Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3135322e38392e3132362e302f32342d3234203d3e20333938373034.roa
File: 3135322e38392e3132362e302f32342d3234203d3e20333938373034.roa (raw, json)
Hash identifier: baXFrX5tmUZzyNOu2eYWAa3yrYC1k3z0ZEfuM/clflA=
Subject key identifier: 11:DC:2C:E2:77:B5:EE:A1:4D:25:F3:2A:72:3A:BB:38:92:76:E5:21
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 639918F1A57989C87E61BB82A9466E2721D89FBD
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3135322e38392e3132362e302f32342d3234203d3e20333938373034.roa
Signing time: Mon 19 May 2025 10:36:04 +0000
ROA not before: Mon 19 May 2025 10:31:04 +0000
ROA not after: Mon 18 May 2026 10:36:04 +0000
asID: 398704
IP address blocks: 152.89.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 08:25:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:99:18:f1:a5:79:89:c8:7e:61:bb:82:a9:46:6e:27:21:d8:9f:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: May 19 10:31:04 2025 GMT
Not After : May 18 10:36:04 2026 GMT
Subject: CN=11DC2CE277B5EEA14D25F32A723ABB389276E521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:9a:ce:10:bc:3c:87:73:95:5b:ac:91:75:52:
74:53:6e:49:5f:f1:a8:fa:0f:9f:af:09:f2:73:66:
b1:ac:7e:86:e4:8c:42:36:6a:e2:f7:88:98:6a:12:
6c:6f:93:3b:b5:c5:5c:01:ab:9f:8b:09:37:5a:c5:
52:26:12:cd:3e:8d:33:3b:04:d8:97:55:47:bc:2a:
9a:1f:c4:d0:53:16:fd:f0:3b:5c:39:c5:a7:10:6c:
13:33:b6:95:a4:cd:fc:95:04:70:62:4c:94:c4:00:
48:d0:13:26:80:77:d5:b4:fe:22:48:95:bd:69:70:
44:7e:1b:b8:5f:6f:7c:69:d9:f6:ec:65:d8:ac:22:
f0:6e:94:f6:19:b1:2e:e0:b0:af:48:0d:59:23:86:
c9:4c:6e:30:7b:83:09:f7:51:65:65:9b:aa:ee:b4:
1d:f0:5c:47:87:c7:12:66:05:d6:62:31:2b:9e:d3:
e9:52:a9:c7:dc:4c:dc:d9:ac:a2:4c:eb:13:ee:33:
e8:13:cd:18:b6:63:b0:db:cd:4b:62:3d:97:bc:f4:
5e:c8:c2:13:e7:fd:f2:d8:06:95:70:d5:dc:13:9e:
a9:e0:b6:61:57:83:33:41:6d:17:10:00:32:d3:b4:
35:a6:47:18:35:28:bd:7e:01:e1:85:c8:a5:a0:8a:
26:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:DC:2C:E2:77:B5:EE:A1:4D:25:F3:2A:72:3A:BB:38:92:76:E5:21
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3135322e38392e3132362e302f32342d3234203d3e20333938373034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.126.0/24
Signature Algorithm: sha256WithRSAEncryption
17:67:49:67:af:b1:36:e4:97:c9:86:55:e0:0d:77:b1:ad:44:
b9:62:33:2e:8e:1e:5a:ee:b1:83:52:dd:1f:50:19:b8:7f:6b:
3a:04:eb:8f:40:de:db:c9:d6:61:c9:d2:e8:14:e4:ec:ae:ff:
c6:a2:51:a8:c4:16:eb:b2:24:56:36:47:ce:dc:29:b1:69:77:
4c:ee:24:a2:62:5e:82:1c:5d:69:c1:dc:be:16:5e:b1:38:cd:
fd:c4:3c:8e:13:d0:b4:d1:dc:32:cf:ef:6f:f7:8a:73:f6:c2:
0a:0e:2e:7f:ed:08:fc:ab:62:d8:92:37:26:f2:e0:e5:42:e4:
bd:24:c3:fb:ea:fb:ba:6d:35:64:e2:56:d3:28:81:72:e7:89:
54:ed:05:64:98:13:1e:6e:44:2d:f2:6b:72:5b:8a:92:7e:d0:
6b:b8:a6:06:64:85:94:a8:15:37:01:0b:fe:26:50:da:91:1a:
b2:8d:94:6d:cd:a2:9e:43:07:b2:a7:28:5e:77:f2:2d:f0:a3:
3f:05:7e:dd:f4:90:f1:6a:b8:23:13:fd:e7:72:99:22:ed:9b:
5c:28:3b:c3:02:05:71:1e:d6:61:6d:0b:5f:e1:d6:d7:9d:40:
dd:5f:75:1c:8f:a8:b9:c9:d1:f9:ef:75:10:ed:d4:0c:4e:97:
70:63:ee:c2
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUY5kY8aV5ich+YbuCqUZuJyHYn70wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTA1MTkxMDMxMDRaFw0yNjA1MTgxMDM2MDRaMDMxMTAvBgNV
BAMTKDExREMyQ0UyNzdCNUVFQTE0RDI1RjMyQTcyM0FCQjM4OTI3NkU1MjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJms4QvDyHc5VbrJF1UnRTbklf
8aj6D5+vCfJzZrGsfobkjEI2auL3iJhqEmxvkzu1xVwBq5+LCTdaxVImEs0+jTM7
BNiXVUe8KpofxNBTFv3wO1w5xacQbBMztpWkzfyVBHBiTJTEAEjQEyaAd9W0/iJI
lb1pcER+G7hfb3xp2fbsZdisIvBulPYZsS7gsK9IDVkjhslMbjB7gwn3UWVlm6ru
tB3wXEeHxxJmBdZiMSue0+lSqcfcTNzZrKJM6xPuM+gTzRi2Y7DbzUtiPZe89F7I
whPn/fLYBpVw1dwTnqngtmFXgzNBbRcQADLTtDWmRxg1KL1+AeGFyKWgiiYdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUEdws4ne17qFNJfMqcjq7OJJ25SEwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzNTMyMmUzODM5MmUzMTMy
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzgzNzMwMzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACYWX4wDQYJKoZIhvcNAQELBQADggEBABdnSWevsTbkl8mGVeANd7GtRLliMy6O
HlrusYNS3R9QGbh/azoE649A3tvJ1mHJ0ugU5Oyu/8aiUajEFuuyJFY2R87cKbFp
d0zuJKJiXoIcXWnB3L4WXrE4zf3EPI4T0LTR3DLP72/3inP2wgoOLn/tCPyrYtiS
Nyby4OVC5L0kw/vq+7ptNWTiVtMogXLniVTtBWSYEx5uRC3ya3JbipJ+0Gu4pgZk
hZSoFTcBC/4mUNqRGrKNlG3Nop5DB7KnKF538i3woz8Fft30kPFquCMT/edymSLt
m1woO8MCBXEe1mFtC1/h1tedQN1fdRyPqLnJ0fnvdRDt1AxOl3Bj7sI=
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:50:08 2025 by rpki-client