Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139332e3136382e3139342e302f32332d3234203d3e203437353833.roa
File: 3139332e3136382e3139342e302f32332d3234203d3e203437353833.roa (raw, json)
Hash identifier: raZ2mggqL7Pb1Ci5QvBXfLV/LkHxpVNz7BZzAA/pqq8=
Subject key identifier: 64:58:C6:F2:46:64:A2:BF:C1:70:C0:0C:60:7F:2F:FE:5B:3E:B9:99
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 25B9C1A89E8C79673C8629C57ECB23F311381A1F
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139332e3136382e3139342e302f32332d3234203d3e203437353833.roa
Signing time: Mon 27 Jan 2025 09:44:47 +0000
ROA not before: Mon 27 Jan 2025 09:39:47 +0000
ROA not after: Mon 26 Jan 2026 09:44:47 +0000
asID: 47583
IP address blocks: 193.168.194.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 14:33:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:b9:c1:a8:9e:8c:79:67:3c:86:29:c5:7e:cb:23:f3:11:38:1a:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Jan 27 09:39:47 2025 GMT
Not After : Jan 26 09:44:47 2026 GMT
Subject: CN=6458C6F24664A2BFC170C00C607F2FFE5B3EB999
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:38:dd:f0:ae:06:14:40:c9:f6:64:31:c9:7c:
33:6d:47:a9:ff:5b:c7:21:8c:84:d4:b3:ef:e3:0b:
6e:3e:31:3f:6f:1f:c1:19:55:9d:28:b4:fe:11:98:
2f:99:1d:8e:df:f5:b7:75:b3:bd:80:6f:72:ac:77:
42:46:d1:93:1e:48:17:34:42:6e:03:e6:fc:1b:a0:
5a:36:89:8b:cf:c1:6e:2f:7a:60:6d:00:f4:dd:0e:
df:80:8a:d2:8f:8e:f4:69:87:48:3a:76:63:3d:64:
d0:e4:af:ce:52:05:ba:32:11:da:e9:47:8a:2d:0a:
8b:21:e9:61:f3:16:1c:be:38:9e:14:59:6f:bf:ed:
d5:50:fc:6b:df:32:b7:cc:ec:c3:2a:f8:1e:78:de:
40:69:ac:36:f6:6f:4e:11:72:b9:a7:6a:93:34:67:
a2:62:19:e9:78:8d:e4:3b:5b:85:f2:6c:eb:04:b2:
68:b7:f3:99:df:0a:71:6a:7e:e8:08:b0:a3:86:97:
24:26:10:5c:28:fd:e4:19:94:da:33:03:c0:d6:90:
29:84:b6:ad:0c:93:99:c2:52:28:73:2c:64:a7:55:
41:14:27:44:92:b0:4d:fb:06:7b:41:9f:e1:06:19:
f2:e9:6c:be:24:cf:77:09:98:87:1e:aa:d5:63:c9:
03:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:58:C6:F2:46:64:A2:BF:C1:70:C0:0C:60:7F:2F:FE:5B:3E:B9:99
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139332e3136382e3139342e302f32332d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.194.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:07:f7:63:a9:45:5e:8e:f7:44:3a:e3:8c:a0:f4:2c:2e:ca:
74:d2:00:ea:3f:18:0f:37:ec:da:57:ab:35:5d:56:4f:fe:ab:
ae:06:df:a5:43:e1:90:c3:09:55:56:e6:c5:54:61:dd:b8:15:
3f:da:32:95:56:cf:ff:e8:c9:65:7d:f0:3c:b4:a3:66:7f:24:
da:21:4f:28:5c:7c:44:73:aa:72:d6:2a:aa:b8:0a:b1:22:29:
45:ba:a0:9d:ea:92:ce:15:73:ac:29:a5:bc:cf:23:ca:ed:70:
02:6d:23:d6:ea:11:6f:e0:0f:0b:39:f8:45:29:18:8e:c9:b8:
0f:36:77:5e:fd:0d:f5:21:c8:f7:44:fd:6f:98:d5:32:2f:74:
2a:a2:d3:69:f7:3c:3b:2f:65:5b:1e:a1:7c:9b:6d:e9:21:e8:
38:08:b6:53:07:dd:05:ca:59:60:56:87:02:d4:89:dd:c8:1a:
6e:c2:12:f3:db:ef:d1:91:99:b2:f0:97:32:1c:30:23:0b:a4:
13:2f:6a:3d:fa:70:34:3c:61:84:80:d1:94:ca:ad:ef:51:67:
cf:dd:44:6e:0f:ce:51:e3:dc:be:59:4a:5f:26:c6:1c:73:d1:
97:c1:21:86:d2:d4:d0:85:41:ea:aa:96:e9:35:14:e5:6a:2c:
0a:4f:01:98
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJbnBqJ6MeWc8hinFfssj8xE4Gh8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTAxMjcwOTM5NDdaFw0yNjAxMjYwOTQ0NDdaMDMxMTAvBgNV
BAMTKDY0NThDNkYyNDY2NEEyQkZDMTcwQzAwQzYwN0YyRkZFNUIzRUI5OTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhON3wrgYUQMn2ZDHJfDNtR6n/
W8chjITUs+/jC24+MT9vH8EZVZ0otP4RmC+ZHY7f9bd1s72Ab3Ksd0JG0ZMeSBc0
Qm4D5vwboFo2iYvPwW4vemBtAPTdDt+AitKPjvRph0g6dmM9ZNDkr85SBboyEdrp
R4otCosh6WHzFhy+OJ4UWW+/7dVQ/GvfMrfM7MMq+B543kBprDb2b04RcrmnapM0
Z6JiGel4jeQ7W4XybOsEsmi385nfCnFqfugIsKOGlyQmEFwo/eQZlNozA8DWkCmE
tq0Mk5nCUihzLGSnVUEUJ0SSsE37BntBn+EGGfLpbL4kz3cJmIceqtVjyQMFAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUZFjG8kZkor/BcMAMYH8v/ls+uZkwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzOTMzMmUzMTM2MzgyZTMx
MzkzNDJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAHBqMIwDQYJKoZIhvcNAQELBQADggEBAFwH92OpRV6O90Q644yg9CwuynTSAOo/
GA837NpXqzVdVk/+q64G36VD4ZDDCVVW5sVUYd24FT/aMpVWz//oyWV98Dy0o2Z/
JNohTyhcfERzqnLWKqq4CrEiKUW6oJ3qks4Vc6wppbzPI8rtcAJtI9bqEW/gDws5
+EUpGI7JuA82d179DfUhyPdE/W+Y1TIvdCqi02n3PDsvZVseoXybbekh6DgItlMH
3QXKWWBWhwLUid3IGm7CEvPb79GRmbLwlzIcMCMLpBMvaj36cDQ8YYSA0ZTKre9R
Z8/dRG4PzlHj3L5ZSl8mxhxz0ZfBIYbS1NCFQeqqluk1FOVqLApPAZg=
-----END CERTIFICATE-----
Generated at Tue Apr 8 23:41:40 2025 by rpki-client