Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/282b5e00-2ac3-49f1-a29b-26a5fdf0fa41/0/3139332e32322e3235332e302f32342d3234203d3e203331313834.roa
File: 3139332e32322e3235332e302f32342d3234203d3e203331313834.roa (raw, json)
Hash identifier: WrMYNrMKiwcHb7Layep1L0ANnPM7z3AEErZKMOJmYxg=
Subject key identifier: FA:DB:49:F4:19:14:8F:B5:CB:A4:EF:FB:AD:F2:2D:D1:33:9F:E2:71
Certificate issuer: /CN=72f3ee169f9bd71f78a42d1a72fe0f2a824822d1
Certificate serial: 0F98752C64FCD5DF63BFE6B4642C94C26D24DEF4
Authority key identifier: 72:F3:EE:16:9F:9B:D7:1F:78:A4:2D:1A:72:FE:0F:2A:82:48:22:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cvPuFp-b1x94pC0acv4PKoJIItE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/282b5e00-2ac3-49f1-a29b-26a5fdf0fa41/0/3139332e32322e3235332e302f32342d3234203d3e203331313834.roa
Signing time: Wed 30 Apr 2025 09:38:05 +0000
ROA not before: Wed 30 Apr 2025 09:33:05 +0000
ROA not after: Wed 29 Apr 2026 09:38:05 +0000
asID: 31184
IP address blocks: 193.22.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/282b5e00-2ac3-49f1-a29b-26a5fdf0fa41/0/72F3EE169F9BD71F78A42D1A72FE0F2A824822D1.crl
rsync://rsync.paas.rpki.ripe.net/repository/282b5e00-2ac3-49f1-a29b-26a5fdf0fa41/0/72F3EE169F9BD71F78A42D1A72FE0F2A824822D1.mft
rsync://rpki.ripe.net/repository/DEFAULT/cvPuFp-b1x94pC0acv4PKoJIItE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:98:75:2c:64:fc:d5:df:63:bf:e6:b4:64:2c:94:c2:6d:24:de:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72f3ee169f9bd71f78a42d1a72fe0f2a824822d1
Validity
Not Before: Apr 30 09:33:05 2025 GMT
Not After : Apr 29 09:38:05 2026 GMT
Subject: CN=FADB49F419148FB5CBA4EFFBADF22DD1339FE271
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:aa:43:2e:6e:9d:06:88:89:65:c5:9d:53:ea:
50:71:1b:2d:b9:97:ad:27:60:c2:0a:14:8f:d6:ab:
25:f5:98:e4:bc:44:de:9a:41:d0:80:ac:1e:fe:93:
ae:45:10:66:b6:70:53:2e:3f:bd:1b:93:ce:38:db:
64:70:2e:bf:74:c2:5b:4e:83:07:6a:d5:8a:b8:19:
fd:0c:a1:91:f8:a6:fd:fe:6b:18:f9:54:33:47:69:
d7:72:70:24:d7:9d:60:41:7b:8f:33:43:aa:49:5b:
67:9a:23:21:c1:79:21:f3:f3:87:c2:04:e3:47:25:
b8:40:2d:89:b9:db:0f:08:53:72:c7:51:c2:d7:0a:
2f:c4:bc:a0:09:78:5e:ee:a3:e8:25:84:38:53:60:
5e:f4:13:00:da:43:0a:d1:2c:1d:95:6c:77:1a:f5:
1b:2c:09:ea:9f:8d:b5:32:1e:d4:76:16:7a:6a:72:
da:bc:0f:d3:18:c9:7f:07:24:5d:82:3f:48:18:b4:
5f:be:9c:fa:04:eb:47:cd:c6:2a:d4:fe:6c:80:d4:
8f:57:ee:6f:49:39:f6:20:e6:ae:eb:1c:6f:02:d0:
83:a4:73:f5:38:a7:41:5a:87:78:15:85:a7:d0:cf:
d7:33:a5:4d:a8:36:19:02:eb:fb:a3:87:36:58:68:
8f:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:DB:49:F4:19:14:8F:B5:CB:A4:EF:FB:AD:F2:2D:D1:33:9F:E2:71
X509v3 Authority Key Identifier:
keyid:72:F3:EE:16:9F:9B:D7:1F:78:A4:2D:1A:72:FE:0F:2A:82:48:22:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/282b5e00-2ac3-49f1-a29b-26a5fdf0fa41/0/72F3EE169F9BD71F78A42D1A72FE0F2A824822D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cvPuFp-b1x94pC0acv4PKoJIItE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/282b5e00-2ac3-49f1-a29b-26a5fdf0fa41/0/3139332e32322e3235332e302f32342d3234203d3e203331313834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.22.253.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:d9:90:84:ec:97:25:9b:f6:56:d5:6f:69:4e:eb:17:58:71:
cf:fe:20:35:19:ab:31:8c:0f:87:bf:d8:ac:c9:b2:83:f0:64:
2d:e9:b2:08:17:af:10:6c:f8:16:d5:06:52:93:50:bb:34:88:
5f:ac:b4:31:63:f8:81:e3:9c:75:28:19:78:60:d5:be:02:b1:
6c:4e:68:76:7c:77:ca:78:ce:7f:52:31:08:52:04:bd:67:95:
ae:54:2c:e1:bf:17:97:9b:00:e8:f7:44:3c:e5:e5:1c:e0:5d:
07:a5:b5:62:d4:cc:84:6f:ea:70:48:b0:58:a5:cf:8b:db:11:
a2:c7:93:25:b5:22:6d:ad:7b:23:b2:59:da:0a:11:1f:f5:7d:
23:b9:57:b9:18:06:a9:32:c8:3f:10:c3:ab:a1:8c:a1:a0:be:
6c:0e:9c:4b:0a:3d:cb:1b:20:31:b3:af:40:37:73:8e:a4:dd:
9b:35:b2:46:9f:bd:88:bf:67:40:d0:84:c8:34:6c:38:fc:fc:
4b:1a:84:b4:c9:10:0f:d3:14:76:80:5c:2b:5b:c1:a2:ae:bf:
e1:38:d5:15:30:b3:f1:ae:ca:b9:24:fa:08:f9:3e:9f:80:31:
e2:6e:e7:db:bf:2e:fc:39:2e:b6:91:b4:a7:f5:3e:f4:c1:ed:
dd:21:55:2b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUD5h1LGT81d9jv+a0ZCyUwm0k3vQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzJmM2VlMTY5ZjliZDcxZjc4YTQyZDFhNzJmZTBmMmE4
MjQ4MjJkMTAeFw0yNTA0MzAwOTMzMDVaFw0yNjA0MjkwOTM4MDVaMDMxMTAvBgNV
BAMTKEZBREI0OUY0MTkxNDhGQjVDQkE0RUZGQkFERjIyREQxMzM5RkUyNzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYqkMubp0GiIllxZ1T6lBxGy25
l60nYMIKFI/WqyX1mOS8RN6aQdCArB7+k65FEGa2cFMuP70bk84422RwLr90wltO
gwdq1Yq4Gf0MoZH4pv3+axj5VDNHaddycCTXnWBBe48zQ6pJW2eaIyHBeSHz84fC
BONHJbhALYm52w8IU3LHUcLXCi/EvKAJeF7uo+glhDhTYF70EwDaQwrRLB2VbHca
9RssCeqfjbUyHtR2Fnpqctq8D9MYyX8HJF2CP0gYtF++nPoE60fNxirU/myA1I9X
7m9JOfYg5q7rHG8C0IOkc/U4p0Fah3gVhafQz9czpU2oNhkC6/ujhzZYaI9LAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU+ttJ9BkUj7XLpO/7rfIt0TOf4nEwHwYDVR0j
BBgwFoAUcvPuFp+b1x94pC0acv4PKoJIItEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjgyYjVlMDAtMmFjMy00OWYxLWEyOWItMjZhNWZkZjBm
YTQxLzAvNzJGM0VFMTY5RjlCRDcxRjc4QTQyRDFBNzJGRTBGMkE4MjQ4MjJEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2N2UHVGcC1iMXg5NHBDMGFjdjRQS29K
SUl0RS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjgyYjVlMDAt
MmFjMy00OWYxLWEyOWItMjZhNWZkZjBmYTQxLzAvMzEzOTMzMmUzMjMyMmUzMjM1
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzMxMzEzODM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wRb9MA0GCSqGSIb3DQEBCwUAA4IBAQAe2ZCE7Jclm/ZW1W9pTusXWHHP/iA1Gasx
jA+Hv9isybKD8GQt6bIIF68QbPgW1QZSk1C7NIhfrLQxY/iB45x1KBl4YNW+ArFs
Tmh2fHfKeM5/UjEIUgS9Z5WuVCzhvxeXmwDo90Q85eUc4F0HpbVi1MyEb+pwSLBY
pc+L2xGix5MltSJtrXsjslnaChEf9X0juVe5GAapMsg/EMOroYyhoL5sDpxLCj3L
GyAxs69AN3OOpN2bNbJGn72Iv2dA0ITINGw4/PxLGoS0yRAP0xR2gFwrW8Girr/h
ONUVMLPxrsq5JPoI+T6fgDHibufbvy78OS62kbSn9T70we3dIVUr
-----END CERTIFICATE-----
Generated at Sat May 10 07:36:44 2025 by rpki-client