Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3132382e302f32312d3231203d3e2037303239.roa
File: 3134332e32302e3132382e302f32312d3231203d3e2037303239.roa (raw, json)
Hash identifier: 9X/mW0RBjG6UIDsZj+nQ0F74b7xio0riInDoYg4QNKI=
Subject key identifier: B5:84:0B:70:B9:3F:F3:42:83:B3:3C:7D:17:68:28:96:71:D3:93:05
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 43896C0367CA6962EB5A411036E08084E46427A4
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3132382e302f32312d3231203d3e2037303239.roa
Signing time: Tue 06 May 2025 06:36:46 +0000
ROA not before: Tue 06 May 2025 06:31:46 +0000
ROA not after: Tue 05 May 2026 06:36:46 +0000
asID: 7029
IP address blocks: 143.20.128.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 12:04:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:89:6c:03:67:ca:69:62:eb:5a:41:10:36:e0:80:84:e4:64:27:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 6 06:31:46 2025 GMT
Not After : May 5 06:36:46 2026 GMT
Subject: CN=B5840B70B93FF34283B33C7D1768289671D39305
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e9:aa:13:b3:b5:d6:02:36:35:ea:11:47:e8:
f0:e6:09:9c:1e:6e:1b:92:d3:17:50:55:99:41:d6:
75:74:53:e6:3b:ef:29:1d:43:c3:ee:38:1c:76:4d:
62:a4:e0:b3:28:1c:77:dc:ba:38:4a:98:16:ee:c6:
1a:ce:d3:11:89:9c:29:31:fb:e6:0d:f9:f9:ac:9b:
03:29:c0:5a:85:1a:92:b7:8c:2d:69:f4:44:f5:45:
f0:a0:a8:0f:47:f1:ac:02:fb:42:7d:d8:f0:3a:95:
27:5f:a6:d2:67:06:70:b6:a9:c8:7f:ae:6d:39:45:
d7:17:87:b7:08:68:68:dc:13:b4:73:81:c3:dd:cb:
9b:6a:31:d8:06:f0:4b:9f:a0:3b:c2:4d:36:0b:c8:
d5:14:41:c5:86:12:00:af:7e:74:28:3e:31:ed:5b:
9e:b9:fb:9f:51:08:06:c6:91:e4:e7:b3:9f:f9:eb:
f4:b9:3c:c8:19:e5:d4:ce:e3:7f:ec:e3:76:1e:72:
51:de:26:74:d7:b1:03:43:03:a3:24:d0:28:64:12:
cb:74:fb:74:76:38:bf:6f:bd:b7:71:62:b2:06:6a:
20:52:94:63:c9:b7:a4:1b:ce:48:71:f4:48:7c:5b:
3e:9c:7e:07:41:4e:c2:35:14:d3:42:95:2f:da:cf:
27:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:84:0B:70:B9:3F:F3:42:83:B3:3C:7D:17:68:28:96:71:D3:93:05
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3132382e302f32312d3231203d3e2037303239.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.128.0/21
Signature Algorithm: sha256WithRSAEncryption
a7:87:1c:47:ec:f6:81:65:16:f0:f2:fa:3e:70:b7:53:0d:ea:
32:47:88:22:6d:4d:ef:7d:0a:96:6a:e8:62:87:f6:94:cd:92:
09:1f:a6:14:ff:e5:aa:9c:68:1a:95:65:08:3a:37:e9:9f:2c:
12:72:50:e6:2e:15:6c:a2:f2:94:22:d5:45:13:6b:a2:cd:cc:
78:4a:07:d4:b9:9c:ff:5d:30:e4:11:40:6a:f6:71:c2:63:c8:
0f:55:05:f9:72:18:b6:b0:e9:f1:1e:17:24:f1:d9:77:e6:91:
28:ba:64:61:cc:01:14:40:6e:a8:0a:2f:75:4d:5f:7a:44:d1:
02:39:b8:29:d1:ca:07:c5:72:4e:34:4f:1e:4d:51:6a:f2:d1:
24:2a:fd:a2:ab:40:14:c8:b6:d3:24:03:fc:6c:5a:ae:7b:24:
54:66:7b:c4:39:f8:c5:2d:43:d3:76:a0:72:0b:cc:6b:22:fb:
da:c1:a8:96:e1:9b:3c:f7:f8:75:e4:88:3b:0a:cd:70:24:50:
42:7e:e2:6c:a3:a2:b7:ab:c3:b7:f4:0d:f3:bf:e6:27:3e:22:
2b:78:e4:da:9b:43:d9:d8:c8:de:88:b6:41:7f:8e:72:f4:c9:
fa:9e:fc:7a:b8:7e:de:23:1b:83:b6:2f:28:6c:0c:86:d8:89:
84:10:55:ab
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUQ4lsA2fKaWLrWkEQNuCAhORkJ6QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MDYwNjMxNDZaFw0yNjA1MDUwNjM2NDZaMDMxMTAvBgNV
BAMTKEI1ODQwQjcwQjkzRkYzNDI4M0IzM0M3RDE3NjgyODk2NzFEMzkzMDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCi6aoTs7XWAjY16hFH6PDmCZwe
bhuS0xdQVZlB1nV0U+Y77ykdQ8PuOBx2TWKk4LMoHHfcujhKmBbuxhrO0xGJnCkx
++YN+fmsmwMpwFqFGpK3jC1p9ET1RfCgqA9H8awC+0J92PA6lSdfptJnBnC2qch/
rm05RdcXh7cIaGjcE7RzgcPdy5tqMdgG8EufoDvCTTYLyNUUQcWGEgCvfnQoPjHt
W565+59RCAbGkeTns5/56/S5PMgZ5dTO43/s43YeclHeJnTXsQNDA6Mk0ChkEst0
+3R2OL9vvbdxYrIGaiBSlGPJt6Qbzkhx9Eh8Wz6cfgdBTsI1FNNClS/azycZAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUtYQLcLk/80KDszx9F2golnHTkwUwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzMTMy
MzgyZTMwMmYzMjMxMmQzMjMxMjAzZDNlMjAzNzMwMzIzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA48U
gDANBgkqhkiG9w0BAQsFAAOCAQEAp4ccR+z2gWUW8PL6PnC3Uw3qMkeIIm1N730K
lmroYof2lM2SCR+mFP/lqpxoGpVlCDo36Z8sEnJQ5i4VbKLylCLVRRNros3MeEoH
1Lmc/10w5BFAavZxwmPID1UF+XIYtrDp8R4XJPHZd+aRKLpkYcwBFEBuqAovdU1f
ekTRAjm4KdHKB8VyTjRPHk1RavLRJCr9oqtAFMi20yQD/GxarnskVGZ7xDn4xS1D
03agcgvMayL72sGoluGbPPf4deSIOwrNcCRQQn7ibKOit6vDt/QN87/mJz4iK3jk
2ptD2djI3oi2QX+OcvTJ+p78erh+3iMbg7YvKGwMhtiJhBBVqw==
-----END CERTIFICATE-----
Generated at Wed May 7 01:05:16 2025 by rpki-client