Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e33312e3134382e302f32342d3234203d3e20313336353031.roa
File: 3139342e33312e3134382e302f32342d3234203d3e20313336353031.roa (raw, json)
Hash identifier: GqgB+JuDA2wAw32ZSE48WyJaGFYDIg3/pHp/6CNAWXw=
Subject key identifier: 84:C9:65:A1:38:90:5C:D9:8C:1F:80:CA:4D:0E:8F:99:0B:EB:1B:B3
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 561411F51EEA955F39CF9A2277DA65DBC8D23207
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e33312e3134382e302f32342d3234203d3e20313336353031.roa
Signing time: Wed 30 Apr 2025 14:35:03 +0000
ROA not before: Wed 30 Apr 2025 14:30:03 +0000
ROA not after: Wed 29 Apr 2026 14:35:03 +0000
asID: 136501
IP address blocks: 194.31.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 21:22:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:14:11:f5:1e:ea:95:5f:39:cf:9a:22:77:da:65:db:c8:d2:32:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Apr 30 14:30:03 2025 GMT
Not After : Apr 29 14:35:03 2026 GMT
Subject: CN=84C965A138905CD98C1F80CA4D0E8F990BEB1BB3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:f8:c1:20:9c:3c:f5:39:03:e5:fd:f0:28:55:
e7:40:17:7d:39:7c:11:23:a8:d9:62:a8:19:f8:20:
10:e7:43:ec:82:1c:6c:18:df:19:ac:ae:69:d5:23:
3c:d4:ab:cb:6d:58:8c:1c:45:6e:37:81:c2:d3:7f:
4a:88:3e:7c:8f:11:09:ce:39:67:f5:a7:28:d1:8a:
52:0b:6b:7a:c5:9a:18:92:45:d5:fc:ef:c0:19:de:
24:e6:2a:ce:19:c1:34:f6:82:d7:a6:a3:45:00:56:
f3:4b:1e:62:df:1d:63:2e:ec:10:54:c3:59:f2:f5:
8d:63:ad:14:4c:be:de:c6:ea:5b:06:87:6b:70:02:
cb:54:25:05:b7:f7:08:2a:05:3c:d8:e3:21:7f:a6:
7d:21:a8:ad:08:3e:e3:e9:3a:e5:2f:73:61:87:09:
f4:f0:ac:5e:17:05:92:81:5b:b6:0b:a3:9b:7e:78:
d6:ce:64:94:98:11:e3:1b:96:0d:bc:2b:64:29:6b:
f7:99:44:ac:cf:e4:0d:19:22:8e:e2:a9:cd:8a:22:
30:a8:ec:85:f7:a4:68:a4:de:79:99:cd:ae:f7:03:
1d:ce:b2:88:3c:7f:ca:1b:f7:1b:80:bd:86:40:91:
4d:04:28:80:a5:77:a4:43:dc:c5:61:91:c5:7a:93:
5d:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:C9:65:A1:38:90:5C:D9:8C:1F:80:CA:4D:0E:8F:99:0B:EB:1B:B3
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e33312e3134382e302f32342d3234203d3e20313336353031.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.148.0/24
Signature Algorithm: sha256WithRSAEncryption
07:63:13:2f:00:28:03:d3:ca:6a:3c:0e:70:5b:3f:99:1c:f7:
73:7b:4b:8a:d9:6f:c2:3a:43:5b:5f:aa:d9:69:4c:35:86:f1:
39:da:5e:68:83:b8:98:b3:57:39:76:87:bc:ad:9d:2e:99:35:
7c:c9:e1:ca:e6:8c:8d:3b:e4:aa:5c:2a:67:c7:b9:c1:c5:f5:
1d:88:65:50:05:26:14:c0:44:f9:2e:d2:fe:d0:01:f6:8f:a3:
ce:89:6c:3d:8f:1c:d3:48:07:ea:3c:7f:19:02:49:b8:c6:62:
f8:f9:fe:67:b5:64:46:d7:9f:26:bb:0d:ac:af:67:a6:1a:1f:
0d:ae:dc:be:7c:af:82:8b:57:f6:f3:fb:f5:1c:93:db:e7:d1:
d8:a8:d8:42:07:7c:ec:e2:3b:57:20:3c:b3:bc:68:7a:55:e3:
ba:d2:bd:68:10:13:c3:4c:15:a0:95:de:92:39:62:6c:d7:be:
b4:10:08:71:9b:57:c6:1a:d2:ea:62:35:52:cd:3f:97:19:6c:
bc:1c:31:2c:0e:60:7d:56:cf:0e:d1:4f:7a:56:15:7e:af:60:
f8:d3:de:bb:a2:6a:21:fa:c3:5d:1a:dc:1d:3c:bc:68:f2:64:
25:5c:14:42:53:23:b4:e6:7f:5f:cf:6c:dc:43:54:38:b9:97:
34:c2:5a:a0
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUVhQR9R7qlV85z5oid9pl28jSMgcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTA0MzAxNDMwMDNaFw0yNjA0MjkxNDM1MDNaMDMxMTAvBgNV
BAMTKDg0Qzk2NUExMzg5MDVDRDk4QzFGODBDQTREMEU4Rjk5MEJFQjFCQjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDh+MEgnDz1OQPl/fAoVedAF305
fBEjqNliqBn4IBDnQ+yCHGwY3xmsrmnVIzzUq8ttWIwcRW43gcLTf0qIPnyPEQnO
OWf1pyjRilILa3rFmhiSRdX878AZ3iTmKs4ZwTT2gtemo0UAVvNLHmLfHWMu7BBU
w1ny9Y1jrRRMvt7G6lsGh2twAstUJQW39wgqBTzY4yF/pn0hqK0IPuPpOuUvc2GH
CfTwrF4XBZKBW7YLo5t+eNbOZJSYEeMblg28K2Qpa/eZRKzP5A0ZIo7iqc2KIjCo
7IX3pGik3nmZza73Ax3Osog8f8ob9xuAvYZAkU0EKICld6RD3MVhkcV6k109AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUhMlloTiQXNmMH4DKTQ6PmQvrG7MwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzOTM0MmUzMzMxMmUzMTM0
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNTMwMzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCH5QwDQYJKoZIhvcNAQELBQADggEBAAdjEy8AKAPTymo8DnBbP5kc93N7S4rZ
b8I6Q1tfqtlpTDWG8TnaXmiDuJizVzl2h7ytnS6ZNXzJ4crmjI075KpcKmfHucHF
9R2IZVAFJhTARPku0v7QAfaPo86JbD2PHNNIB+o8fxkCSbjGYvj5/me1ZEbXnya7
DayvZ6YaHw2u3L58r4KLV/bz+/Uck9vn0dio2EIHfOziO1cgPLO8aHpV47rSvWgQ
E8NMFaCV3pI5YmzXvrQQCHGbV8Ya0upiNVLNP5cZbLwcMSwOYH1Wzw7RT3pWFX6v
YPjT3ruiaiH6w10a3B08vGjyZCVcFEJTI7Tmf1/PbNxDVDi5lzTCWqA=
-----END CERTIFICATE-----
Generated at Sat May 10 06:31:57 2025 by rpki-client