Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e38332e302f32342d3234203d3e2039303039.roa
File: 3231332e3133392e38332e302f32342d3234203d3e2039303039.roa (raw, json)
Hash identifier: IdSy9DI41okmJzC8kiYhvPIkxbhT29hGtDcstol94Gs=
Subject key identifier: 6C:AC:34:C7:75:5F:11:A1:42:4F:A3:38:42:29:C1:7A:6B:9B:67:16
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 62C80FDEAB502BA2C075172C031F889F3AFBFCB7
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e38332e302f32342d3234203d3e2039303039.roa
Signing time: Fri 18 Apr 2025 15:54:02 +0000
ROA not before: Fri 18 Apr 2025 15:49:02 +0000
ROA not after: Fri 17 Apr 2026 15:54:02 +0000
asID: 9009
IP address blocks: 213.139.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:c8:0f:de:ab:50:2b:a2:c0:75:17:2c:03:1f:88:9f:3a:fb:fc:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Apr 18 15:49:02 2025 GMT
Not After : Apr 17 15:54:02 2026 GMT
Subject: CN=6CAC34C7755F11A1424FA3384229C17A6B9B6716
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:5e:a1:5c:71:e1:5c:e6:3d:8a:1d:10:c2:c9:
aa:ed:94:bb:3a:ec:a7:68:5f:cf:14:cf:46:db:f2:
79:d8:1e:79:f3:96:53:d7:84:58:46:a1:73:28:ed:
ab:1a:18:fc:33:bf:6d:72:58:8b:4e:e8:f4:b1:73:
05:ac:e6:b8:79:41:57:01:04:9c:6d:37:a5:41:9f:
95:b6:a7:99:82:34:54:a6:13:01:cf:6b:7e:2d:7c:
be:90:d0:b6:2a:6e:cd:25:e7:ec:6b:e7:04:e7:26:
ad:db:40:e6:22:bd:52:64:1f:f9:a9:e8:3a:0c:db:
12:d5:17:5c:54:2f:96:a2:3b:13:e7:d4:79:01:98:
eb:37:59:0b:12:2c:28:48:ed:7f:6b:f4:ba:06:64:
e2:d7:9c:78:d6:b1:4b:2c:b8:da:e7:c7:f8:64:79:
6b:6b:12:8a:70:d2:85:3d:29:01:15:b6:ae:6b:c4:
fb:d3:8b:8c:97:9c:d9:10:86:df:57:9a:b0:b3:57:
06:44:57:d9:0b:0e:46:13:41:44:52:98:80:78:08:
5b:37:b4:d1:a8:ba:a0:68:6f:28:b1:57:40:e4:25:
e1:86:62:e0:55:e8:6f:39:29:73:6d:45:13:19:52:
69:2a:f7:f8:07:bb:15:a7:b5:97:a7:25:9f:1d:5d:
a1:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:AC:34:C7:75:5F:11:A1:42:4F:A3:38:42:29:C1:7A:6B:9B:67:16
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e38332e302f32342d3234203d3e2039303039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.83.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:63:02:e1:d6:c5:64:16:73:dd:9f:0e:3f:fa:5b:41:d2:a3:
ce:10:5b:14:81:ec:68:6f:fb:d0:47:d7:02:c0:aa:ea:2f:ac:
fb:a5:fc:c8:0b:36:3b:68:7b:c9:46:06:00:89:f8:4c:f8:1d:
24:86:46:8c:cf:40:bf:0e:05:7d:7e:67:5c:1e:07:c2:10:ae:
61:34:47:ce:50:1d:56:c1:9b:af:0e:19:61:88:98:93:3f:07:
43:78:b0:34:20:64:e1:1e:5b:18:3b:b2:fe:39:3b:a9:19:da:
82:2c:77:e2:a6:f5:8f:3c:8e:a6:19:fc:63:bc:a6:78:bc:02:
3f:54:93:aa:c1:e4:df:2d:65:f7:d2:b8:c0:61:db:c0:d8:b7:
5a:1e:17:2d:92:2d:ad:e9:40:c6:36:7e:a8:e4:62:d5:97:c7:
72:2f:ac:65:7b:2a:98:43:21:fc:9e:26:a6:dc:96:d9:f5:ea:
77:da:cf:f3:84:ea:6f:0a:fd:83:b2:4c:d2:04:30:76:45:af:
62:ef:d3:31:d3:88:11:8c:c6:13:a1:ed:11:2b:6b:0e:e1:82:
2b:38:4a:26:5d:78:84:39:b1:1b:9a:59:a7:91:74:7c:72:5a:
c7:df:49:d4:de:22:f9:4d:85:2c:6d:db:89:de:02:69:a0:96:
2a:67:5e:ba
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUYsgP3qtQK6LAdRcsAx+Inzr7/LcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNTA0MTgxNTQ5MDJaFw0yNjA0MTcxNTU0MDJaMDMxMTAvBgNV
BAMTKDZDQUMzNEM3NzU1RjExQTE0MjRGQTMzODQyMjlDMTdBNkI5QjY3MTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzXqFcceFc5j2KHRDCyartlLs6
7KdoX88Uz0bb8nnYHnnzllPXhFhGoXMo7asaGPwzv21yWItO6PSxcwWs5rh5QVcB
BJxtN6VBn5W2p5mCNFSmEwHPa34tfL6Q0LYqbs0l5+xr5wTnJq3bQOYivVJkH/mp
6DoM2xLVF1xUL5aiOxPn1HkBmOs3WQsSLChI7X9r9LoGZOLXnHjWsUssuNrnx/hk
eWtrEopw0oU9KQEVtq5rxPvTi4yXnNkQht9XmrCzVwZEV9kLDkYTQURSmIB4CFs3
tNGouqBobyixV0DkJeGGYuBV6G85KXNtRRMZUmkq9/gHuxWntZenJZ8dXaERAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUbKw0x3VfEaFCT6M4QinBemubZxYwHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM4
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzOTMwMzAzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANWL
UzANBgkqhkiG9w0BAQsFAAOCAQEACmMC4dbFZBZz3Z8OP/pbQdKjzhBbFIHsaG/7
0EfXAsCq6i+s+6X8yAs2O2h7yUYGAIn4TPgdJIZGjM9Avw4FfX5nXB4HwhCuYTRH
zlAdVsGbrw4ZYYiYkz8HQ3iwNCBk4R5bGDuy/jk7qRnagix34qb1jzyOphn8Y7ym
eLwCP1STqsHk3y1l99K4wGHbwNi3Wh4XLZItrelAxjZ+qORi1ZfHci+sZXsqmEMh
/J4mptyW2fXqd9rP84Tqbwr9g7JM0gQwdkWvYu/TMdOIEYzGE6HtEStrDuGCKzhK
Jl14hDmxG5pZp5F0fHJax99J1N4i+U2FLG3bid4CaaCWKmdeug==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:52:06 2025 by rpki-client