Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139342e33342e3235322e302f32342d3234203d3e20323036393731.roa
File: 3139342e33342e3235322e302f32342d3234203d3e20323036393731.roa (raw, json)
Hash identifier: aYNcu7SgqRw6uDvPDAGSj8gsUX4syWa+JAG6WdaKU+4=
Subject key identifier: CC:4A:10:FE:FF:8E:2F:89:91:E1:DE:E7:5D:62:37:FC:59:E2:47:C4
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 4F3089529BD1FF58C5E56A54998C915CF36ABE69
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139342e33342e3235322e302f32342d3234203d3e20323036393731.roa
Signing time: Sun 15 Jun 2025 12:19:32 +0000
ROA not before: Sun 15 Jun 2025 12:14:32 +0000
ROA not after: Sun 14 Jun 2026 12:19:32 +0000
asID: 206971
IP address blocks: 194.34.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 18 Jun 2025 02:27:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:30:89:52:9b:d1:ff:58:c5:e5:6a:54:99:8c:91:5c:f3:6a:be:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Jun 15 12:14:32 2025 GMT
Not After : Jun 14 12:19:32 2026 GMT
Subject: CN=CC4A10FEFF8E2F8991E1DEE75D6237FC59E247C4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:23:ab:31:ab:16:fc:9e:8c:73:2d:80:77:4c:
71:02:6e:13:4d:b5:90:24:fa:89:7d:e5:f7:29:e4:
12:ad:51:ba:27:80:4d:b4:0e:52:9a:18:8b:14:33:
15:27:94:c7:33:ac:fa:4f:f5:06:37:60:a0:c1:fa:
3a:03:13:26:ef:40:33:f3:16:4b:ba:12:64:9c:af:
3e:01:ea:57:ea:a3:30:b2:48:2f:05:96:16:87:71:
6a:0f:aa:6c:08:cc:9a:07:80:9f:df:65:03:fd:ef:
25:00:11:1a:2a:15:9d:c7:47:57:f6:d1:6f:5f:73:
4c:36:1a:1b:e6:2c:1d:8f:45:69:fd:51:4b:16:05:
74:8f:54:5f:b6:7f:8b:d9:54:4b:e5:e5:29:18:cb:
88:de:1c:87:3f:12:65:5b:4f:bf:1c:ef:b0:d6:99:
60:b1:da:4d:e0:18:99:02:d0:0d:88:e6:27:8c:bd:
eb:86:95:16:ed:3b:e8:87:c6:46:39:85:cb:73:1a:
86:fd:ff:fb:d6:cd:2c:68:04:75:49:3f:5d:65:5a:
be:6d:12:e8:0d:35:3f:45:e0:1a:eb:aa:1c:a8:19:
57:30:04:3d:0e:13:1d:b3:f2:26:e3:82:20:13:73:
ec:5b:43:ab:b4:73:68:16:b1:bb:6b:5c:8f:24:d6:
50:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:4A:10:FE:FF:8E:2F:89:91:E1:DE:E7:5D:62:37:FC:59:E2:47:C4
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139342e33342e3235322e302f32342d3234203d3e20323036393731.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.34.252.0/24
Signature Algorithm: sha256WithRSAEncryption
62:4b:83:cc:0b:98:7a:63:f7:f5:a2:72:37:41:a3:2c:e3:b9:
48:a5:6d:db:61:c4:55:24:a7:8a:ea:ba:39:22:a1:1f:9c:c3:
2c:f9:da:b7:a1:f3:84:4d:72:2c:fa:f1:0a:01:37:a9:60:e1:
62:20:91:f2:87:ba:5f:6b:20:ba:59:89:82:ed:f6:0b:d1:d7:
d9:9a:44:5f:ed:ce:99:59:e0:d4:21:13:3d:fc:52:77:ea:52:
b5:78:d4:cf:e5:11:41:e0:ee:f1:c4:3d:39:ea:e6:3e:df:ad:
34:1a:f1:0c:65:b2:55:ee:68:af:dc:b7:dd:c8:fb:15:0d:ce:
b0:84:b5:b6:f1:06:50:6c:c5:52:6a:36:c3:26:1c:e1:79:66:
6b:a6:6a:18:f0:bd:f0:ff:0d:b1:bc:b5:ee:2a:b4:33:b8:9d:
4a:7e:8a:c9:4b:b6:3c:f3:c5:f1:8d:76:42:96:d9:c5:f9:9b:
27:39:10:dd:b0:2e:a3:1e:6c:45:f6:50:96:df:2f:db:0b:ea:
ab:ea:43:ed:36:39:9a:93:9b:a4:e8:b7:ca:4e:21:cb:37:17:
ad:e3:a4:17:48:61:eb:64:1b:85:ac:f5:e9:f7:71:de:d7:27:
0f:9c:d4:db:02:f4:8d:08:51:a6:ce:fd:a0:38:71:e3:ca:eb:
d8:65:b6:d6
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUTzCJUpvR/1jF5WpUmYyRXPNqvmkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNTA2MTUxMjE0MzJaFw0yNjA2MTQxMjE5MzJaMDMxMTAvBgNV
BAMTKENDNEExMEZFRkY4RTJGODk5MUUxREVFNzVENjIzN0ZDNTlFMjQ3QzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjI6sxqxb8noxzLYB3THECbhNN
tZAk+ol95fcp5BKtUbongE20DlKaGIsUMxUnlMczrPpP9QY3YKDB+joDEybvQDPz
Fku6EmScrz4B6lfqozCySC8FlhaHcWoPqmwIzJoHgJ/fZQP97yUAERoqFZ3HR1f2
0W9fc0w2GhvmLB2PRWn9UUsWBXSPVF+2f4vZVEvl5SkYy4jeHIc/EmVbT78c77DW
mWCx2k3gGJkC0A2I5ieMveuGlRbtO+iHxkY5hctzGob9//vWzSxoBHVJP11lWr5t
EugNNT9F4BrrqhyoGVcwBD0OEx2z8ibjgiATc+xbQ6u0c2gWsbtrXI8k1lArAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUzEoQ/v+OL4mR4d7nXWI3/FniR8QwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzOTM0MmUzMzM0MmUzMjM1
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzYzOTM3MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCIvwwDQYJKoZIhvcNAQELBQADggEBAGJLg8wLmHpj9/WicjdBoyzjuUilbdth
xFUkp4rqujkioR+cwyz52reh84RNciz68QoBN6lg4WIgkfKHul9rILpZiYLt9gvR
19maRF/tzplZ4NQhEz38UnfqUrV41M/lEUHg7vHEPTnq5j7frTQa8QxlslXuaK/c
t93I+xUNzrCEtbbxBlBsxVJqNsMmHOF5ZmumahjwvfD/DbG8te4qtDO4nUp+islL
tjzzxfGNdkKW2cX5myc5EN2wLqMebEX2UJbfL9sL6qvqQ+02OZqTm6Tot8pOIcs3
F63jpBdIYetkG4Ws9en3cd7XJw+c1NsC9I0IUabO/aA4cePK69hlttY=
-----END CERTIFICATE-----
Generated at Tue Jun 17 19:19:15 2025 by rpki-client