Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3233362e302f32342d3234203d3e2037303239.roa
File: 3134332e32302e3233362e302f32342d3234203d3e2037303239.roa (raw, json)
Hash identifier: yduTHgGLcKZ/EGwAKZsMQMzVbV7wpZZ84axELP/Yehk=
Subject key identifier: 81:F4:9F:D1:DB:A8:5B:52:44:B1:8F:46:64:1A:B3:D5:11:CA:87:84
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 2DC98DEFE2277BD89FCDC7140CDE23D5CA4D261C
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3233362e302f32342d3234203d3e2037303239.roa
Signing time: Tue 06 May 2025 06:36:07 +0000
ROA not before: Tue 06 May 2025 06:31:07 +0000
ROA not after: Tue 05 May 2026 06:36:07 +0000
asID: 7029
IP address blocks: 143.20.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 09 May 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:c9:8d:ef:e2:27:7b:d8:9f:cd:c7:14:0c:de:23:d5:ca:4d:26:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 6 06:31:07 2025 GMT
Not After : May 5 06:36:07 2026 GMT
Subject: CN=81F49FD1DBA85B5244B18F46641AB3D511CA8784
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:da:82:da:a0:be:84:cf:4e:f3:a8:4c:ec:a6:
ea:d6:ba:32:cb:de:8a:9b:ab:1b:23:02:05:43:72:
99:38:ba:28:10:04:2c:64:d2:93:ae:0e:fc:25:34:
78:be:68:48:38:18:34:8e:47:87:33:70:a0:e4:06:
c5:2c:db:68:54:7e:4d:8c:73:0e:3e:28:f6:f6:9b:
1a:dd:9f:af:33:aa:ba:9a:e9:96:8f:7c:ff:35:ec:
08:e8:63:2e:82:06:ac:38:84:34:90:c0:9f:91:45:
be:24:59:7d:86:8d:85:b6:ba:79:f4:2c:65:cb:5e:
58:cf:4f:2b:a8:0a:db:99:47:51:6f:cd:00:76:0e:
ae:e8:32:af:99:2a:55:c5:b9:ab:36:a4:e7:7b:6f:
47:df:c5:d9:43:60:04:13:5f:e9:7f:f8:f8:a0:db:
65:fe:b5:bb:06:7c:c5:7d:52:46:85:e2:76:2c:57:
45:94:5a:1f:b6:25:f8:b1:99:21:d3:76:39:ed:9d:
e6:48:51:1d:cf:52:7d:95:40:88:c9:31:b0:2d:d3:
3a:a3:2b:5f:55:d6:e2:32:ce:1d:fd:8e:ad:43:08:
39:10:4b:1d:ea:e0:f5:02:85:47:09:c2:b8:62:c4:
eb:3c:83:6e:82:62:45:58:71:b2:26:05:5e:69:7b:
57:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:F4:9F:D1:DB:A8:5B:52:44:B1:8F:46:64:1A:B3:D5:11:CA:87:84
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3233362e302f32342d3234203d3e2037303239.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.236.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:e0:f6:3a:7f:ef:7f:67:22:c3:9c:8c:32:85:42:f3:5b:35:
d1:94:f1:99:68:6e:77:c7:a2:73:d6:fd:9c:16:e2:28:e7:7a:
b7:12:a9:0d:12:ba:f9:de:48:cf:b4:90:1c:c6:8d:54:64:df:
8b:92:dd:13:13:6f:0f:66:bf:22:cd:fd:2a:2d:d4:5b:91:07:
79:ad:78:06:f5:05:68:68:7f:c2:31:af:fb:df:e8:46:1d:f8:
da:f3:c1:0b:da:c0:4d:e4:69:9a:e9:25:21:a7:d1:ae:b9:92:
a4:b3:3d:af:ce:8a:3d:d0:e7:42:a7:5f:aa:6d:ae:b9:65:ba:
ce:6c:bf:63:c6:e6:e7:51:82:c4:e3:63:ae:1c:9c:2f:ea:d6:
2a:e9:fa:23:16:0a:a2:24:02:62:a5:1e:61:6a:ff:56:2c:05:
1d:2a:73:a7:8d:dc:8d:b9:79:26:d8:e4:50:2c:99:0a:5b:ca:
30:e2:7b:47:96:f8:6d:03:55:75:90:3d:e0:05:97:ad:24:39:
f9:b7:5e:89:d1:df:a2:40:75:34:fe:3c:18:fe:d8:75:01:39:
5c:ee:66:c7:e2:16:cc:8c:c1:e6:f1:d2:e2:5d:bf:dd:2d:d2:
e8:46:20:bb:cc:86:65:c3:c1:0d:3d:d9:17:f8:68:cf:32:4a:
95:b8:07:6f
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIULcmN7+Ine9ifzccUDN4j1cpNJhwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MDYwNjMxMDdaFw0yNjA1MDUwNjM2MDdaMDMxMTAvBgNV
BAMTKDgxRjQ5RkQxREJBODVCNTI0NEIxOEY0NjY0MUFCM0Q1MTFDQTg3ODQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC2oLaoL6Ez07zqEzspurWujLL
3oqbqxsjAgVDcpk4uigQBCxk0pOuDvwlNHi+aEg4GDSOR4czcKDkBsUs22hUfk2M
cw4+KPb2mxrdn68zqrqa6ZaPfP817AjoYy6CBqw4hDSQwJ+RRb4kWX2GjYW2unn0
LGXLXljPTyuoCtuZR1FvzQB2Dq7oMq+ZKlXFuas2pOd7b0ffxdlDYAQTX+l/+Pig
22X+tbsGfMV9UkaF4nYsV0WUWh+2JfixmSHTdjntneZIUR3PUn2VQIjJMbAt0zqj
K19V1uIyzh39jq1DCDkQSx3q4PUChUcJwrhixOs8g26CYkVYcbImBV5pe1cfAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUgfSf0duoW1JEsY9GZBqz1RHKh4QwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzMjMz
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNzMwMzIzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAI8U
7DANBgkqhkiG9w0BAQsFAAOCAQEASuD2On/vf2ciw5yMMoVC81s10ZTxmWhud8ei
c9b9nBbiKOd6txKpDRK6+d5Iz7SQHMaNVGTfi5LdExNvD2a/Is39Ki3UW5EHea14
BvUFaGh/wjGv+9/oRh342vPBC9rATeRpmuklIafRrrmSpLM9r86KPdDnQqdfqm2u
uWW6zmy/Y8bm51GCxONjrhycL+rWKun6IxYKoiQCYqUeYWr/ViwFHSpzp43cjbl5
JtjkUCyZClvKMOJ7R5b4bQNVdZA94AWXrSQ5+bdeidHfokB1NP48GP7YdQE5XO5m
x+IWzIzB5vHS4l2/3S3S6EYgu8yGZcPBDT3ZF/hozzJKlbgHbw==
-----END CERTIFICATE-----
Generated at Thu May 8 16:12:07 2025 by rpki-client