTDlQtLneUKXgArVuEZZEx4+vNf
UccqWJzmzlYIRI0jRjqShdq3ZZF8MVFhCuTCFmppJysruKUK5kSyKEuUKNW7G2Ek
dallPtAo1bdk/3IbxC9sxfm492+TMR4TjC2Cwg5H7NI9E5b8i6mtYa0LANWVAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU+QdtaKZ5ezw41cHqLwPnioKQGPQwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzMzM5MmUzMjM4MmUzMTM2
MzAyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMzM5MzYzMzMxMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAKLHKAwDQYJKoZIhvcNAQELBQADggEBAFY7HxYXauEcPgwQQB7NJx/qDoG8Bv/8
CRFZLE2S3KBIOrYZX5HTvmPse7Tu7lBlRDU3TB0lutsDpxHN/BsMM8smeHLMn1NF
FUbHnwpbvqlFtFcFyA/bT2Cf0JFUJ8mizYQWdyKETsDLSx5TRWPijxdlVojdBlg0
bOXPRbWc9YnqkMIsDq2nOpZkVHlJMGSNmzrA2kR2o9aAx/TIXC4Jhm1pJwkx6HZj
8vWpRCHncghzMAFpSqIZuolO8Gwo+aymIekP13jobL2pbfs2Txt/R3CM/xDjYmFe
JucXxj7mTLEDLrp/rfcOwZG76WoClJ01UHibBOtiQmbAIXzWP/RcchU=
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:11:36 2025 by rpki-client