Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e3134362e31352e302f32342d3234203d3e20313336373837.roa
File: 3139342e3134362e31352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: p82MJr5Qd8lKzDTusoMlpLNvmKE0ivNwOUCqOv3hqCg=
Subject key identifier: 6C:C8:27:26:97:BE:51:D1:56:39:00:EA:9A:D7:B6:83:0F:01:52:35
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 60653A40A15775F53FF55684365E06D5559FCFE8
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e3134362e31352e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 05 Mar 2025 19:45:50 +0000
ROA not before: Wed 05 Mar 2025 19:40:50 +0000
ROA not after: Wed 04 Mar 2026 19:45:50 +0000
asID: 136787
IP address blocks: 194.146.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:65:3a:40:a1:57:75:f5:3f:f5:56:84:36:5e:06:d5:55:9f:cf:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Mar 5 19:40:50 2025 GMT
Not After : Mar 4 19:45:50 2026 GMT
Subject: CN=6CC8272697BE51D1563900EA9AD7B6830F015235
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:4a:e4:9a:8a:40:59:61:55:8a:2c:d4:09:be:
52:e8:78:a0:ae:79:80:7e:be:39:0a:e9:c8:60:0f:
c2:d3:25:a9:f6:8a:21:28:20:15:7a:41:9e:f7:41:
db:c3:0d:f2:ad:0d:8e:d0:3a:ce:ad:ee:46:ff:ef:
78:8d:48:2c:d4:6e:93:7e:54:d6:a4:5b:d3:8f:28:
b6:9a:a1:6e:f6:a1:7b:0b:dd:2e:8e:72:31:c8:c4:
f2:78:0a:f7:52:1d:4b:aa:1f:ad:4f:8e:54:1e:41:
1a:52:8a:bc:63:73:65:9b:8a:06:f8:84:62:42:85:
1d:50:61:49:e4:bb:0e:b1:76:1a:db:20:3b:d7:2a:
25:4a:0b:8c:33:26:76:1c:e9:83:9f:56:fa:3d:cf:
1c:8f:f2:4f:74:0b:e6:69:04:9d:88:f7:7c:08:93:
9d:31:b1:3f:9e:ed:11:bc:9d:e6:9c:df:8a:e4:51:
3b:b7:88:ab:db:af:eb:4a:98:b3:17:5f:df:df:c0:
5a:16:13:c7:7e:44:bc:e1:20:9f:10:c1:42:ec:5d:
bf:1e:41:25:7d:ff:b5:d5:a9:48:70:c9:e7:61:ee:
e3:47:0e:60:da:e2:9a:57:a8:4e:11:8a:e4:5d:f8:
ee:c4:3a:4e:05:ba:17:03:50:ac:84:97:07:3f:25:
6b:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:C8:27:26:97:BE:51:D1:56:39:00:EA:9A:D7:B6:83:0F:01:52:35
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e3134362e31352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.146.15.0/24
Signature Algorithm: sha256WithRSAEncryption
94:83:1f:20:68:6c:71:c8:c4:23:88:fd:f4:ec:28:51:7a:66:
12:58:6c:10:9c:42:7c:39:d8:fd:4c:36:8a:7d:f8:75:6f:7f:
52:11:3f:17:f3:2d:fc:a2:1b:9f:77:ea:62:aa:fb:33:dd:6b:
e0:77:74:d4:46:76:3a:53:dd:33:bc:01:98:76:f0:7c:82:1e:
4e:02:90:fe:a9:9e:33:48:92:d1:7c:25:45:bd:c2:f1:6c:52:
f0:80:a4:97:96:d2:29:b1:99:47:5c:a2:9a:e4:03:86:7c:17:
e2:dd:4b:ad:14:72:10:30:60:d0:f7:6b:1f:1f:9f:6d:1d:01:
37:43:94:81:16:6c:f5:8e:a6:e3:59:f3:22:83:10:bd:5e:0d:
29:84:ec:ff:04:d3:4d:bf:73:4a:0f:30:a5:cf:74:79:9b:e8:
30:fe:a3:b9:f8:c0:a8:3f:c6:f0:10:29:ed:39:b9:45:bf:2a:
db:e8:11:87:f0:cc:98:84:ba:cf:92:8a:75:e7:d4:94:16:7f:
b2:13:68:a4:ff:bf:c2:80:4a:75:65:bc:86:8a:29:17:2b:98:
fe:cc:67:b8:3b:b3:2e:a2:64:10:ef:60:bc:a2:2f:f6:24:4d:
6c:e8:b4:49:54:20:3c:9d:f1:ab:c7:c9:de:53:b4:6d:91:17:
54:6e:21:59
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUYGU6QKFXdfU/9VaENl4G1VWfz+gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTAzMDUxOTQwNTBaFw0yNjAzMDQxOTQ1NTBaMDMxMTAvBgNV
BAMTKDZDQzgyNzI2OTdCRTUxRDE1NjM5MDBFQTlBRDdCNjgzMEYwMTUyMzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDASuSaikBZYVWKLNQJvlLoeKCu
eYB+vjkK6chgD8LTJan2iiEoIBV6QZ73QdvDDfKtDY7QOs6t7kb/73iNSCzUbpN+
VNakW9OPKLaaoW72oXsL3S6OcjHIxPJ4CvdSHUuqH61PjlQeQRpSirxjc2Wbigb4
hGJChR1QYUnkuw6xdhrbIDvXKiVKC4wzJnYc6YOfVvo9zxyP8k90C+ZpBJ2I93wI
k50xsT+e7RG8neac34rkUTu3iKvbr+tKmLMXX9/fwFoWE8d+RLzhIJ8QwULsXb8e
QSV9/7XVqUhwyedh7uNHDmDa4ppXqE4RiuRd+O7EOk4FuhcDUKyElwc/JWurAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUbMgnJpe+UdFWOQDqmte2gw8BUjUwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzOTM0MmUzMTM0MzYyZTMx
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCkg8wDQYJKoZIhvcNAQELBQADggEBAJSDHyBobHHIxCOI/fTsKFF6ZhJYbBCc
Qnw52P1MNop9+HVvf1IRPxfzLfyiG5936mKq+zPda+B3dNRGdjpT3TO8AZh28HyC
Hk4CkP6pnjNIktF8JUW9wvFsUvCApJeW0imxmUdcoprkA4Z8F+LdS60UchAwYND3
ax8fn20dATdDlIEWbPWOpuNZ8yKDEL1eDSmE7P8E002/c0oPMKXPdHmb6DD+o7n4
wKg/xvAQKe05uUW/KtvoEYfwzJiEus+SinXn1JQWf7ITaKT/v8KASnVlvIaKKRcr
mP7MZ7g7sy6iZBDvYLyiL/YkTWzotElUIDyd8avHyd5TtG2RF1RuIVk=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:52:33 2025 by rpki-client