Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/3231332e352e3132392e302f32342d3234203d3e20323132323338.roa
File: 3231332e352e3132392e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: y+MccKPhc/2KhhvHGoqYvoNRkkUTzEwbJt4GOMeUfuU=
Subject key identifier: 71:84:41:E4:D1:C8:B4:0B:1C:FD:73:78:D4:6E:A5:F8:8B:C2:32:77
Certificate issuer: /CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Certificate serial: 1DAED249A191E9AA53FCEC389E2CC57EBFDCCC8C
Authority key identifier: FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/3231332e352e3132392e302f32342d3234203d3e20323132323338.roa
Signing time: Mon 10 Mar 2025 18:38:03 +0000
ROA not before: Mon 10 Mar 2025 18:33:03 +0000
ROA not after: Mon 09 Mar 2026 18:38:03 +0000
asID: 212238
IP address blocks: 213.5.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.mft
rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 05:38:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:ae:d2:49:a1:91:e9:aa:53:fc:ec:38:9e:2c:c5:7e:bf:dc:cc:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Validity
Not Before: Mar 10 18:33:03 2025 GMT
Not After : Mar 9 18:38:03 2026 GMT
Subject: CN=718441E4D1C8B40B1CFD7378D46EA5F88BC23277
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e5:ef:c4:a0:a4:c0:c5:c4:bb:40:6b:a3:6c:
64:d9:22:2e:c1:39:ba:58:32:95:32:c7:20:5e:51:
97:6e:7e:ae:fd:d2:ce:c7:b0:31:06:e8:e1:b6:4d:
b8:00:ba:89:f0:3a:a2:59:63:20:d5:fd:22:5a:87:
43:2c:ef:27:56:5e:f0:04:fc:24:b1:b1:8e:bc:51:
a4:89:8c:03:72:c5:36:23:44:ad:95:a9:0d:76:f8:
56:a6:b1:d6:95:c2:21:36:2f:ba:a3:9c:70:9b:8c:
73:b0:4c:9d:b3:7c:a4:6e:c1:68:e1:04:1a:a7:00:
cb:a6:c1:3e:fb:36:ee:57:ae:96:af:0d:02:88:07:
36:f1:8d:0a:d0:51:ba:c6:e9:7a:ff:52:9b:19:90:
3c:fe:26:b3:a6:bd:9b:07:71:46:2a:b3:74:ee:cf:
a7:b3:c0:e5:cf:a0:1d:4d:68:01:34:f2:01:7d:d3:
5a:c7:5e:e1:8e:35:d6:ee:3c:81:b7:7e:6a:fe:fd:
1f:8c:fb:d0:33:85:20:d8:98:de:22:af:7b:e8:39:
b3:9b:e3:5c:4c:38:ba:25:71:15:14:c2:ab:d3:d7:
aa:80:f0:35:3c:fe:7a:c1:fa:96:d4:df:33:61:9e:
8b:33:05:80:1b:46:88:a2:bf:d7:93:83:35:5c:fa:
fd:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:84:41:E4:D1:C8:B4:0B:1C:FD:73:78:D4:6E:A5:F8:8B:C2:32:77
X509v3 Authority Key Identifier:
keyid:FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/3231332e352e3132392e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.5.129.0/24
Signature Algorithm: sha256WithRSAEncryption
00:bb:d9:24:5d:8d:cf:14:51:66:14:21:11:b1:55:54:5c:82:
3f:20:d1:64:eb:5e:4f:e0:27:2c:d1:99:55:0f:8c:a2:bd:33:
5f:bd:e7:42:f1:d4:8c:ca:c3:27:72:81:cf:46:63:cf:47:24:
7e:f1:9a:7a:24:c3:9e:6e:0c:39:de:cb:9d:4c:07:c9:5a:66:
44:c8:8b:87:0a:62:8f:d2:b8:d3:6f:3b:60:61:7c:18:bb:10:
93:23:39:2b:d7:14:d7:0c:4f:50:11:e1:e3:96:ae:64:28:8d:
06:39:d7:31:1d:d4:9d:3e:6e:db:20:15:9d:82:13:b1:bc:b7:
e7:9d:70:b8:05:d5:a6:0d:42:f4:4e:f3:0f:fd:53:91:8c:28:
a3:03:88:c5:c1:b1:dc:7f:4d:a0:a7:73:7e:04:f6:30:1c:8c:
63:47:9b:5b:be:c2:82:51:78:38:86:7d:56:3d:cc:5d:72:69:
d4:78:90:cd:df:5a:43:e1:2e:df:96:ee:b8:7d:4d:80:e4:c6:
14:b4:c7:54:e3:9e:35:7c:86:66:9b:00:70:c9:dd:2c:db:bb:
cd:c0:ff:30:5e:fe:b3:1b:3b:95:54:db:94:0b:cc:a3:de:52:
20:ac:b6:d0:51:b3:93:1d:30:ef:e8:c3:82:6e:a5:25:38:88:
9c:81:05:36
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUHa7SSaGR6apT/Ow4nizFfr/czIwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmY0MjZmMTliYTY3YmM4OWRlNWFlNmRmNDg3YzFjOGMx
ZTc1MmUyNzAeFw0yNTAzMTAxODMzMDNaFw0yNjAzMDkxODM4MDNaMDMxMTAvBgNV
BAMTKDcxODQ0MUU0RDFDOEI0MEIxQ0ZENzM3OEQ0NkVBNUY4OEJDMjMyNzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCs5e/EoKTAxcS7QGujbGTZIi7B
ObpYMpUyxyBeUZdufq790s7HsDEG6OG2TbgAuonwOqJZYyDV/SJah0Ms7ydWXvAE
/CSxsY68UaSJjANyxTYjRK2VqQ12+FamsdaVwiE2L7qjnHCbjHOwTJ2zfKRuwWjh
BBqnAMumwT77Nu5XrpavDQKIBzbxjQrQUbrG6Xr/UpsZkDz+JrOmvZsHcUYqs3Tu
z6ezwOXPoB1NaAE08gF901rHXuGONdbuPIG3fmr+/R+M+9AzhSDYmN4ir3voObOb
41xMOLolcRUUwqvT16qA8DU8/nrB+pbU3zNhnoszBYAbRoiiv9eTgzVc+v1HAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUcYRB5NHItAsc/XN41G6l+IvCMncwHwYDVR0j
BBgwFoAU/0JvGbpnvIneWubfSHwcjB51LicwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUtYmE5My00NjVmLTliNmUtN2ZiZDYzYmRm
ZjYzLzAvRkY0MjZGMTlCQTY3QkM4OURFNUFFNkRGNDg3QzFDOEMxRTc1MkUyNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL18wSnZHYnBudkluZVd1YmZTSHdjakI1
MUxpYy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUt
YmE5My00NjVmLTliNmUtN2ZiZDYzYmRmZjYzLzAvMzIzMTMzMmUzNTJlMzEzMjM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzIzMzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1QWBMA0GCSqGSIb3DQEBCwUAA4IBAQAAu9kkXY3PFFFmFCERsVVUXII/INFk615P
4Ccs0ZlVD4yivTNfvedC8dSMysMncoHPRmPPRyR+8Zp6JMOebgw53sudTAfJWmZE
yIuHCmKP0rjTbztgYXwYuxCTIzkr1xTXDE9QEeHjlq5kKI0GOdcxHdSdPm7bIBWd
ghOxvLfnnXC4BdWmDUL0TvMP/VORjCijA4jFwbHcf02gp3N+BPYwHIxjR5tbvsKC
UXg4hn1WPcxdcmnUeJDN31pD4S7flu64fU2A5MYUtMdU4541fIZmmwBwyd0s27vN
wP8wXv6zGzuVVNuUC8yj3lIgrLbQUbOTHTDv6MOCbqUlOIicgQU2
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:35:42 2025 by rpki-client