Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e36372e302f32342d3234203d3e2039333034.roa
File: 3231332e3133392e36372e302f32342d3234203d3e2039333034.roa (raw, json)
Hash identifier: NYL9XU5NwRS1XCCFzhRBS0MjCGeQliFqSkH8RJOdlK4=
Subject key identifier: 71:C5:E1:54:F5:1D:8E:46:C2:51:C3:23:95:DD:F9:52:CA:9E:CD:DB
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 0A5FEF8C22C3D8519E9AF1CF73F12A4D9E1DF8FF
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e36372e302f32342d3234203d3e2039333034.roa
Signing time: Mon 18 Aug 2025 16:06:51 +0000
ROA not before: Mon 18 Aug 2025 16:01:51 +0000
ROA not after: Mon 17 Aug 2026 16:06:51 +0000
asID: 9304
IP address blocks: 213.139.67.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:5f:ef:8c:22:c3:d8:51:9e:9a:f1:cf:73:f1:2a:4d:9e:1d:f8:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Aug 18 16:01:51 2025 GMT
Not After : Aug 17 16:06:51 2026 GMT
Subject: CN=71C5E154F51D8E46C251C32395DDF952CA9ECDDB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ca:5b:82:36:e3:31:91:49:3a:2e:1a:76:16:
05:0b:72:e0:05:ee:96:e0:71:22:92:6b:53:80:19:
d5:e8:e4:a0:4d:b7:b6:95:29:81:4f:91:00:b8:48:
fa:84:0c:9d:b2:44:31:cf:b5:00:1e:2a:ea:68:9b:
01:69:94:2c:92:e3:1d:5e:9c:14:33:ac:68:00:96:
1c:c0:5f:44:b5:91:28:75:8a:1c:47:fa:2f:85:89:
ed:63:87:6e:e8:55:6a:d5:a3:48:ed:9b:70:ec:0e:
5c:09:75:44:34:fe:2d:ed:38:57:d3:f5:0a:a4:ba:
03:ff:99:7c:35:dd:d6:d7:36:81:b8:8e:4c:39:14:
e5:0f:ec:0b:82:9a:19:b7:6d:7b:97:21:c8:d7:c9:
5d:46:e9:6f:d5:47:23:e3:de:c9:e0:fb:88:83:28:
af:cc:9e:12:44:ad:5b:5b:19:39:12:b3:67:1a:51:
09:ac:f9:98:c5:e4:ed:00:8d:f2:42:14:93:d7:e8:
60:3c:46:0d:73:82:a0:da:70:ee:8d:4f:1b:2a:f6:
6d:af:6c:47:23:d7:7c:bf:fc:18:fa:9e:b6:d4:85:
96:2e:34:39:11:17:5d:4d:05:ad:ba:3b:55:cc:4f:
26:33:42:af:8c:8b:4a:26:b4:85:66:5a:58:f8:e5:
ea:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:C5:E1:54:F5:1D:8E:46:C2:51:C3:23:95:DD:F9:52:CA:9E:CD:DB
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e36372e302f32342d3234203d3e2039333034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.67.0/24
Signature Algorithm: sha256WithRSAEncryption
11:e9:20:d4:35:38:d7:34:f8:25:7f:c4:c0:ed:49:2b:74:db:
ec:de:64:5e:90:7a:2b:24:30:7e:0c:2d:24:8b:0b:e1:e0:30:
ed:bf:54:72:1a:88:55:b2:d8:52:78:5d:88:64:4c:a5:6a:65:
c0:3b:5e:05:b0:6a:0d:50:e7:a4:06:48:37:ac:42:f2:fd:c2:
a2:64:90:21:f8:93:e7:3d:70:e8:12:64:80:d5:cf:6d:71:ba:
0b:01:c7:73:5f:c5:5c:4f:aa:6d:f5:41:1c:ae:24:e3:5e:31:
4c:8c:46:5a:13:70:98:ed:fb:30:a5:30:5d:1e:fc:85:0b:4f:
ec:05:93:5b:9d:d0:17:9f:cc:d8:a2:81:4c:4e:38:52:e1:62:
bc:b4:a7:db:45:76:c8:b8:de:86:9b:d7:2a:5a:a1:55:9b:48:
f3:52:08:05:3b:f4:e2:02:e3:48:76:05:59:f2:79:ba:b1:f0:
10:68:be:3c:70:85:b1:31:c5:e9:fc:c9:5b:5c:df:f5:c2:9c:
8b:54:49:04:a4:a1:d0:10:e9:af:97:98:a2:31:c6:43:e4:10:
e6:cd:e1:7a:c6:08:d5:86:f6:27:dc:84:4c:bc:4b:24:c3:b1:
cb:62:f5:69:e1:c1:f4:14:ad:7e:62:09:8b:b3:6b:3f:f1:ed:
2d:46:c2:39
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUCl/vjCLD2FGemvHPc/EqTZ4d+P8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNTA4MTgxNjAxNTFaFw0yNjA4MTcxNjA2NTFaMDMxMTAvBgNV
BAMTKDcxQzVFMTU0RjUxRDhFNDZDMjUxQzMyMzk1RERGOTUyQ0E5RUNEREIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDyluCNuMxkUk6Lhp2FgULcuAF
7pbgcSKSa1OAGdXo5KBNt7aVKYFPkQC4SPqEDJ2yRDHPtQAeKupomwFplCyS4x1e
nBQzrGgAlhzAX0S1kSh1ihxH+i+Fie1jh27oVWrVo0jtm3DsDlwJdUQ0/i3tOFfT
9QqkugP/mXw13dbXNoG4jkw5FOUP7AuCmhm3bXuXIcjXyV1G6W/VRyPj3sng+4iD
KK/MnhJErVtbGTkSs2caUQms+ZjF5O0AjfJCFJPX6GA8Rg1zgqDacO6NTxsq9m2v
bEcj13y//Bj6nrbUhZYuNDkRF11NBa26O1XMTyYzQq+Mi0omtIVmWlj45eoVAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUccXhVPUdjkbCUcMjld35UsqezdswHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM2
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzOTMzMzAzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANWL
QzANBgkqhkiG9w0BAQsFAAOCAQEAEekg1DU41zT4JX/EwO1JK3Tb7N5kXpB6KyQw
fgwtJIsL4eAw7b9UchqIVbLYUnhdiGRMpWplwDteBbBqDVDnpAZIN6xC8v3ComSQ
IfiT5z1w6BJkgNXPbXG6CwHHc1/FXE+qbfVBHK4k414xTIxGWhNwmO37MKUwXR78
hQtP7AWTW53QF5/M2KKBTE44UuFivLSn20V2yLjehpvXKlqhVZtI81IIBTv04gLj
SHYFWfJ5urHwEGi+PHCFsTHF6fzJW1zf9cKci1RJBKSh0BDpr5eYojHGQ+QQ5s3h
esYI1Yb2J9yETLxLJMOxy2L1aeHB9BStfmIJi7NrP/HtLUbCOQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:05:14 2025 by rpki-client