Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e33312e3134392e302f32342d3234203d3e20313432313436.roa
File: 3139342e33312e3134392e302f32342d3234203d3e20313432313436.roa (raw, json)
Hash identifier: 2WRuG6ts9kYLDuBE3pPOyQ00FLptcJOOo4P3g81RMng=
Subject key identifier: 11:7C:43:D1:35:7F:AB:E1:A8:FF:53:88:EB:4B:31:42:02:EF:DC:A9
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 1B9E4D5B6DCF6666CA9C4708BD5ABEA1394BB0FB
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e33312e3134392e302f32342d3234203d3e20313432313436.roa
Signing time: Wed 21 May 2025 11:46:24 +0000
ROA not before: Wed 21 May 2025 11:41:24 +0000
ROA not after: Wed 20 May 2026 11:46:24 +0000
asID: 142146
IP address blocks: 194.31.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:9e:4d:5b:6d:cf:66:66:ca:9c:47:08:bd:5a:be:a1:39:4b:b0:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: May 21 11:41:24 2025 GMT
Not After : May 20 11:46:24 2026 GMT
Subject: CN=117C43D1357FABE1A8FF5388EB4B314202EFDCA9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:46:80:2b:68:af:59:d4:d5:50:61:1d:c1:9c:
9f:4a:7a:c3:3e:b8:97:31:91:42:d3:9e:bc:e1:c2:
9a:04:08:52:14:3a:14:9f:10:28:89:d6:2c:64:03:
7a:4c:3f:be:ff:4f:ab:d5:61:81:2e:8e:ca:eb:65:
dd:57:52:c7:5f:2a:7f:78:6a:f8:64:b3:d3:97:22:
f0:49:71:70:3e:c5:6f:f0:ba:36:20:d0:15:91:dc:
db:e8:a7:79:8e:f1:d5:fb:72:92:79:1a:42:65:84:
0a:9d:ba:60:d3:84:b8:cc:36:13:bf:1f:1a:6f:b6:
80:da:44:60:9b:44:0f:12:e6:d3:67:4d:d2:fb:c0:
35:64:7c:82:2f:48:5d:70:66:ca:58:ce:48:90:52:
e9:e8:65:a5:a1:f4:21:21:54:3b:cd:e0:ee:18:c1:
a4:d1:b7:f4:a9:36:ac:b0:6a:87:87:3c:83:3a:ee:
72:d8:5f:47:97:6b:df:ce:6c:27:7f:13:07:16:61:
0b:ce:8c:df:7c:6e:5e:55:68:58:01:63:92:a8:16:
58:a4:65:b3:f1:b7:3c:2e:a4:48:35:3a:de:ed:64:
7a:07:18:08:9f:39:a9:e0:86:99:d2:34:01:37:ec:
32:55:61:bf:3f:e2:a3:f2:b4:2f:fb:7c:c4:e2:18:
9d:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:7C:43:D1:35:7F:AB:E1:A8:FF:53:88:EB:4B:31:42:02:EF:DC:A9
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e33312e3134392e302f32342d3234203d3e20313432313436.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.149.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:f6:5a:e4:b6:da:1f:4d:3f:f2:84:29:5b:59:39:14:ef:36:
7d:c4:21:0c:53:bd:8d:4c:23:1a:96:5e:34:0a:95:67:98:46:
73:b5:c5:da:62:2b:10:fe:dd:a7:f2:bb:cf:09:a5:a8:e4:2d:
27:bf:31:4c:5d:0b:6c:b4:a2:17:4d:55:e3:5d:07:4d:01:a5:
8d:10:6b:f1:2a:41:dd:3f:40:e4:17:77:0e:62:d3:42:c6:7a:
b6:83:44:f0:50:fa:3b:17:9e:16:1c:5d:a5:46:7a:70:e7:36:
9f:bd:c0:20:6f:ab:3a:71:9a:ad:5c:5c:dd:f2:05:6c:3a:10:
3e:83:5f:f7:f4:2b:b0:c1:33:7d:34:ce:2e:52:0a:a4:f7:aa:
57:1b:48:17:ce:53:c2:46:ce:4f:7d:dd:1e:11:3c:b5:01:b6:
ee:8c:0b:19:5f:6a:9a:13:1b:58:d0:82:3c:07:a1:cf:fe:0f:
a3:af:f8:cf:92:54:e1:e4:98:dc:85:ee:d1:32:3a:dc:1d:b9:
06:c0:33:70:58:71:ed:b3:a2:9a:ff:7a:8a:0c:23:b0:b0:5c:
82:e6:a6:2a:11:0a:c5:11:45:c7:18:d0:71:a0:26:56:55:a0:
df:9f:62:fb:3f:6c:49:87:f9:67:3b:67:79:5e:96:2e:ef:08:
f8:84:f4:2b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUG55NW23PZmbKnEcIvVq+oTlLsPswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTA1MjExMTQxMjRaFw0yNjA1MjAxMTQ2MjRaMDMxMTAvBgNV
BAMTKDExN0M0M0QxMzU3RkFCRTFBOEZGNTM4OEVCNEIzMTQyMDJFRkRDQTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFRoAraK9Z1NVQYR3BnJ9KesM+
uJcxkULTnrzhwpoECFIUOhSfECiJ1ixkA3pMP77/T6vVYYEujsrrZd1XUsdfKn94
avhks9OXIvBJcXA+xW/wujYg0BWR3Nvop3mO8dX7cpJ5GkJlhAqdumDThLjMNhO/
HxpvtoDaRGCbRA8S5tNnTdL7wDVkfIIvSF1wZspYzkiQUunoZaWh9CEhVDvN4O4Y
waTRt/SpNqywaoeHPIM67nLYX0eXa9/ObCd/EwcWYQvOjN98bl5VaFgBY5KoFlik
ZbPxtzwupEg1Ot7tZHoHGAifOanghpnSNAE37DJVYb8/4qPytC/7fMTiGJ3xAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUEXxD0TV/q+Go/1OI60sxQgLv3KkwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzOTM0MmUzMzMxMmUzMTM0
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM0MzIzMTM0MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCH5UwDQYJKoZIhvcNAQELBQADggEBAEv2WuS22h9NP/KEKVtZORTvNn3EIQxT
vY1MIxqWXjQKlWeYRnO1xdpiKxD+3afyu88JpajkLSe/MUxdC2y0ohdNVeNdB00B
pY0Qa/EqQd0/QOQXdw5i00LGeraDRPBQ+jsXnhYcXaVGenDnNp+9wCBvqzpxmq1c
XN3yBWw6ED6DX/f0K7DBM300zi5SCqT3qlcbSBfOU8JGzk993R4RPLUBtu6MCxlf
apoTG1jQgjwHoc/+D6Ov+M+SVOHkmNyF7tEyOtwduQbAM3BYce2zopr/eooMI7Cw
XILmpioRCsURRccY0HGgJlZVoN+fYvs/bEmH+Wc7Z3leli7vCPiE9Cs=
-----END CERTIFICATE-----
Generated at Fri Jun 6 13:49:10 2025 by rpki-client