Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3235352e302f32342d3234203d3e20383334.roa
File: 3134332e32302e3235352e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: XhoKaOQqHJwXQf/Q7nqjjhRzr/Oq+n5dWlb4HctMBFQ=
Subject key identifier: B9:11:F9:2F:CE:0D:E9:86:04:AA:F4:57:00:61:E0:25:4C:55:6C:44
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 160E5D054B994059D25960D319C63C37CCB85F18
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3235352e302f32342d3234203d3e20383334.roa
Signing time: Tue 06 May 2025 06:35:06 +0000
ROA not before: Tue 06 May 2025 06:30:06 +0000
ROA not after: Tue 05 May 2026 06:35:06 +0000
asID: 834
IP address blocks: 143.20.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 08 May 2025 16:19:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:0e:5d:05:4b:99:40:59:d2:59:60:d3:19:c6:3c:37:cc:b8:5f:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: May 6 06:30:06 2025 GMT
Not After : May 5 06:35:06 2026 GMT
Subject: CN=B911F92FCE0DE98604AAF4570061E0254C556C44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:49:e7:bf:c5:4a:61:64:db:fc:f0:5e:4d:6b:
46:1b:07:e1:fe:46:67:8c:4d:bd:88:c8:28:ef:52:
a7:b3:88:99:aa:07:05:b7:70:9f:3d:ec:49:e3:99:
ba:35:33:bb:9a:13:f0:9f:29:45:b2:e7:71:d6:21:
74:be:4b:86:94:18:d9:3f:f1:63:5b:a4:6e:b2:46:
d6:38:03:e9:ef:a4:d5:8b:7e:95:d5:4e:c6:f3:82:
15:be:19:ab:53:3c:08:bc:ad:3d:29:30:f9:b1:ce:
72:29:54:26:e2:ef:9c:b1:81:0e:00:4c:ff:fe:d1:
c7:60:d3:07:bd:fc:cb:74:93:89:62:0c:dc:1e:ff:
7a:82:b9:5f:b8:c9:e9:52:3a:5a:de:ce:d6:cc:8c:
a0:8e:5d:19:bf:3d:8a:47:e6:1a:3e:da:70:e4:cb:
d2:12:03:02:96:10:de:19:cf:b3:89:b1:d5:47:ea:
b6:47:7f:69:61:72:16:90:9a:c1:b2:c8:a3:5c:de:
d2:fd:14:eb:7a:5b:2e:0f:08:bb:3b:62:a6:f0:c6:
d6:f7:fc:07:f7:d9:51:c8:e8:02:6d:99:98:a4:11:
81:17:9a:2e:b7:31:94:2c:e1:88:5e:56:b0:f4:73:
df:ce:a1:fc:ad:fe:ac:a0:2b:89:91:3c:5e:88:e8:
4b:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:11:F9:2F:CE:0D:E9:86:04:AA:F4:57:00:61:E0:25:4C:55:6C:44
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/3134332e32302e3235352e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.255.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:36:fb:da:81:ee:b9:02:09:34:85:b4:a2:e1:fc:10:fa:90:
62:95:2d:25:5f:97:9b:42:03:00:a5:3d:ee:8d:ef:35:44:82:
ec:ff:ad:70:da:7a:8b:ab:50:ec:8d:3e:ed:0f:ac:d1:28:ba:
50:63:ab:15:c1:63:48:25:4a:6b:ad:9d:51:e3:da:17:a5:4a:
02:bd:4a:d4:31:ea:52:1c:c2:14:0b:3a:be:8d:24:c6:35:3c:
a8:e5:07:3c:18:bf:f2:f7:fc:ba:8a:7a:fa:71:d0:0c:09:b0:
54:c6:1e:73:f0:ab:92:c3:4f:b1:6c:d9:34:8b:71:49:2a:18:
8c:9e:0e:71:f9:06:35:a2:88:c9:8a:b2:c1:2d:79:64:79:de:
ff:53:73:92:f2:ed:a3:e5:4b:bb:2f:8d:86:d8:9c:5b:49:ea:
70:c5:98:da:77:cf:d6:a6:7d:3d:2a:3b:fc:d2:53:6c:4b:7c:
a6:b2:3e:8a:1b:cd:7d:8c:af:92:91:b4:72:d7:1d:7f:f6:d1:
c0:0a:a2:06:5d:98:4f:96:49:24:b2:17:37:a6:5f:cf:bd:d6:
10:17:65:d3:11:2d:ad:5e:24:a6:02:2c:c2:8a:95:8c:1c:84:
61:39:02:ab:2f:db:5c:83:08:6f:d3:bc:a2:e2:bf:52:f6:b1:
85:ad:ff:6b
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUFg5dBUuZQFnSWWDTGcY8N8y4XxgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA1MDYwNjMwMDZaFw0yNjA1MDUwNjM1MDZaMDMxMTAvBgNV
BAMTKEI5MTFGOTJGQ0UwREU5ODYwNEFBRjQ1NzAwNjFFMDI1NEM1NTZDNDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLSee/xUphZNv88F5Na0YbB+H+
RmeMTb2IyCjvUqeziJmqBwW3cJ897Enjmbo1M7uaE/CfKUWy53HWIXS+S4aUGNk/
8WNbpG6yRtY4A+nvpNWLfpXVTsbzghW+GatTPAi8rT0pMPmxznIpVCbi75yxgQ4A
TP/+0cdg0we9/Mt0k4liDNwe/3qCuV+4yelSOlreztbMjKCOXRm/PYpH5ho+2nDk
y9ISAwKWEN4Zz7OJsdVH6rZHf2lhchaQmsGyyKNc3tL9FOt6Wy4PCLs7Yqbwxtb3
/Af32VHI6AJtmZikEYEXmi63MZQs4YheVrD0c9/Oofyt/qygK4mRPF6I6EsTAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUuRH5L84N6YYEqvRXAGHgJUxVbEQwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjIt
ZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2MmUwLzAvMzEzNDMzMmUzMjMwMmUzMjM1
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACPFP8w
DQYJKoZIhvcNAQELBQADggEBAMQ2+9qB7rkCCTSFtKLh/BD6kGKVLSVfl5tCAwCl
Pe6N7zVEguz/rXDaeourUOyNPu0PrNEoulBjqxXBY0glSmutnVHj2helSgK9StQx
6lIcwhQLOr6NJMY1PKjlBzwYv/L3/LqKevpx0AwJsFTGHnPwq5LDT7Fs2TSLcUkq
GIyeDnH5BjWiiMmKssEteWR53v9Tc5Ly7aPlS7svjYbYnFtJ6nDFmNp3z9amfT0q
O/zSU2xLfKayPoobzX2Mr5KRtHLXHX/20cAKogZdmE+WSSSyFzemX8+91hAXZdMR
La1eJKYCLMKKlYwchGE5Aqsv21yDCG/TvKLiv1L2sYWt/2s=
-----END CERTIFICATE-----
Generated at Thu May 8 06:41:51 2025 by rpki-client