Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139332e32392e36302e302f32342d3234203d3e20323034313730.roa
File: 3139332e32392e36302e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: LPaXXXlr72YL3CtOD1t7utpRDbxA3Algtnvt63wotOI=
Subject key identifier: 5D:2A:72:FF:32:76:1C:5B:57:1F:EB:24:34:31:21:89:D1:34:54:F5
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 2B35372523B018485AAF9EF485A96333F827DE66
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139332e32392e36302e302f32342d3234203d3e20323034313730.roa
Signing time: Tue 27 May 2025 22:46:29 +0000
ROA not before: Tue 27 May 2025 22:41:29 +0000
ROA not after: Tue 26 May 2026 22:46:29 +0000
asID: 204170
IP address blocks: 193.29.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:35:37:25:23:b0:18:48:5a:af:9e:f4:85:a9:63:33:f8:27:de:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: May 27 22:41:29 2025 GMT
Not After : May 26 22:46:29 2026 GMT
Subject: CN=5D2A72FF32761C5B571FEB2434312189D13454F5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:cb:b6:1c:25:29:2e:6e:72:1a:29:3e:7e:1c:
47:1c:42:b5:df:96:1b:a6:cc:1e:89:2f:ed:bb:bf:
a1:c1:44:42:52:e2:25:8f:97:4a:fb:65:85:c2:90:
6a:4a:17:56:2b:03:8e:5a:06:95:a3:ac:66:ed:90:
59:85:ae:8e:20:eb:85:00:73:57:15:de:81:da:bc:
19:4c:a5:53:51:91:95:bf:ad:f4:bb:d3:35:0a:97:
54:03:c2:a0:e9:23:19:1d:cb:2f:bc:db:4d:38:2b:
7b:6a:05:1a:3a:f7:f7:89:8c:c4:d0:ce:5a:4f:f0:
fb:3b:31:32:c2:29:6c:fe:d1:27:41:4c:16:72:ec:
de:6d:09:15:13:5f:d4:33:8a:36:c1:81:b8:f1:a0:
e2:2c:11:9a:7b:b7:7d:19:99:9c:1f:01:22:b3:96:
b1:b8:a8:58:35:30:04:dd:83:29:79:f5:37:84:12:
09:db:16:27:d5:69:e7:f6:cd:06:f6:c9:37:a4:48:
31:08:a7:c5:38:e6:1c:51:f1:40:2d:23:ce:53:98:
1b:67:a2:23:03:4f:be:3f:62:3e:04:c6:19:5d:3f:
72:10:47:2d:78:0d:14:5b:b0:4d:a7:ba:fc:9f:9c:
2c:28:a0:2d:c3:03:66:ff:9f:15:19:a7:a6:f1:29:
ad:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:2A:72:FF:32:76:1C:5B:57:1F:EB:24:34:31:21:89:D1:34:54:F5
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139332e32392e36302e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.29.60.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:bf:77:53:c1:aa:94:20:c4:5e:3d:7c:44:bd:f6:f3:c1:42:
6b:e8:b2:97:a7:35:2d:88:a7:3a:53:8f:a6:dc:72:6c:64:50:
20:c7:2f:06:6c:ec:7c:7e:54:8d:f5:05:25:04:c4:74:a0:a3:
36:e1:67:2a:8b:de:7c:db:03:64:e6:57:b5:9e:be:0b:c9:30:
09:1b:c5:a2:cc:20:7b:38:7b:89:e8:24:1d:2d:e8:3d:fc:6a:
db:55:85:78:f9:1c:76:65:9a:9b:d6:0e:11:38:17:79:6d:6b:
09:50:0e:9c:3b:37:86:fc:ac:c4:b2:9b:5a:04:9c:b0:bc:d2:
67:9c:cf:8b:2a:02:e5:2a:2e:f3:0e:88:61:1b:fa:da:73:27:
b8:ac:b2:d3:e9:1e:7e:b5:e5:53:42:d7:f8:4a:14:08:fd:56:
03:fd:a9:a8:a2:92:b9:6a:ab:82:70:b6:58:33:ce:82:24:16:
d9:cb:8f:b8:8d:59:70:6e:c0:92:1c:d4:d5:01:3e:89:5b:75:
d0:4e:da:27:fe:17:5d:14:4d:6d:59:76:72:99:9f:c2:37:8d:
ba:82:13:bf:51:8e:13:6a:65:07:5c:d3:c5:25:a1:b7:66:65:
0a:ca:4f:26:41:b0:f5:d9:94:ac:38:63:a7:c2:26:cc:46:5b:
ea:9d:30:48
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUKzU3JSOwGEhar570haljM/gn3mYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTA1MjcyMjQxMjlaFw0yNjA1MjYyMjQ2MjlaMDMxMTAvBgNV
BAMTKDVEMkE3MkZGMzI3NjFDNUI1NzFGRUIyNDM0MzEyMTg5RDEzNDU0RjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1y7YcJSkubnIaKT5+HEccQrXf
lhumzB6JL+27v6HBREJS4iWPl0r7ZYXCkGpKF1YrA45aBpWjrGbtkFmFro4g64UA
c1cV3oHavBlMpVNRkZW/rfS70zUKl1QDwqDpIxkdyy+82004K3tqBRo69/eJjMTQ
zlpP8Ps7MTLCKWz+0SdBTBZy7N5tCRUTX9QzijbBgbjxoOIsEZp7t30ZmZwfASKz
lrG4qFg1MATdgyl59TeEEgnbFifVaef2zQb2yTekSDEIp8U45hxR8UAtI85TmBtn
oiMDT74/Yj4ExhldP3IQRy14DRRbsE2nuvyfnCwooC3DA2b/nxUZp6bxKa3NAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUXSpy/zJ2HFtXH+skNDEhidE0VPUwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzOTMzMmUzMjM5MmUzNjMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM0MzEzNzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wR08MA0GCSqGSIb3DQEBCwUAA4IBAQAOv3dTwaqUIMRePXxEvfbzwUJr6LKXpzUt
iKc6U4+m3HJsZFAgxy8GbOx8flSN9QUlBMR0oKM24Wcqi9582wNk5le1nr4LyTAJ
G8WizCB7OHuJ6CQdLeg9/GrbVYV4+Rx2ZZqb1g4ROBd5bWsJUA6cOzeG/KzEspta
BJywvNJnnM+LKgLlKi7zDohhG/racye4rLLT6R5+teVTQtf4ShQI/VYD/amoopK5
aquCcLZYM86CJBbZy4+4jVlwbsCSHNTVAT6JW3XQTton/hddFE1tWXZymZ/CN426
ghO/UY4TamUHXNPFJaG3ZmUKyk8mQbD12ZSsOGOnwibMRlvqnTBI
-----END CERTIFICATE-----
Generated at Fri Jun 6 13:44:11 2025 by rpki-client