Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e3134362e31342e302f32342d3234203d3e20313431303339.roa
File: 3139342e3134362e31342e302f32342d3234203d3e20313431303339.roa (raw, json)
Hash identifier: D7+Ky107dyn1MPaE+cRo0Ccnl/kmzfoFdLvHOiSTeGs=
Subject key identifier: 8E:9A:32:2F:07:AA:AB:1A:2E:68:92:A0:19:A4:33:83:62:68:4B:77
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 388F31050E782E8C0D7913618850F5E290566A09
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e3134362e31342e302f32342d3234203d3e20313431303339.roa
Signing time: Mon 27 Jan 2025 09:44:51 +0000
ROA not before: Mon 27 Jan 2025 09:39:51 +0000
ROA not after: Mon 26 Jan 2026 09:44:51 +0000
asID: 141039
IP address blocks: 194.146.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 15:28:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:8f:31:05:0e:78:2e:8c:0d:79:13:61:88:50:f5:e2:90:56:6a:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Jan 27 09:39:51 2025 GMT
Not After : Jan 26 09:44:51 2026 GMT
Subject: CN=8E9A322F07AAAB1A2E6892A019A4338362684B77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:e3:04:04:4f:24:da:d1:7f:c1:eb:5d:07:d7:
d1:15:c2:8a:03:7f:cb:86:9f:28:31:36:c4:c1:63:
81:95:82:a8:e9:80:c2:56:c2:5b:31:aa:83:79:2e:
02:e0:29:62:d6:6b:5d:36:34:0c:bd:60:02:05:ac:
f9:c0:d3:b5:a5:bc:1a:6f:71:cc:1f:79:1a:66:e2:
1f:b9:b7:78:88:52:19:ec:a3:71:ee:56:f6:5f:03:
66:84:7e:31:24:7c:c9:17:c5:9a:e7:41:a4:32:f8:
d0:b1:9c:91:a3:58:02:ba:00:03:82:10:91:87:89:
a2:9b:74:51:91:da:85:c6:99:01:1e:1d:bd:bd:ef:
4e:31:4b:38:5e:11:93:e4:6e:d4:89:5a:59:e4:35:
38:87:57:6e:4d:02:cd:84:17:1d:f2:e4:53:bd:b4:
3d:d6:0a:dc:66:52:83:58:48:79:71:38:0f:8e:68:
59:de:78:eb:45:e0:59:be:36:4f:af:48:88:56:56:
5a:1e:e6:f6:ed:36:13:3f:3e:88:fb:4b:e1:93:96:
8e:c7:c3:be:82:8c:8e:40:30:11:8e:33:b2:b0:e6:
d8:2a:b5:5f:d3:5d:26:c5:6f:ba:6d:dd:ae:08:f7:
d5:d6:05:c2:c8:d8:37:8d:fa:d0:75:09:a7:e5:ca:
fd:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:9A:32:2F:07:AA:AB:1A:2E:68:92:A0:19:A4:33:83:62:68:4B:77
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e3134362e31342e302f32342d3234203d3e20313431303339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.146.14.0/24
Signature Algorithm: sha256WithRSAEncryption
69:91:b8:04:85:7e:fd:f3:79:d5:f8:79:b5:2f:f1:c7:2f:91:
ca:01:10:9f:f2:e9:73:b3:e4:61:5c:9d:de:81:a6:dc:c5:e9:
12:b9:e0:f2:b6:1f:ce:b3:71:46:51:62:fd:6a:e6:de:79:47:
7e:99:d7:57:1b:05:6a:33:08:cd:77:2a:96:77:89:86:fe:3b:
3b:fb:c6:d5:59:c0:16:f4:35:1a:2e:67:86:31:e1:6e:41:ec:
6c:b1:6e:86:80:e6:9c:cf:0a:08:3c:f0:a5:54:e0:48:9c:82:
e1:92:60:29:29:7e:73:96:c5:31:2c:59:b0:54:f9:50:57:7f:
f2:1a:81:48:fd:9d:71:f2:4c:d7:2b:28:d4:e2:e6:8e:c1:9f:
d7:59:9f:cb:1b:b5:8c:8e:1b:3d:d3:11:22:77:a8:cd:e5:ec:
53:c0:22:91:a2:1c:ba:df:69:af:1e:27:87:75:82:7f:25:60:
a0:b9:86:aa:1f:4e:66:16:aa:55:16:ea:2e:56:86:c3:ee:c4:
b1:34:41:16:c7:02:9c:e4:0d:b5:75:5f:97:32:87:9d:78:45:
b9:86:b3:65:3f:4c:76:15:c5:fd:7d:eb:ac:3e:b1:82:ca:9b:
5a:41:34:5d:e7:ab:13:a2:c7:2f:e7:88:2f:ff:41:c3:19:39:
e2:d7:82:57
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUOI8xBQ54LowNeRNhiFD14pBWagkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTAxMjcwOTM5NTFaFw0yNjAxMjYwOTQ0NTFaMDMxMTAvBgNV
BAMTKDhFOUEzMjJGMDdBQUFCMUEyRTY4OTJBMDE5QTQzMzgzNjI2ODRCNzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDV4wQETyTa0X/B610H19EVwooD
f8uGnygxNsTBY4GVgqjpgMJWwlsxqoN5LgLgKWLWa102NAy9YAIFrPnA07WlvBpv
ccwfeRpm4h+5t3iIUhnso3HuVvZfA2aEfjEkfMkXxZrnQaQy+NCxnJGjWAK6AAOC
EJGHiaKbdFGR2oXGmQEeHb29704xSzheEZPkbtSJWlnkNTiHV25NAs2EFx3y5FO9
tD3WCtxmUoNYSHlxOA+OaFneeOtF4Fm+Nk+vSIhWVloe5vbtNhM/Poj7S+GTlo7H
w76CjI5AMBGOM7Kw5tgqtV/TXSbFb7pt3a4I99XWBcLI2DeN+tB1Caflyv3PAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUjpoyLweqqxouaJKgGaQzg2JoS3cwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzOTM0MmUzMTM0MzYyZTMx
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM0MzEzMDMzMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCkg4wDQYJKoZIhvcNAQELBQADggEBAGmRuASFfv3zedX4ebUv8ccvkcoBEJ/y
6XOz5GFcnd6BptzF6RK54PK2H86zcUZRYv1q5t55R36Z11cbBWozCM13KpZ3iYb+
Ozv7xtVZwBb0NRouZ4Yx4W5B7GyxboaA5pzPCgg88KVU4EicguGSYCkpfnOWxTEs
WbBU+VBXf/IagUj9nXHyTNcrKNTi5o7Bn9dZn8sbtYyOGz3TESJ3qM3l7FPAIpGi
HLrfaa8eJ4d1gn8lYKC5hqofTmYWqlUW6i5WhsPuxLE0QRbHApzkDbV1X5cyh514
RbmGs2U/THYVxf1966w+sYLKm1pBNF3nqxOixy/niC//QcMZOeLXglc=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:43:56 2025 by rpki-client