Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e3134362e31332e302f32342d3332203d3e203531313637.roa
File: 3139342e3134362e31332e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: 2zD0q9FY/xDn9Ywv08E2XEtbcBwcH0y8Cl+12iywr5g=
Subject key identifier: C4:24:4E:D6:E7:7A:05:D7:63:5C:96:1E:31:97:B2:0E:F4:FA:7E:51
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 1E2109794FECBAC95A017369987A4D1FBDE9DAAD
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e3134362e31332e302f32342d3332203d3e203531313637.roa
Signing time: Mon 27 Jan 2025 09:44:48 +0000
ROA not before: Mon 27 Jan 2025 09:39:48 +0000
ROA not after: Mon 26 Jan 2026 09:44:48 +0000
asID: 51167
IP address blocks: 194.146.13.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:21:09:79:4f:ec:ba:c9:5a:01:73:69:98:7a:4d:1f:bd:e9:da:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Jan 27 09:39:48 2025 GMT
Not After : Jan 26 09:44:48 2026 GMT
Subject: CN=C4244ED6E77A05D7635C961E3197B20EF4FA7E51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d8:a1:0c:26:5a:a4:a7:ad:4d:f1:e7:80:bb:
c0:d2:4e:e8:55:07:1c:09:14:ba:f2:78:82:4e:aa:
2c:14:a3:84:85:3d:c6:eb:4a:ad:ff:e6:52:72:86:
37:31:a0:59:53:cf:8e:9b:5f:4a:d7:1a:ce:e3:be:
77:a4:46:23:5e:33:00:85:07:ad:ca:ba:63:80:a6:
6f:ed:61:61:95:14:21:b7:43:af:5c:27:1f:17:77:
84:5a:92:03:5f:97:9f:f7:60:ff:47:a4:60:12:1d:
f5:31:fc:2b:eb:81:f6:93:0b:41:98:51:4f:84:02:
e4:d9:45:af:86:63:49:1c:72:9d:15:7e:c1:d6:69:
a5:0d:81:cf:c4:a3:a4:06:d8:c3:00:02:96:a2:1a:
fa:38:b5:b2:76:df:f9:91:16:d1:c0:9e:f3:26:39:
ee:6e:54:d3:12:c2:57:93:10:e9:14:cc:71:ab:de:
35:d9:fd:f2:43:67:43:63:72:f1:f2:fe:b1:76:e0:
7a:00:a5:f5:7b:bc:a8:15:8f:07:3e:b6:0a:d2:a4:
28:93:69:44:c4:6d:26:84:3d:a9:14:e0:7c:b7:6c:
42:6b:70:83:07:8d:0e:2a:d6:8e:d9:52:78:63:c6:
e3:7d:e3:c7:d1:bc:ce:d9:3e:e8:1b:5e:10:aa:b3:
cc:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:24:4E:D6:E7:7A:05:D7:63:5C:96:1E:31:97:B2:0E:F4:FA:7E:51
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e3134362e31332e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.146.13.0/24
Signature Algorithm: sha256WithRSAEncryption
17:bf:7d:b5:24:f6:a9:6f:b7:f3:9c:d7:51:04:0c:8d:c7:6e:
52:8a:7b:62:66:be:1d:48:3e:f2:68:1e:0e:34:63:d3:db:18:
1b:55:e5:ee:6e:ec:58:a3:ec:0b:e7:2a:6b:0e:3b:e3:d1:a5:
ed:f0:c0:c3:18:23:3d:d8:8c:b7:f4:b5:e7:b0:07:22:89:a7:
d4:58:7a:a8:d0:f3:9a:37:19:98:04:3d:0e:d6:d4:1b:b7:e2:
c5:21:c6:1f:66:3b:1a:4f:c2:6e:4c:dc:a0:c6:5b:3d:93:80:
a1:80:46:6b:29:c7:04:87:2f:07:e4:b5:e2:c8:59:db:4f:e1:
14:7f:57:40:5f:1a:af:2d:4c:a8:91:3b:e4:4d:ac:30:de:79:
62:38:9b:a9:b0:bb:50:c1:6e:fe:86:cb:14:54:07:e1:6f:8c:
dc:bb:09:33:5a:6c:55:67:11:4f:60:82:cd:4f:34:d1:6b:cd:
c0:6f:3f:90:e0:2d:e2:bd:35:1a:3b:02:77:97:9f:31:ea:bb:
f6:77:c8:ee:b6:97:2e:40:78:80:65:5a:a8:4c:21:ca:bc:b0:
aa:c8:3b:c1:cf:9e:d5:91:e6:db:f9:29:d4:ee:9f:3c:73:32:
d7:8c:b1:26:14:43:70:0f:34:9f:a2:60:45:7a:5e:44:be:ce:
71:30:31:fe
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUHiEJeU/suslaAXNpmHpNH73p2q0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTAxMjcwOTM5NDhaFw0yNjAxMjYwOTQ0NDhaMDMxMTAvBgNV
BAMTKEM0MjQ0RUQ2RTc3QTA1RDc2MzVDOTYxRTMxOTdCMjBFRjRGQTdFNTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA2KEMJlqkp61N8eeAu8DSTuhV
BxwJFLryeIJOqiwUo4SFPcbrSq3/5lJyhjcxoFlTz46bX0rXGs7jvnekRiNeMwCF
B63KumOApm/tYWGVFCG3Q69cJx8Xd4RakgNfl5/3YP9HpGASHfUx/CvrgfaTC0GY
UU+EAuTZRa+GY0kccp0VfsHWaaUNgc/Eo6QG2MMAApaiGvo4tbJ23/mRFtHAnvMm
Oe5uVNMSwleTEOkUzHGr3jXZ/fJDZ0NjcvHy/rF24HoApfV7vKgVjwc+tgrSpCiT
aUTEbSaEPakU4Hy3bEJrcIMHjQ4q1o7ZUnhjxuN948fRvM7ZPugbXhCqs8wdAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUxCRO1ud6BddjXJYeMZeyDvT6flEwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzOTM0MmUzMTM0MzYyZTMx
MzMyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wpINMA0GCSqGSIb3DQEBCwUAA4IBAQAXv321JPapb7fznNdRBAyNx25SintiZr4d
SD7yaB4ONGPT2xgbVeXubuxYo+wL5yprDjvj0aXt8MDDGCM92Iy39LXnsAciiafU
WHqo0POaNxmYBD0O1tQbt+LFIcYfZjsaT8JuTNygxls9k4ChgEZrKccEhy8H5LXi
yFnbT+EUf1dAXxqvLUyokTvkTaww3nliOJupsLtQwW7+hssUVAfhb4zcuwkzWmxV
ZxFPYILNTzTRa83Abz+Q4C3ivTUaOwJ3l58x6rv2d8jutpcuQHiAZVqoTCHKvLCq
yDvBz57Vkebb+SnU7p88czLXjLEmFENwDzSfomBFel5Evs5xMDH+
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:01:19 2025 by rpki-client