Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0c8bb446-91c0-4138-a33a-b47865de55c5/1/3134362e3234372e35342e302f32342d3234203d3e2039333034.roa
File: 3134362e3234372e35342e302f32342d3234203d3e2039333034.roa (raw, json)
Hash identifier: u8Um+hUrP9ltA5bj6O+zAw4bjYvbw7v/SuaSfwCO5nA=
Subject key identifier: 5B:3D:6A:A2:88:03:90:92:BC:12:3D:EC:D8:23:2C:84:6A:6D:69:00
Certificate issuer: /CN=a6c509ba48e5b50494572e05c45c58e7e16d87fb
Certificate serial: 7D31662F331DD96DC141C1EF79D27CF01A75D45B
Authority key identifier: A6:C5:09:BA:48:E5:B5:04:94:57:2E:05:C4:5C:58:E7:E1:6D:87:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/psUJukjltQSUVy4FxFxY5-Fth_s.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0c8bb446-91c0-4138-a33a-b47865de55c5/1/3134362e3234372e35342e302f32342d3234203d3e2039333034.roa
Signing time: Wed 23 Apr 2025 10:15:21 +0000
ROA not before: Wed 23 Apr 2025 10:10:21 +0000
ROA not after: Wed 22 Apr 2026 10:15:21 +0000
asID: 9304
IP address blocks: 146.247.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0c8bb446-91c0-4138-a33a-b47865de55c5/1/A6C509BA48E5B50494572E05C45C58E7E16D87FB.crl
rsync://rsync.paas.rpki.ripe.net/repository/0c8bb446-91c0-4138-a33a-b47865de55c5/1/A6C509BA48E5B50494572E05C45C58E7E16D87FB.mft
rsync://rpki.ripe.net/repository/DEFAULT/psUJukjltQSUVy4FxFxY5-Fth_s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 14:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:31:66:2f:33:1d:d9:6d:c1:41:c1:ef:79:d2:7c:f0:1a:75:d4:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6c509ba48e5b50494572e05c45c58e7e16d87fb
Validity
Not Before: Apr 23 10:10:21 2025 GMT
Not After : Apr 22 10:15:21 2026 GMT
Subject: CN=5B3D6AA288039092BC123DECD8232C846A6D6900
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:78:88:5e:1a:80:12:72:1c:89:ba:ad:5f:f3:
cc:86:4a:58:ce:f5:82:8e:14:13:93:e8:3f:2e:80:
47:ab:81:c5:dc:82:7f:10:56:b9:14:bc:e7:ce:b9:
13:6a:24:4d:9a:5f:ee:d7:5f:26:5e:4d:85:9a:85:
7d:ec:f4:27:73:4a:6a:9c:6e:ed:73:32:0f:73:9f:
b7:01:ed:be:eb:d6:39:8e:f6:35:ae:c6:ad:58:b7:
9d:db:63:10:72:98:a7:6c:62:7d:8d:62:e8:c9:24:
29:7d:04:87:8c:e9:04:44:38:50:f3:9f:98:58:4c:
88:99:cf:15:8e:c2:a4:59:ac:3e:9d:4d:19:32:38:
a4:02:be:08:6d:a4:61:7a:22:80:2e:a3:d3:de:a9:
d4:2a:77:3e:8f:e6:db:d1:db:53:7e:81:78:9e:ca:
3a:77:fb:cf:ea:90:6f:76:69:86:86:80:f8:00:d9:
9a:93:ca:da:1c:91:74:88:41:44:5a:29:93:dd:ac:
dc:1a:be:dd:ed:67:c9:cf:35:f9:4f:c4:1d:6d:67:
f8:92:a8:b0:b3:08:a5:bf:83:c6:7c:2d:bd:61:81:
32:ad:dd:e0:dc:e0:5d:4d:70:38:3e:41:2e:dd:c8:
96:dc:f5:b6:fc:6b:70:c5:56:0b:5d:ed:83:a0:cc:
3f:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:3D:6A:A2:88:03:90:92:BC:12:3D:EC:D8:23:2C:84:6A:6D:69:00
X509v3 Authority Key Identifier:
keyid:A6:C5:09:BA:48:E5:B5:04:94:57:2E:05:C4:5C:58:E7:E1:6D:87:FB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0c8bb446-91c0-4138-a33a-b47865de55c5/1/A6C509BA48E5B50494572E05C45C58E7E16D87FB.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/psUJukjltQSUVy4FxFxY5-Fth_s.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0c8bb446-91c0-4138-a33a-b47865de55c5/1/3134362e3234372e35342e302f32342d3234203d3e2039333034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.247.54.0/24
Signature Algorithm: sha256WithRSAEncryption
63:87:bf:2f:8b:79:6e:ca:28:8f:bb:41:fe:0c:6b:94:5b:20:
cb:07:05:e8:03:cb:96:4e:80:58:20:76:47:bd:cc:03:44:bb:
cd:5f:7d:a7:28:2e:2f:ca:bd:21:27:5f:ae:54:04:ee:1a:75:
17:b8:a3:6d:f8:c1:20:a9:de:3b:77:ad:84:22:9b:92:f6:5b:
5c:15:fb:33:93:56:49:dd:70:8d:3f:f9:8a:cf:e4:24:13:4e:
5a:d5:d7:47:87:08:9e:96:76:b5:95:81:68:53:c6:98:fc:95:
08:55:0d:8a:a2:21:1b:22:71:fd:a5:f5:80:dc:47:13:8f:a2:
05:f8:4e:b4:0f:30:e6:11:98:ad:8c:e6:cc:23:46:a8:5c:5d:
a1:12:64:8a:2d:b1:85:87:95:6b:04:99:97:ca:7d:a6:fc:c3:
2d:e3:c2:91:8f:fb:21:58:60:ac:34:b4:a2:12:6a:86:f8:ff:
7c:d0:f4:80:aa:f1:92:bf:26:53:11:27:71:1f:f5:42:7d:35:
a2:f9:64:d6:c9:fd:62:7a:dd:0c:51:90:15:a7:70:5f:2a:8e:
88:cf:ff:95:e5:26:b2:ed:0b:c0:d8:86:39:d8:9a:64:e8:0c:
f3:07:bc:5f:74:7b:ec:f5:5c:a1:5f:0d:4c:d9:a6:c8:75:5a:
36:a6:2c:d4
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUfTFmLzMd2W3BQcHvedJ88Bp11FswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTZjNTA5YmE0OGU1YjUwNDk0NTcyZTA1YzQ1YzU4ZTdl
MTZkODdmYjAeFw0yNTA0MjMxMDEwMjFaFw0yNjA0MjIxMDE1MjFaMDMxMTAvBgNV
BAMTKDVCM0Q2QUEyODgwMzkwOTJCQzEyM0RFQ0Q4MjMyQzg0NkE2RDY5MDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMeIheGoASchyJuq1f88yGSljO
9YKOFBOT6D8ugEergcXcgn8QVrkUvOfOuRNqJE2aX+7XXyZeTYWahX3s9CdzSmqc
bu1zMg9zn7cB7b7r1jmO9jWuxq1Yt53bYxBymKdsYn2NYujJJCl9BIeM6QREOFDz
n5hYTIiZzxWOwqRZrD6dTRkyOKQCvghtpGF6IoAuo9PeqdQqdz6P5tvR21N+gXie
yjp3+8/qkG92aYaGgPgA2ZqTytockXSIQURaKZPdrNwavt3tZ8nPNflPxB1tZ/iS
qLCzCKW/g8Z8Lb1hgTKt3eDc4F1NcDg+QS7dyJbc9bb8a3DFVgtd7YOgzD/rAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUWz1qoogDkJK8Ej3s2CMshGptaQAwHwYDVR0j
BBgwFoAUpsUJukjltQSUVy4FxFxY5+Fth/swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGM4YmI0NDYtOTFjMC00MTM4LWEzM2EtYjQ3ODY1ZGU1
NWM1LzEvQTZDNTA5QkE0OEU1QjUwNDk0NTcyRTA1QzQ1QzU4RTdFMTZEODdGQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3BzVUp1a2psdFFTVVZ5NEZ4RnhZNS1G
dGhfcy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGM4YmI0NDYt
OTFjMC00MTM4LWEzM2EtYjQ3ODY1ZGU1NWM1LzEvMzEzNDM2MmUzMjM0MzcyZTM1
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzOTMzMzAzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJL3
NjANBgkqhkiG9w0BAQsFAAOCAQEAY4e/L4t5bsooj7tB/gxrlFsgywcF6APLlk6A
WCB2R73MA0S7zV99pyguL8q9ISdfrlQE7hp1F7ijbfjBIKneO3ethCKbkvZbXBX7
M5NWSd1wjT/5is/kJBNOWtXXR4cInpZ2tZWBaFPGmPyVCFUNiqIhGyJx/aX1gNxH
E4+iBfhOtA8w5hGYrYzmzCNGqFxdoRJkii2xhYeVawSZl8p9pvzDLePCkY/7IVhg
rDS0ohJqhvj/fND0gKrxkr8mUxEncR/1Qn01ovlk1sn9YnrdDFGQFadwXyqOiM//
leUmsu0LwNiGOdiaZOgM8we8X3R77PVcoV8NTNmmyHVaNqYs1A==
-----END CERTIFICATE-----
Generated at Tue May 6 23:37:57 2025 by rpki-client