Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e33312e3134382e302f32332d3233203d3e203631333137.roa
File: 3139342e33312e3134382e302f32332d3233203d3e203631333137.roa (raw, json)
Hash identifier: +usV7fEwbi+wMIR0vYUCfput8rBlT3MZzcvJyrCghWc=
Subject key identifier: 4A:63:57:7B:B2:56:29:59:D7:92:35:80:84:91:21:20:C7:DA:F5:8F
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 58905DD99083532AF41D7AB43DFDC0440F46793F
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e33312e3134382e302f32332d3233203d3e203631333137.roa
Signing time: Mon 27 Jan 2025 09:44:47 +0000
ROA not before: Mon 27 Jan 2025 09:39:47 +0000
ROA not after: Mon 26 Jan 2026 09:44:47 +0000
asID: 61317
IP address blocks: 194.31.148.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 15:28:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:90:5d:d9:90:83:53:2a:f4:1d:7a:b4:3d:fd:c0:44:0f:46:79:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Jan 27 09:39:47 2025 GMT
Not After : Jan 26 09:44:47 2026 GMT
Subject: CN=4A63577BB2562959D792358084912120C7DAF58F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:a5:5d:00:a4:00:34:d9:c1:4e:ae:b9:be:dc:
97:40:1e:5f:9e:13:1a:57:34:31:c8:7b:e5:cc:64:
e9:14:13:e9:68:d0:e1:47:88:a6:6d:32:91:f7:70:
27:ce:20:64:a0:2a:9a:6d:39:e3:11:04:a2:e9:63:
2b:f9:46:6b:04:d7:8c:fd:d3:19:4d:92:08:dc:08:
b6:df:e2:2f:8d:1b:a7:0c:f7:d0:71:b9:7f:e8:c5:
7c:7e:ec:9c:1e:a0:9b:22:ec:4e:6c:88:db:6e:3a:
36:5a:1c:0b:be:d6:6e:7d:6c:eb:14:45:cf:f8:64:
b3:b2:de:0e:e5:9b:ae:19:1a:bb:59:12:3d:29:61:
0b:d1:ce:2a:1a:62:73:34:09:3c:65:1f:6e:09:f9:
ae:cd:2c:d2:b3:1c:37:bb:aa:92:e2:13:5c:27:62:
cc:17:4c:57:4c:ac:b1:2a:2f:c1:63:ec:05:41:9b:
e2:f7:9a:41:4a:fe:61:e8:80:e8:86:c2:af:9d:6c:
97:fa:50:80:ad:fe:db:56:0b:85:58:3b:71:b4:a7:
03:5e:9b:5e:d4:1e:12:5d:f5:c6:27:fe:64:41:ae:
fd:51:16:42:eb:05:41:84:ce:bc:8e:7f:0c:77:f8:
9c:4d:bc:36:b5:e8:7e:2c:ab:93:aa:ba:9d:ef:2e:
5c:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:63:57:7B:B2:56:29:59:D7:92:35:80:84:91:21:20:C7:DA:F5:8F
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e33312e3134382e302f32332d3233203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.148.0/23
Signature Algorithm: sha256WithRSAEncryption
9b:b6:fd:a0:25:a2:5f:42:4c:9f:5e:7f:47:7b:4a:3f:35:46:
a0:28:62:6e:87:53:75:0d:a1:09:80:7b:af:c9:be:3c:bf:e9:
1b:dd:d1:87:b3:6e:ea:da:eb:04:b6:44:44:d3:c9:06:0d:a7:
fc:ef:59:b9:ca:58:a2:e9:42:a7:35:90:dd:22:b8:57:c2:75:
f5:cd:af:2a:57:8d:0b:b7:a6:d5:01:ba:88:5e:84:72:a3:e3:
49:4a:f4:3b:3e:c0:4e:31:52:fc:c4:89:1e:9c:2a:4c:cd:a7:
eb:0c:6f:f3:1b:14:e5:40:ea:62:a6:97:f3:04:4f:fa:8d:7e:
60:0a:b4:f9:d1:3e:c5:91:1d:33:43:84:f9:b2:c9:7e:5c:33:
57:6f:9e:18:5b:ad:1f:6f:48:00:ac:90:d4:5b:16:09:e9:3a:
f9:02:45:39:55:28:cc:e8:2f:d3:65:19:53:73:42:91:49:24:
12:df:94:79:b4:b7:8c:e3:41:2a:b4:5d:28:b0:a7:7f:d8:d0:
f2:fd:96:7b:66:5d:fc:37:dc:d6:68:18:af:28:80:30:b6:87:
0d:a3:0e:33:66:e3:bd:55:c9:6b:a1:4a:56:34:ce:35:b0:e2:
5e:d4:2c:47:8c:de:12:15:dc:ff:f8:52:2b:a9:ec:3d:06:6c:
19:f2:24:77
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUWJBd2ZCDUyr0HXq0Pf3ARA9GeT8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTAxMjcwOTM5NDdaFw0yNjAxMjYwOTQ0NDdaMDMxMTAvBgNV
BAMTKDRBNjM1NzdCQjI1NjI5NTlENzkyMzU4MDg0OTEyMTIwQzdEQUY1OEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD4pV0ApAA02cFOrrm+3JdAHl+e
ExpXNDHIe+XMZOkUE+lo0OFHiKZtMpH3cCfOIGSgKpptOeMRBKLpYyv5RmsE14z9
0xlNkgjcCLbf4i+NG6cM99BxuX/oxXx+7JweoJsi7E5siNtuOjZaHAu+1m59bOsU
Rc/4ZLOy3g7lm64ZGrtZEj0pYQvRzioaYnM0CTxlH24J+a7NLNKzHDe7qpLiE1wn
YswXTFdMrLEqL8Fj7AVBm+L3mkFK/mHogOiGwq+dbJf6UICt/ttWC4VYO3G0pwNe
m17UHhJd9cYn/mRBrv1RFkLrBUGEzryOfwx3+JxNvDa16H4sq5Oqup3vLlzZAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUSmNXe7JWKVnXkjWAhJEhIMfa9Y8wHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzOTM0MmUzMzMxMmUzMTM0
MzgyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzNjMxMzMzMTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
wh+UMA0GCSqGSIb3DQEBCwUAA4IBAQCbtv2gJaJfQkyfXn9He0o/NUagKGJuh1N1
DaEJgHuvyb48v+kb3dGHs27q2usEtkRE08kGDaf871m5ylii6UKnNZDdIrhXwnX1
za8qV40Lt6bVAbqIXoRyo+NJSvQ7PsBOMVL8xIkenCpMzafrDG/zGxTlQOpippfz
BE/6jX5gCrT50T7FkR0zQ4T5ssl+XDNXb54YW60fb0gArJDUWxYJ6Tr5AkU5VSjM
6C/TZRlTc0KRSSQS35R5tLeM40EqtF0osKd/2NDy/ZZ7Zl38N9zWaBivKIAwtocN
ow4zZuO9VclroUpWNM41sOJe1CxHjN4SFdz/+FIrqew9BmwZ8iR3
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:38:17 2025 by rpki-client