Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3230342e302f32332d3233203d3e2037303239.roa
File: 3134332e32302e3230342e302f32332d3233203d3e2037303239.roa (raw, json)
Hash identifier: 0bIYnLDx6r5zy7yu0rWjc5a6BQt1Da91esCAlxPmKi0=
Subject key identifier: A8:BA:CD:48:86:D0:C8:E9:56:48:9C:A6:DE:AD:78:CC:4B:CA:32:96
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 4998C2C2A222727C528004EA948438ED6F5B0C74
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3230342e302f32332d3233203d3e2037303239.roa
Signing time: Tue 06 May 2025 06:36:23 +0000
ROA not before: Tue 06 May 2025 06:31:23 +0000
ROA not after: Tue 05 May 2026 06:36:23 +0000
asID: 7029
IP address blocks: 143.20.204.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 12:04:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:98:c2:c2:a2:22:72:7c:52:80:04:ea:94:84:38:ed:6f:5b:0c:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 6 06:31:23 2025 GMT
Not After : May 5 06:36:23 2026 GMT
Subject: CN=A8BACD4886D0C8E956489CA6DEAD78CC4BCA3296
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b3:bf:10:25:8f:22:56:da:03:8d:6c:a0:cc:
33:33:2c:8f:37:ad:1a:c2:03:d0:66:18:86:2d:45:
40:ec:38:13:8f:93:8e:e6:18:7e:8b:08:ba:f9:ee:
b8:78:5a:d8:ad:7c:dd:6d:4e:4a:81:cf:85:79:2c:
78:91:81:b7:53:01:5e:96:03:14:ab:57:6f:5f:07:
04:a6:ec:8c:8c:f5:72:e2:59:b8:f0:19:70:0e:cc:
22:1b:ce:0f:d1:b2:51:67:5d:09:aa:e3:75:20:41:
ee:1d:42:d3:44:94:ba:8e:8b:41:30:e2:5b:66:5d:
7d:eb:47:bf:21:86:1f:6f:3c:32:95:27:e1:5e:0f:
1d:9b:20:04:32:79:04:fa:03:64:a4:86:56:e2:d3:
25:45:0b:de:9f:f8:9d:42:de:24:48:a5:8f:0e:bc:
e0:86:0d:31:94:01:1c:a6:19:7f:b0:2e:ec:2d:f4:
fc:8a:ab:94:63:f7:cc:1f:70:a5:85:35:e4:9d:8b:
b2:3d:f7:e4:33:4d:9c:5e:4a:88:fd:46:c8:d1:95:
d7:91:50:9d:f4:ad:c5:80:7c:91:88:13:e6:d3:54:
ae:99:32:66:c6:7b:fb:4d:64:15:94:fb:ad:34:71:
9b:1f:21:1a:a4:10:e8:a4:b0:29:55:64:3f:5f:11:
6b:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:BA:CD:48:86:D0:C8:E9:56:48:9C:A6:DE:AD:78:CC:4B:CA:32:96
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3230342e302f32332d3233203d3e2037303239.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.204.0/23
Signature Algorithm: sha256WithRSAEncryption
b6:65:fa:d7:ca:74:8a:31:18:29:ff:b9:0c:46:7c:47:05:8c:
07:f1:2a:e9:47:a0:e9:85:46:21:02:5a:5b:99:2e:4f:07:95:
36:41:49:bc:db:d8:1d:d0:e6:a1:67:1e:67:9c:90:95:e5:3e:
21:52:18:d7:8d:ba:5a:bf:78:6a:1c:0b:15:93:0b:5f:71:3b:
bd:c3:80:35:65:f9:e6:74:ef:f7:15:9e:f7:a9:d9:3f:d0:77:
3d:a0:db:93:aa:b2:ed:8a:d8:87:45:76:b0:c4:d9:2f:34:4c:
ca:46:6c:10:10:99:8b:74:bc:31:9d:b0:63:4a:1d:89:b1:91:
d7:78:8c:99:cc:83:44:9a:f8:d0:10:ac:38:ad:b0:56:7b:92:
3e:0f:b5:6e:ec:d8:20:83:f6:a4:d3:36:4a:5b:67:4e:d5:9f:
07:fc:17:51:b1:4d:c7:8e:36:cc:8e:ea:95:2b:49:18:3e:e7:
ad:a3:ad:12:06:c9:58:ab:7f:07:f8:57:bc:14:87:87:d8:68:
6e:a4:28:ea:58:17:b6:24:79:a6:c6:9d:d5:00:f5:50:4e:de:
8e:7c:8a:48:14:f2:ae:68:61:e4:a0:56:da:fe:bd:f4:6e:22:
4d:6b:03:a7:11:1b:5b:d2:d0:53:fd:f9:92:d8:4e:8c:f3:e6:
91:60:70:db
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUSZjCwqIicnxSgATqlIQ47W9bDHQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MDYwNjMxMjNaFw0yNjA1MDUwNjM2MjNaMDMxMTAvBgNV
BAMTKEE4QkFDRDQ4ODZEMEM4RTk1NjQ4OUNBNkRFQUQ3OENDNEJDQTMyOTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxs78QJY8iVtoDjWygzDMzLI83
rRrCA9BmGIYtRUDsOBOPk47mGH6LCLr57rh4WtitfN1tTkqBz4V5LHiRgbdTAV6W
AxSrV29fBwSm7IyM9XLiWbjwGXAOzCIbzg/RslFnXQmq43UgQe4dQtNElLqOi0Ew
4ltmXX3rR78hhh9vPDKVJ+FeDx2bIAQyeQT6A2Skhlbi0yVFC96f+J1C3iRIpY8O
vOCGDTGUARymGX+wLuwt9PyKq5Rj98wfcKWFNeSdi7I99+QzTZxeSoj9RsjRldeR
UJ30rcWAfJGIE+bTVK6ZMmbGe/tNZBWU+600cZsfIRqkEOiksClVZD9fEWsTAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUqLrNSIbQyOlWSJym3q14zEvKMpYwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzMjMw
MzQyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzNzMwMzIzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAY8U
zDANBgkqhkiG9w0BAQsFAAOCAQEAtmX618p0ijEYKf+5DEZ8RwWMB/Eq6Ueg6YVG
IQJaW5kuTweVNkFJvNvYHdDmoWceZ5yQleU+IVIY1426Wr94ahwLFZMLX3E7vcOA
NWX55nTv9xWe96nZP9B3PaDbk6qy7YrYh0V2sMTZLzRMykZsEBCZi3S8MZ2wY0od
ibGR13iMmcyDRJr40BCsOK2wVnuSPg+1buzYIIP2pNM2SltnTtWfB/wXUbFNx442
zI7qlStJGD7nraOtEgbJWKt/B/hXvBSHh9hobqQo6lgXtiR5psad1QD1UE7ejnyK
SBTyrmhh5KBW2v699G4iTWsDpxEbW9LQU/35kthOjPPmkWBw2w==
-----END CERTIFICATE-----
Generated at Wed May 7 03:40:43 2025 by rpki-client