Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139332e34332e36392e302f32342d3234203d3e20313336373837.roa
File: 3139332e34332e36392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: C7NRimxAYenZBLMkF804zBPqF6bP1kSWpzTSzpVofQ8=
Subject key identifier: CA:DD:3E:6C:0A:12:45:1A:9E:C7:DF:01:90:C4:E0:D1:B2:77:A7:8A
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 2AE1061C53FB21F42C7A2675DA672D7264210A2C
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139332e34332e36392e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 05 Mar 2025 19:45:49 +0000
ROA not before: Wed 05 Mar 2025 19:40:49 +0000
ROA not after: Wed 04 Mar 2026 19:45:49 +0000
asID: 136787
IP address blocks: 193.43.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:e1:06:1c:53:fb:21:f4:2c:7a:26:75:da:67:2d:72:64:21:0a:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Mar 5 19:40:49 2025 GMT
Not After : Mar 4 19:45:49 2026 GMT
Subject: CN=CADD3E6C0A12451A9EC7DF0190C4E0D1B277A78A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:19:3a:f4:da:06:8f:3f:4d:58:0e:cf:08:26:
b4:70:e4:e7:ad:7b:1b:8a:db:e1:26:f9:50:3f:ac:
94:d5:a4:54:ce:44:d4:13:ec:ae:93:a1:03:d3:16:
c7:2a:3a:5b:8f:43:7f:25:a4:2e:37:f4:d6:0b:a7:
a1:b4:ae:30:d3:e3:db:25:a5:50:b0:92:a3:4e:1b:
1b:11:22:b1:ce:5c:db:f0:b9:a6:26:df:3c:71:6e:
47:c7:65:71:60:4c:2f:01:a9:7b:e2:1b:b1:89:aa:
ef:6d:37:f6:e7:ca:0f:1e:a8:36:26:3f:07:b1:81:
1c:e9:d2:db:76:54:52:5a:f2:8c:53:25:b3:ca:df:
51:23:76:a2:4c:b6:3d:00:da:f1:3f:7e:c0:02:de:
13:f7:2c:14:f4:a2:35:e3:f5:13:d8:c8:14:7c:a3:
6b:08:30:4f:5a:5d:4e:91:67:94:8f:4f:2a:ed:1f:
a4:fe:dc:eb:ae:3b:83:10:1f:16:36:55:e9:b0:03:
9b:2b:bc:b8:f8:93:48:5c:96:a1:31:85:9c:97:3e:
44:f0:27:48:1e:a8:0c:d4:b7:6d:b1:74:07:2d:d3:
14:02:b6:25:23:83:67:d0:54:28:e0:9a:e4:92:74:
7c:17:e0:ae:c4:a3:82:c3:85:d6:c0:a4:8a:37:d3:
3c:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:DD:3E:6C:0A:12:45:1A:9E:C7:DF:01:90:C4:E0:D1:B2:77:A7:8A
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139332e34332e36392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.43.69.0/24
Signature Algorithm: sha256WithRSAEncryption
40:66:d3:f0:1e:53:c6:fd:ad:e7:f5:e6:e3:48:d3:bb:af:a9:
b6:81:a8:51:d8:c9:a4:aa:50:5d:35:c2:7b:42:ce:fc:68:15:
05:f1:16:cc:4b:b1:59:55:7d:27:f2:36:36:11:19:a7:14:29:
a9:37:dd:ef:09:88:a6:f4:4c:a8:a9:b6:2f:4c:cb:03:7a:16:
38:ea:b4:e4:58:63:54:12:a8:1e:78:71:89:17:98:30:c2:99:
66:30:06:95:99:c7:f2:22:e1:de:ed:ba:44:eb:39:94:d1:c2:
c9:bb:d8:d4:80:11:2f:b1:5d:d3:99:35:23:95:77:26:67:a4:
73:2b:e2:51:2d:94:0c:d9:b2:f3:6f:2c:27:a5:34:4c:b0:d8:
08:f6:87:d8:30:e9:27:25:74:d8:d3:e4:40:c0:96:96:e3:33:
7f:fd:7d:ee:39:4c:31:30:fc:01:25:f8:1b:25:f6:1d:20:5f:
c9:23:70:93:a0:fd:2b:ec:8f:0a:68:e4:b0:97:6b:88:7c:ef:
eb:b1:13:fe:98:16:e9:5d:94:30:14:d7:8b:89:95:3d:ea:5d:
80:79:fa:0a:10:bc:7a:14:bb:cd:6b:7f:58:8f:27:28:04:ba:
46:4a:74:4f:1e:81:8d:48:ae:90:10:ab:90:78:43:30:4a:c6:
34:94:0a:ce
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUKuEGHFP7IfQseiZ12mctcmQhCiwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTAzMDUxOTQwNDlaFw0yNjAzMDQxOTQ1NDlaMDMxMTAvBgNV
BAMTKENBREQzRTZDMEExMjQ1MUE5RUM3REYwMTkwQzRFMEQxQjI3N0E3OEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjGTr02gaPP01YDs8IJrRw5Oet
exuK2+Em+VA/rJTVpFTORNQT7K6ToQPTFscqOluPQ38lpC439NYLp6G0rjDT49sl
pVCwkqNOGxsRIrHOXNvwuaYm3zxxbkfHZXFgTC8BqXviG7GJqu9tN/bnyg8eqDYm
PwexgRzp0tt2VFJa8oxTJbPK31EjdqJMtj0A2vE/fsAC3hP3LBT0ojXj9RPYyBR8
o2sIME9aXU6RZ5SPTyrtH6T+3OuuO4MQHxY2VemwA5srvLj4k0hclqExhZyXPkTw
J0geqAzUt22xdAct0xQCtiUjg2fQVCjgmuSSdHwX4K7Eo4LDhdbApIo30zylAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUyt0+bAoSRRqex98BkMTg0bJ3p4owHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzOTMzMmUzNDMzMmUzNjM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wStFMA0GCSqGSIb3DQEBCwUAA4IBAQBAZtPwHlPG/a3n9ebjSNO7r6m2gahR2Mmk
qlBdNcJ7Qs78aBUF8RbMS7FZVX0n8jY2ERmnFCmpN93vCYim9EyoqbYvTMsDehY4
6rTkWGNUEqgeeHGJF5gwwplmMAaVmcfyIuHe7bpE6zmU0cLJu9jUgBEvsV3TmTUj
lXcmZ6RzK+JRLZQM2bLzbywnpTRMsNgI9ofYMOknJXTY0+RAwJaW4zN//X3uOUwx
MPwBJfgbJfYdIF/JI3CToP0r7I8KaOSwl2uIfO/rsRP+mBbpXZQwFNeLiZU96l2A
efoKELx6FLvNa39YjycoBLpGSnRPHoGNSK6QEKuQeEMwSsY0lArO
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:35:36 2025 by rpki-client