Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3234332e302f32342d3234203d3e2035303635.roa
File: 3134332e32302e3234332e302f32342d3234203d3e2035303635.roa (raw, json)
Hash identifier: 8LUfMQp+9wBLPsWyz2+Y1TcG17v2nVL5Dlm12X8hBi0=
Subject key identifier: 36:AA:AD:B0:9F:E4:53:62:9F:B5:0A:1D:C2:02:43:82:67:3D:51:85
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 276E3C55563F787C502EC7FC6E4C221C9B90ADB9
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3234332e302f32342d3234203d3e2035303635.roa
Signing time: Tue 06 May 2025 06:35:18 +0000
ROA not before: Tue 06 May 2025 06:30:18 +0000
ROA not after: Tue 05 May 2026 06:35:18 +0000
asID: 5065
IP address blocks: 143.20.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 09 May 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:6e:3c:55:56:3f:78:7c:50:2e:c7:fc:6e:4c:22:1c:9b:90:ad:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 6 06:30:18 2025 GMT
Not After : May 5 06:35:18 2026 GMT
Subject: CN=36AAADB09FE453629FB50A1DC2024382673D5185
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:86:87:99:20:79:61:c9:cf:95:3f:4c:33:d9:
47:0f:ae:61:cc:d8:67:4a:09:dd:43:84:d0:38:09:
c9:e1:a9:77:bc:e3:f9:e8:77:21:58:d1:1c:03:d7:
80:fd:78:7f:57:6b:15:e2:d8:8a:49:eb:ae:f8:b3:
fd:4d:0e:ca:86:9e:f5:d7:91:ee:8d:9a:7a:52:a8:
1f:5f:47:0a:41:a0:23:35:98:7b:c0:06:c4:fa:24:
83:27:81:d1:7d:43:32:f1:48:d1:55:e8:3d:5b:8a:
4f:3d:09:dc:12:15:29:3d:5d:77:ee:46:80:6d:07:
69:6a:0c:be:b3:8f:f0:17:b2:53:54:74:52:bb:7b:
64:92:c4:c7:76:26:73:32:0f:da:a4:76:45:d2:71:
9a:9d:d2:c4:19:38:2f:7f:ad:38:58:ff:3d:f4:f2:
9a:e2:89:cd:9a:82:bb:f2:6c:3f:53:7d:e7:cf:f6:
00:c5:7d:b9:b7:76:38:b4:50:0c:20:52:fe:52:eb:
ee:df:79:3f:fe:05:5a:e6:0e:c9:58:ce:94:00:48:
90:a8:a8:23:62:da:50:8b:35:c9:8c:dc:ae:63:4f:
f3:07:09:1d:ae:fb:72:b0:00:27:67:0a:c8:63:63:
ee:2a:2d:a7:3c:ac:eb:c6:9c:d9:98:f9:50:cc:74:
91:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:AA:AD:B0:9F:E4:53:62:9F:B5:0A:1D:C2:02:43:82:67:3D:51:85
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3234332e302f32342d3234203d3e2035303635.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.243.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:f9:df:24:24:75:fc:3e:ae:89:19:15:a6:23:7f:82:e4:11:
7a:c6:94:94:c1:e9:f7:14:58:2e:bf:d9:17:4b:60:38:75:c8:
35:85:3d:93:b7:90:27:a7:08:3d:5b:47:4a:11:5e:11:bf:fb:
43:06:5e:07:df:d9:a6:ae:1a:47:8c:6c:7b:1d:32:9c:1e:4f:
9e:ca:2c:82:14:8e:69:f7:21:57:44:ee:92:2a:d0:07:ef:8e:
e5:bd:0e:4c:23:47:10:e7:f1:e6:d2:66:82:60:e5:55:02:0a:
07:40:34:32:54:7d:6f:26:18:d1:b1:cb:0e:04:75:02:62:45:
ca:44:12:b0:8e:ef:a3:83:76:de:16:a7:5f:6f:3f:b4:5b:33:
2f:0f:18:6a:c6:f9:09:88:2e:ad:fb:b4:0a:37:0c:e6:5b:48:
fe:44:e8:92:7b:4b:b8:31:08:67:8b:2f:f6:14:2a:bc:f0:3a:
be:6c:8a:df:52:8f:26:06:de:c3:cc:07:d2:30:03:ed:e6:6f:
81:07:52:cf:e7:f4:07:7b:da:8d:4e:1e:8f:90:f3:39:bb:10:
e6:bc:29:b2:7d:79:4c:5a:51:93:c3:60:54:f4:90:47:60:53:
60:8a:a8:97:6c:a1:61:f6:13:fb:81:03:ed:47:33:10:bd:f4:
d1:e7:e4:b6
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUJ248VVY/eHxQLsf8bkwiHJuQrbkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MDYwNjMwMThaFw0yNjA1MDUwNjM1MThaMDMxMTAvBgNV
BAMTKDM2QUFBREIwOUZFNDUzNjI5RkI1MEExREMyMDI0MzgyNjczRDUxODUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1hoeZIHlhyc+VP0wz2UcPrmHM
2GdKCd1DhNA4CcnhqXe84/nodyFY0RwD14D9eH9XaxXi2IpJ6674s/1NDsqGnvXX
ke6NmnpSqB9fRwpBoCM1mHvABsT6JIMngdF9QzLxSNFV6D1bik89CdwSFSk9XXfu
RoBtB2lqDL6zj/AXslNUdFK7e2SSxMd2JnMyD9qkdkXScZqd0sQZOC9/rThY/z30
8priic2agrvybD9TfefP9gDFfbm3dji0UAwgUv5S6+7feT/+BVrmDslYzpQASJCo
qCNi2lCLNcmM3K5jT/MHCR2u+3KwACdnCshjY+4qLac8rOvGnNmY+VDMdJEtAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUNqqtsJ/kU2KftQodwgJDgmc9UYUwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzMjM0
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTMwMzYzNS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAI8U
8zANBgkqhkiG9w0BAQsFAAOCAQEAffnfJCR1/D6uiRkVpiN/guQResaUlMHp9xRY
Lr/ZF0tgOHXINYU9k7eQJ6cIPVtHShFeEb/7QwZeB9/Zpq4aR4xsex0ynB5Pnsos
ghSOafchV0TukirQB++O5b0OTCNHEOfx5tJmgmDlVQIKB0A0MlR9byYY0bHLDgR1
AmJFykQSsI7vo4N23hanX28/tFszLw8Yasb5CYgurfu0CjcM5ltI/kTokntLuDEI
Z4sv9hQqvPA6vmyK31KPJgbew8wH0jAD7eZvgQdSz+f0B3vajU4ej5DzObsQ5rwp
sn15TFpRk8NgVPSQR2BTYIqol2yhYfYT+4ED7UczEL300efktg==
-----END CERTIFICATE-----
Generated at Thu May 8 16:06:18 2025 by rpki-client