Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3234312e302f32342d3234203d3e2035303635.roa
File: 3134332e32302e3234312e302f32342d3234203d3e2035303635.roa (raw, json)
Hash identifier: rhnHtVUyZ9rPoZmLSD0ikdacmsv9fZcMPlwjPevybCc=
Subject key identifier: B6:A2:1D:AF:E3:98:BC:53:E1:3C:B0:BD:5D:30:13:D4:0C:CF:E3:FF
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 379FB970EA0C221846621436C0F955A07A5D8023
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3234312e302f32342d3234203d3e2035303635.roa
Signing time: Tue 06 May 2025 06:35:14 +0000
ROA not before: Tue 06 May 2025 06:30:14 +0000
ROA not after: Tue 05 May 2026 06:35:14 +0000
asID: 5065
IP address blocks: 143.20.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 08 May 2025 16:19:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:9f:b9:70:ea:0c:22:18:46:62:14:36:c0:f9:55:a0:7a:5d:80:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 6 06:30:14 2025 GMT
Not After : May 5 06:35:14 2026 GMT
Subject: CN=B6A21DAFE398BC53E13CB0BD5D3013D40CCFE3FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b3:39:d7:0d:2d:d9:d8:24:d7:b6:9f:88:0f:
6e:f7:69:87:af:cd:22:b0:be:fc:10:f5:65:2a:28:
b3:07:91:27:b5:47:14:ac:51:58:f1:6a:b7:2b:4c:
65:d2:4a:09:4c:bc:13:b8:01:e0:9b:2c:08:00:e2:
76:5d:17:bc:07:3b:e1:a0:ac:8f:7d:21:91:cd:f7:
b7:3c:87:15:2b:ab:d3:5c:a2:32:71:88:48:cd:09:
75:a1:d3:7c:6c:13:61:b8:67:3e:29:7e:8a:1d:f4:
31:57:f1:65:05:d2:80:74:28:d5:50:9f:5f:e6:bb:
53:24:8b:f7:b9:c8:94:5c:f3:04:bc:3b:7a:d1:4b:
4c:e5:89:90:2a:99:2f:b6:54:60:90:ae:7f:be:9a:
d9:f8:7a:71:f0:5a:e4:6e:4f:ae:a2:4e:cd:9e:d0:
dd:17:04:1b:6a:ee:9d:0c:57:d4:d8:bb:9a:4e:0a:
af:18:55:aa:aa:18:e0:99:d6:43:b8:c5:31:d7:28:
af:cf:ea:2e:86:2e:c5:70:06:e3:a6:55:66:66:0f:
b3:0c:7f:a5:80:d5:d0:80:ec:62:5d:d9:d3:e6:6d:
c6:43:37:4d:5e:61:7e:54:50:b8:40:65:69:45:98:
6e:f5:b4:23:6a:6a:63:9d:e7:72:2e:b1:46:af:70:
e1:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:A2:1D:AF:E3:98:BC:53:E1:3C:B0:BD:5D:30:13:D4:0C:CF:E3:FF
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3234312e302f32342d3234203d3e2035303635.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.241.0/24
Signature Algorithm: sha256WithRSAEncryption
35:a5:e5:71:37:b6:2b:15:37:13:9a:9b:e3:8e:ce:4b:f4:84:
0c:3e:18:9e:65:aa:ea:d4:a0:28:e7:2e:f0:47:ef:e9:1a:b2:
1d:cf:3b:61:bc:1d:6e:cf:b5:ad:38:b1:eb:54:3a:af:f8:ee:
af:5f:a5:7d:c7:86:b7:2c:b7:db:1e:91:0c:6c:a9:f6:7b:94:
2c:ee:53:13:35:98:77:25:5f:88:aa:a7:08:dc:5c:ac:45:2e:
eb:c2:16:13:26:40:26:02:d9:ec:30:80:86:f4:71:a9:e2:c0:
25:fa:1d:cd:7a:e2:e9:92:83:e9:79:07:f0:88:0a:0b:b7:c4:
66:15:63:46:66:c3:2a:8a:37:73:05:62:63:04:fe:6c:19:aa:
b0:5d:cc:27:b2:be:da:a1:bf:60:b2:79:cd:1c:c5:e9:63:be:
ab:e0:b8:df:8c:1b:b4:c1:fa:cd:4c:71:d2:48:04:2d:5b:b4:
a3:da:ca:d5:a1:7c:0f:e7:98:8d:15:b5:7d:66:da:8b:05:e8:
a9:56:ce:ef:e7:5f:66:da:9f:9a:58:c4:40:76:88:3e:6e:f5:
b4:bd:7f:f3:76:10:0a:42:86:16:5c:c0:1f:02:4c:6b:4b:ef:
7b:83:37:c2:5d:9c:86:74:b0:2f:e3:b5:22:5c:5f:83:cd:2e:
8a:3a:c3:02
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUN5+5cOoMIhhGYhQ2wPlVoHpdgCMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MDYwNjMwMTRaFw0yNjA1MDUwNjM1MTRaMDMxMTAvBgNV
BAMTKEI2QTIxREFGRTM5OEJDNTNFMTNDQjBCRDVEMzAxM0Q0MENDRkUzRkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDsznXDS3Z2CTXtp+ID273aYev
zSKwvvwQ9WUqKLMHkSe1RxSsUVjxarcrTGXSSglMvBO4AeCbLAgA4nZdF7wHO+Gg
rI99IZHN97c8hxUrq9NcojJxiEjNCXWh03xsE2G4Zz4pfood9DFX8WUF0oB0KNVQ
n1/mu1Mki/e5yJRc8wS8O3rRS0zliZAqmS+2VGCQrn++mtn4enHwWuRuT66iTs2e
0N0XBBtq7p0MV9TYu5pOCq8YVaqqGOCZ1kO4xTHXKK/P6i6GLsVwBuOmVWZmD7MM
f6WA1dCA7GJd2dPmbcZDN01eYX5UULhAZWlFmG71tCNqamOd53IusUavcOH/AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUtqIdr+OYvFPhPLC9XTAT1AzP4/8wHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzMjM0
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTMwMzYzNS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAI8U
8TANBgkqhkiG9w0BAQsFAAOCAQEANaXlcTe2KxU3E5qb447OS/SEDD4YnmWq6tSg
KOcu8Efv6RqyHc87Ybwdbs+1rTix61Q6r/jur1+lfceGtyy32x6RDGyp9nuULO5T
EzWYdyVfiKqnCNxcrEUu68IWEyZAJgLZ7DCAhvRxqeLAJfodzXri6ZKD6XkH8IgK
C7fEZhVjRmbDKoo3cwViYwT+bBmqsF3MJ7K+2qG/YLJ5zRzF6WO+q+C434wbtMH6
zUxx0kgELVu0o9rK1aF8D+eYjRW1fWbaiwXoqVbO7+dfZtqfmljEQHaIPm71tL1/
83YQCkKGFlzAHwJMa0vve4M3wl2chnSwL+O1Ilxfg80uijrDAg==
-----END CERTIFICATE-----
Generated at Thu May 8 06:28:40 2025 by rpki-client