Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3132342e302f32322d3232203d3e20323132323338.roa
File: 3134332e32302e3132342e302f32322d3232203d3e20323132323338.roa (raw, json)
Hash identifier: wP5bItoC8e/r6ZpW7rIRa02oZHRzPievZKECfIq7LVo=
Subject key identifier: 49:D9:22:BE:E7:EA:81:4A:CB:C4:5D:32:92:19:98:1E:C5:9E:CD:51
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 3FCB571BFF7BFDA43F05F712B3CC213A1F88EC7A
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3132342e302f32322d3232203d3e20323132323338.roa
Signing time: Wed 07 May 2025 15:07:29 +0000
ROA not before: Wed 07 May 2025 15:02:29 +0000
ROA not after: Wed 06 May 2026 15:07:29 +0000
asID: 212238
IP address blocks: 143.20.124.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 00:27:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:cb:57:1b:ff:7b:fd:a4:3f:05:f7:12:b3:cc:21:3a:1f:88:ec:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 7 15:02:29 2025 GMT
Not After : May 6 15:07:29 2026 GMT
Subject: CN=49D922BEE7EA814ACBC45D329219981EC59ECD51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:87:d2:95:6a:50:93:74:1e:fa:e2:94:8b:a9:
3f:d6:fa:ea:0d:84:f6:d4:03:b4:cb:fe:43:bc:8d:
c4:8d:54:4b:60:8b:e8:74:3e:b9:a1:f6:34:39:84:
94:bd:5d:e1:b1:12:58:e2:8f:46:4d:ba:64:3a:3b:
3c:c3:b7:13:63:60:e1:e0:44:8d:06:b7:a2:f3:93:
eb:3e:63:1a:80:c4:d8:d9:35:b1:7b:44:76:a5:23:
13:e0:df:9b:8f:7d:94:db:69:c9:1f:44:dc:b2:55:
17:94:ef:52:7b:0d:4a:67:0c:24:d0:ba:16:b1:be:
88:a1:33:23:d5:54:dd:f0:62:b4:61:ec:f3:33:c7:
b1:ab:8d:1c:ac:39:a5:76:a5:db:d6:41:d0:26:86:
ea:fa:81:a3:fa:52:45:3d:7a:e6:3b:3f:78:fe:65:
58:6f:54:bf:dd:06:cc:5e:44:34:ab:93:b7:c8:ee:
ec:d1:b8:03:b9:1a:5d:d8:bc:06:8b:60:de:a8:d9:
2b:af:86:73:94:e8:dd:74:36:f3:0f:75:9f:43:b2:
2c:91:67:6d:02:5b:ae:70:96:f4:46:de:16:b4:e5:
cc:8e:43:92:e6:3b:13:57:d5:64:98:79:f5:9a:98:
84:6d:0d:14:52:d6:5e:08:e1:56:5a:0a:0e:b0:43:
6b:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:D9:22:BE:E7:EA:81:4A:CB:C4:5D:32:92:19:98:1E:C5:9E:CD:51
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3132342e302f32322d3232203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.124.0/22
Signature Algorithm: sha256WithRSAEncryption
ce:02:f6:c8:c1:d4:74:50:50:e4:db:02:68:b1:c5:37:77:3f:
d6:93:ac:40:32:dc:1b:d5:e2:49:4d:e0:52:31:74:20:c4:9c:
9b:ce:9a:c1:da:cf:b9:05:58:07:36:28:fb:56:fb:b8:3f:54:
eb:4e:96:43:92:5e:95:b4:f1:29:f3:c0:e8:8d:02:90:f6:fb:
15:43:3f:93:05:1a:26:62:df:29:0d:df:00:f9:db:9a:51:1c:
f3:d7:3a:47:f7:75:c8:cf:77:8d:6a:52:df:59:c5:90:17:d7:
06:7b:97:ae:f5:56:34:45:f1:3d:c7:56:91:47:c5:df:47:4b:
80:72:4a:ba:41:61:6d:7b:3d:54:3c:52:dc:60:8c:c6:77:52:
c2:ce:98:ac:00:ba:d8:14:76:72:68:7b:67:07:c2:1b:0a:ab:
6d:ff:52:a1:2a:4a:fa:1d:ab:5d:06:ac:68:06:5a:22:f9:4c:
33:58:65:39:e2:50:0a:65:97:41:26:7b:44:5e:4d:5a:d8:19:
1f:14:b1:c8:20:b5:f5:bc:1f:28:4e:84:6f:96:52:ed:c2:55:
92:43:b4:1c:ea:c8:a3:5b:3e:4d:62:12:32:ed:7d:e8:dd:a7:
be:bc:7d:d3:0f:6e:ba:22:2b:20:23:67:3c:22:e8:b6:c0:11:
58:a4:70:a5
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUP8tXG/97/aQ/BfcSs8whOh+I7HowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MDcxNTAyMjlaFw0yNjA1MDYxNTA3MjlaMDMxMTAvBgNV
BAMTKDQ5RDkyMkJFRTdFQTgxNEFDQkM0NUQzMjkyMTk5ODFFQzU5RUNENTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsh9KValCTdB764pSLqT/W+uoN
hPbUA7TL/kO8jcSNVEtgi+h0Prmh9jQ5hJS9XeGxEljij0ZNumQ6OzzDtxNjYOHg
RI0Gt6Lzk+s+YxqAxNjZNbF7RHalIxPg35uPfZTbackfRNyyVReU71J7DUpnDCTQ
uhaxvoihMyPVVN3wYrRh7PMzx7GrjRysOaV2pdvWQdAmhur6gaP6UkU9euY7P3j+
ZVhvVL/dBsxeRDSrk7fI7uzRuAO5Gl3YvAaLYN6o2SuvhnOU6N10NvMPdZ9DsiyR
Z20CW65wlvRG3ha05cyOQ5LmOxNX1WSYefWamIRtDRRS1l4I4VZaCg6wQ2sdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUSdkivufqgUrLxF0ykhmYHsWezVEwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzMTMy
MzQyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMjMxMzIzMjMzMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAKPFHwwDQYJKoZIhvcNAQELBQADggEBAM4C9sjB1HRQUOTbAmixxTd3P9aTrEAy
3BvV4klN4FIxdCDEnJvOmsHaz7kFWAc2KPtW+7g/VOtOlkOSXpW08SnzwOiNApD2
+xVDP5MFGiZi3ykN3wD525pRHPPXOkf3dcjPd41qUt9ZxZAX1wZ7l671VjRF8T3H
VpFHxd9HS4BySrpBYW17PVQ8UtxgjMZ3UsLOmKwAutgUdnJoe2cHwhsKq23/UqEq
Svodq10GrGgGWiL5TDNYZTniUApll0Eme0ReTVrYGR8UscggtfW8HyhOhG+WUu3C
VZJDtBzqyKNbPk1iEjLtfejdp768fdMPbroiKyAjZzwi6LbAEVikcKU=
-----END CERTIFICATE-----
Generated at Sat May 10 08:24:34 2025 by rpki-client