Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e33312e3134382e302f32332d3234203d3e203631333137.roa
File: 3139342e33312e3134382e302f32332d3234203d3e203631333137.roa (raw, json)
Hash identifier: 6Y0rHmni33LTzz3UhslT4X2JFnpsiQffTxLQkBknEuA=
Subject key identifier: 2C:B1:3C:63:F4:DA:E8:F8:37:79:D8:BA:A4:64:0A:DB:C9:C9:D1:02
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 0371D2852A85C7C3C7B098082727462F730AF734
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e33312e3134382e302f32332d3234203d3e203631333137.roa
Signing time: Mon 27 Jan 2025 09:44:51 +0000
ROA not before: Mon 27 Jan 2025 09:39:51 +0000
ROA not after: Mon 26 Jan 2026 09:44:51 +0000
asID: 61317
IP address blocks: 194.31.148.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 18:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:71:d2:85:2a:85:c7:c3:c7:b0:98:08:27:27:46:2f:73:0a:f7:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Jan 27 09:39:51 2025 GMT
Not After : Jan 26 09:44:51 2026 GMT
Subject: CN=2CB13C63F4DAE8F83779D8BAA4640ADBC9C9D102
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:85:7e:56:c4:dd:8a:84:f4:ff:49:d7:35:9b:
a0:84:7a:75:e9:b6:f8:17:ba:05:e3:16:e9:82:b4:
18:3b:5c:04:f0:3a:34:20:b2:af:76:90:79:bf:81:
6a:4b:5d:56:ae:b9:b0:fa:ba:19:ff:4a:8a:73:6b:
1e:32:da:e0:da:98:36:d8:26:44:68:ee:4f:96:3a:
c2:35:2b:a0:fc:93:28:d8:ac:e5:3e:39:1e:f1:c4:
dd:9c:91:07:92:29:70:90:61:2f:05:85:36:5d:35:
4b:06:d9:44:0f:37:1f:84:0c:d4:b0:3d:a7:09:8a:
28:61:f0:32:dd:d7:b3:0c:96:a8:a3:bc:69:4d:8f:
29:26:41:84:11:cc:da:ad:9b:9d:b8:f5:a2:dc:b8:
2e:16:cf:e7:31:9b:d0:57:3b:f7:bd:ab:d4:de:36:
b3:ee:35:75:4e:17:a1:1e:9c:15:8c:41:80:23:79:
55:18:5b:b3:a4:ca:8e:38:12:78:58:b5:a2:2f:7e:
58:2d:df:60:70:64:0d:c8:7f:2f:03:0f:3c:7f:91:
1c:ac:07:db:c3:1a:ee:04:79:91:3d:fb:73:03:a8:
75:20:b3:a1:af:30:66:9d:e8:22:75:0a:3f:88:db:
70:5e:76:91:85:c7:f4:9e:e2:04:d4:2a:73:90:db:
a3:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:B1:3C:63:F4:DA:E8:F8:37:79:D8:BA:A4:64:0A:DB:C9:C9:D1:02
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e33312e3134382e302f32332d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.148.0/23
Signature Algorithm: sha256WithRSAEncryption
48:d0:31:b1:ad:62:0a:2b:c4:0e:d0:0c:ee:16:2d:7c:4c:36:
2e:27:70:e8:e3:39:e8:9e:eb:51:4b:e4:15:bc:13:12:ea:95:
e6:11:7a:ad:6e:1d:db:52:1c:73:17:80:7e:2b:cf:e8:9a:36:
80:dd:d9:71:de:84:1c:4c:34:21:68:f6:a2:d6:48:de:25:f2:
12:94:84:01:c3:ed:7b:01:6a:df:f5:07:8c:3f:84:40:81:76:
b7:7f:02:90:39:fc:62:38:e8:84:16:25:9d:fe:7e:82:48:17:
4e:bf:ab:43:31:5b:f2:e6:b2:29:37:c2:30:d9:5c:49:19:37:
52:1f:93:f2:ee:df:7f:41:cb:c5:02:9a:b3:e1:11:cf:75:8c:
d9:15:e7:5b:cb:b3:40:a0:34:c6:24:bb:a9:c8:ea:3d:15:0c:
35:c4:ed:54:75:c0:79:d6:e9:ed:36:37:82:74:8f:36:ea:be:
69:a4:4b:b8:fd:b3:63:47:57:38:65:25:4d:48:49:8d:b8:3b:
b4:3d:10:2e:14:fd:e2:63:12:42:f7:08:7e:08:60:6f:e3:47:
8c:7c:4a:dd:0e:4b:87:11:a4:da:ea:14:63:d4:51:fc:87:21:
5b:a7:5f:90:ea:3c:8e:2c:54:e0:af:25:44:b3:94:f9:4f:4a:
d0:c9:c2:88
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUA3HShSqFx8PHsJgIJydGL3MK9zQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTAxMjcwOTM5NTFaFw0yNjAxMjYwOTQ0NTFaMDMxMTAvBgNV
BAMTKDJDQjEzQzYzRjREQUU4RjgzNzc5RDhCQUE0NjQwQURCQzlDOUQxMDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCthX5WxN2KhPT/Sdc1m6CEenXp
tvgXugXjFumCtBg7XATwOjQgsq92kHm/gWpLXVauubD6uhn/Sopzax4y2uDamDbY
JkRo7k+WOsI1K6D8kyjYrOU+OR7xxN2ckQeSKXCQYS8FhTZdNUsG2UQPNx+EDNSw
PacJiihh8DLd17MMlqijvGlNjykmQYQRzNqtm5249aLcuC4Wz+cxm9BXO/e9q9Te
NrPuNXVOF6EenBWMQYAjeVUYW7Okyo44EnhYtaIvflgt32BwZA3Ify8DDzx/kRys
B9vDGu4EeZE9+3MDqHUgs6GvMGad6CJ1Cj+I23BedpGFx/Se4gTUKnOQ26MJAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQULLE8Y/Ta6Pg3edi6pGQK28nJ0QIwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzOTM0MmUzMzMxMmUzMTM0
MzgyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzNjMxMzMzMTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
wh+UMA0GCSqGSIb3DQEBCwUAA4IBAQBI0DGxrWIKK8QO0AzuFi18TDYuJ3Do4zno
nutRS+QVvBMS6pXmEXqtbh3bUhxzF4B+K8/omjaA3dlx3oQcTDQhaPai1kjeJfIS
lIQBw+17AWrf9QeMP4RAgXa3fwKQOfxiOOiEFiWd/n6CSBdOv6tDMVvy5rIpN8Iw
2VxJGTdSH5Py7t9/QcvFApqz4RHPdYzZFedby7NAoDTGJLupyOo9FQw1xO1UdcB5
1untNjeCdI826r5ppEu4/bNjR1c4ZSVNSEmNuDu0PRAuFP3iYxJC9wh+CGBv40eM
fErdDkuHEaTa6hRj1FH8hyFbp1+Q6jyOLFTgryVEs5T5T0rQycKI
-----END CERTIFICATE-----
Generated at Fri Mar 14 04:33:43 2025 by rpki-client