Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e33312e3134382e302f32342d3234203d3e20313531333338.roa
File: 3139342e33312e3134382e302f32342d3234203d3e20313531333338.roa (raw, json)
Hash identifier: 32LuJ2vDsdubOih3ZRzNTXZNITpMju9RxPtN0oNq+xY=
Subject key identifier: 1C:37:E5:E0:5C:39:8E:5E:69:01:43:48:1E:38:B7:B0:40:B0:66:4B
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 1315EE791617FA0CCED0CC9CFA5D9B7B94172E9C
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e33312e3134382e302f32342d3234203d3e20313531333338.roa
Signing time: Wed 30 Apr 2025 14:35:13 +0000
ROA not before: Wed 30 Apr 2025 14:30:13 +0000
ROA not after: Wed 29 Apr 2026 14:35:13 +0000
asID: 151338
IP address blocks: 194.31.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:15:ee:79:16:17:fa:0c:ce:d0:cc:9c:fa:5d:9b:7b:94:17:2e:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Apr 30 14:30:13 2025 GMT
Not After : Apr 29 14:35:13 2026 GMT
Subject: CN=1C37E5E05C398E5E690143481E38B7B040B0664B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:09:78:08:cd:6a:19:fe:29:4d:80:cb:92:da:
2a:59:14:78:b6:5f:2e:a2:81:b6:a3:3c:e8:ac:54:
fe:f4:45:3c:4d:3f:e3:df:f3:79:e5:d8:01:d1:fd:
c3:41:a1:cd:62:1b:78:ee:70:da:f7:55:8c:3b:94:
1a:ed:ca:0f:79:bf:02:9f:7a:4f:9b:cf:f0:e2:36:
04:8a:76:55:ed:ac:e8:c6:3d:d5:b5:8e:a9:77:fe:
a4:6c:62:4b:ce:87:13:fa:69:51:c5:c1:bf:e6:8d:
a7:43:7a:30:d2:2a:c7:75:7e:25:4f:c4:8a:a0:f5:
c9:e1:2c:a8:9b:c8:28:39:fe:1d:1b:c7:e2:1f:be:
f1:b7:f0:3b:49:53:f9:cc:45:2b:48:13:22:34:b8:
2d:68:37:74:a7:d3:d2:1d:e6:c8:c4:1d:3a:2a:82:
5a:bf:48:e1:98:cb:51:85:5b:2f:9e:19:44:6c:ca:
72:50:62:e3:6d:c3:c3:71:df:fc:a7:d7:1b:ae:82:
4c:fa:48:3b:34:2d:12:1d:1d:32:49:95:1b:8b:f5:
fc:34:08:9e:eb:c6:f4:a7:78:71:d0:ad:1a:e3:9a:
2b:30:9d:f7:95:90:b7:4d:57:54:4e:5a:df:ee:95:
71:76:ab:d2:ed:6a:d6:2f:96:cf:e9:ed:ec:0c:2b:
fe:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:37:E5:E0:5C:39:8E:5E:69:01:43:48:1E:38:B7:B0:40:B0:66:4B
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e33312e3134382e302f32342d3234203d3e20313531333338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.148.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:a9:d3:fc:aa:77:4a:41:58:e8:96:27:44:7a:16:bf:25:7b:
fd:71:20:fd:60:b0:3a:e2:1c:05:02:41:36:71:4a:b5:73:19:
9e:94:c0:7e:1d:f0:3d:01:9c:c1:37:3a:7e:67:d1:0c:01:f4:
e1:49:81:c9:d1:92:27:88:53:ce:ef:fa:c3:99:4d:e9:28:fd:
b8:f9:9b:ac:5c:53:88:91:2b:16:97:37:fc:d5:76:c7:14:9c:
69:8b:01:ce:5e:e9:bb:d1:04:36:22:5a:66:fe:f6:38:ed:49:
97:90:eb:fd:23:3a:f4:30:f9:21:19:76:eb:f3:b5:27:f5:48:
95:36:2e:65:cf:82:47:ed:2d:97:23:11:1d:b5:f8:98:b3:bb:
51:76:43:48:9c:9b:e0:67:56:03:1b:fa:97:54:b9:66:47:b3:
b2:da:8f:37:6c:0d:aa:6c:95:20:f1:9b:f8:1b:f6:7d:35:09:
5b:4b:81:71:d1:f6:40:b1:73:ba:56:7e:dc:54:18:0e:46:cb:
a7:d8:a3:46:c9:de:e6:1a:f1:c5:18:82:dc:bf:cf:ed:1f:39:
e5:dd:cd:1d:de:53:4f:62:e5:b0:60:4f:cd:0f:69:13:f5:d3:
69:4e:93:11:b8:e4:b3:2a:cc:b7:ee:6d:ae:98:79:ba:96:d4:
06:42:83:fa
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUExXueRYX+gzO0Myc+l2be5QXLpwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTA0MzAxNDMwMTNaFw0yNjA0MjkxNDM1MTNaMDMxMTAvBgNV
BAMTKDFDMzdFNUUwNUMzOThFNUU2OTAxNDM0ODFFMzhCN0IwNDBCMDY2NEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzCXgIzWoZ/ilNgMuS2ipZFHi2
Xy6igbajPOisVP70RTxNP+Pf83nl2AHR/cNBoc1iG3jucNr3VYw7lBrtyg95vwKf
ek+bz/DiNgSKdlXtrOjGPdW1jql3/qRsYkvOhxP6aVHFwb/mjadDejDSKsd1fiVP
xIqg9cnhLKibyCg5/h0bx+IfvvG38DtJU/nMRStIEyI0uC1oN3Sn09Id5sjEHToq
glq/SOGYy1GFWy+eGURsynJQYuNtw8Nx3/yn1xuugkz6SDs0LRIdHTJJlRuL9fw0
CJ7rxvSneHHQrRrjmiswnfeVkLdNV1ROWt/ulXF2q9LtatYvls/p7ewMK/6jAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUHDfl4Fw5jl5pAUNIHji3sECwZkswHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzOTM0MmUzMzMxMmUzMTM0
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM1MzEzMzMzMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCH5QwDQYJKoZIhvcNAQELBQADggEBAA6p0/yqd0pBWOiWJ0R6Fr8le/1xIP1g
sDriHAUCQTZxSrVzGZ6UwH4d8D0BnME3On5n0QwB9OFJgcnRkieIU87v+sOZTeko
/bj5m6xcU4iRKxaXN/zVdscUnGmLAc5e6bvRBDYiWmb+9jjtSZeQ6/0jOvQw+SEZ
duvztSf1SJU2LmXPgkftLZcjER21+Jizu1F2Q0icm+BnVgMb+pdUuWZHs7Lajzds
DapslSDxm/gb9n01CVtLgXHR9kCxc7pWftxUGA5Gy6fYo0bJ3uYa8cUYgty/z+0f
OeXdzR3eU09i5bBgT80PaRP102lOkxG45LMqzLfuba6YebqW1AZCg/o=
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:43:40 2025 by rpki-client