Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e38382e302f32342d3234203d3e2039303039.roa
File: 3231332e3133392e38382e302f32342d3234203d3e2039303039.roa (raw, json)
Hash identifier: FBtJ+MNYwdWO4In9hmlePFb198UWpspP65HhFA9Ht28=
Subject key identifier: 44:C5:56:18:ED:A0:04:EB:36:71:99:F7:5A:77:0A:16:54:C7:84:93
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 4749E517BA51751ABD2AE8265D7E7C6F7828D0C3
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e38382e302f32342d3234203d3e2039303039.roa
Signing time: Mon 21 Apr 2025 10:54:03 +0000
ROA not before: Mon 21 Apr 2025 10:49:03 +0000
ROA not after: Mon 20 Apr 2026 10:54:03 +0000
asID: 9009
IP address blocks: 213.139.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 00:36:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:49:e5:17:ba:51:75:1a:bd:2a:e8:26:5d:7e:7c:6f:78:28:d0:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Apr 21 10:49:03 2025 GMT
Not After : Apr 20 10:54:03 2026 GMT
Subject: CN=44C55618EDA004EB367199F75A770A1654C78493
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:1a:7d:48:da:df:7a:82:06:c6:bc:b5:83:bc:
57:3f:4f:be:fd:c3:2c:cc:71:11:48:54:e0:91:e9:
b2:38:35:73:f3:0f:b3:06:9e:a9:1f:8e:eb:7a:0c:
ea:2b:e2:d2:1a:87:09:82:74:58:e9:1a:99:e3:ab:
34:b9:98:b7:71:5d:2b:ca:8f:2c:44:1b:3b:70:01:
b5:c9:7e:83:1a:8f:68:15:28:8a:3c:32:a7:e5:d2:
d0:51:04:71:60:06:42:2a:f0:aa:25:f0:49:ad:19:
20:82:02:c9:92:4b:97:25:96:5e:76:bc:b2:b3:51:
16:96:cf:83:31:e9:e4:6f:48:62:be:6f:bb:16:3b:
74:8c:5f:d4:63:f1:79:e0:57:40:2f:01:2c:03:8f:
7d:af:ce:cd:27:db:b8:e2:26:30:dc:75:7e:7f:de:
9d:9b:79:cd:20:f4:7b:0e:b1:7c:87:8f:4e:53:fd:
fd:31:7f:de:4b:a4:f5:cf:4d:82:07:14:67:d3:2b:
e4:0e:2d:8d:a3:b5:45:0d:41:10:dd:d5:3d:a2:d3:
3e:2f:f5:70:15:65:f2:66:a4:28:76:08:fb:94:8c:
2f:7b:39:5a:54:13:37:ff:ac:3d:5e:d6:9b:07:46:
d6:34:62:95:d8:fa:51:a1:7e:c9:f9:c2:f3:3a:b6:
7e:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:C5:56:18:ED:A0:04:EB:36:71:99:F7:5A:77:0A:16:54:C7:84:93
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e38382e302f32342d3234203d3e2039303039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.88.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:69:30:78:6c:22:51:b0:de:01:91:90:f5:d8:e1:a3:da:40:
09:ce:00:69:b1:7e:95:35:d6:cf:a4:6d:fa:5d:b0:5a:3f:b0:
75:31:d5:87:94:f3:81:e3:a0:37:e9:6e:a1:32:e5:a1:f9:f0:
2b:59:52:b4:b7:e4:90:06:ed:83:06:4d:2a:5c:4d:44:29:c5:
61:ae:7b:b9:c7:5f:b9:96:78:2a:64:5b:87:30:7a:db:ad:b4:
e9:f1:d6:ff:75:1b:cd:2a:66:fe:a9:34:34:1c:21:78:41:39:
e0:90:c6:60:95:3d:d3:b3:69:3e:c7:5f:9a:d8:05:7d:34:c6:
ba:b9:f9:56:47:22:24:4f:67:75:60:d7:d9:f6:89:4e:2d:f9:
a7:7d:b5:50:c3:87:d1:72:83:d0:9c:90:a8:1e:11:4f:67:d9:
21:4e:9b:02:a8:da:a7:d9:7d:33:de:b6:77:6c:a7:02:09:49:
e4:2c:08:7a:49:e0:68:57:4c:86:2b:c1:d0:73:b5:b1:d1:cf:
79:fe:1e:0e:36:28:fc:6f:79:60:2c:f2:47:d8:65:54:db:30:
c3:cc:a1:8e:b8:05:49:96:80:80:58:f0:bd:c3:fb:66:50:c1:
92:11:de:07:55:6b:ab:dd:07:84:1c:da:d6:60:06:26:29:9d:
7b:dc:9a:88
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUR0nlF7pRdRq9KugmXX58b3go0MMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNTA0MjExMDQ5MDNaFw0yNjA0MjAxMDU0MDNaMDMxMTAvBgNV
BAMTKDQ0QzU1NjE4RURBMDA0RUIzNjcxOTlGNzVBNzcwQTE2NTRDNzg0OTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDyGn1I2t96ggbGvLWDvFc/T779
wyzMcRFIVOCR6bI4NXPzD7MGnqkfjut6DOor4tIahwmCdFjpGpnjqzS5mLdxXSvK
jyxEGztwAbXJfoMaj2gVKIo8Mqfl0tBRBHFgBkIq8Kol8EmtGSCCAsmSS5clll52
vLKzURaWz4Mx6eRvSGK+b7sWO3SMX9Rj8XngV0AvASwDj32vzs0n27jiJjDcdX5/
3p2bec0g9HsOsXyHj05T/f0xf95LpPXPTYIHFGfTK+QOLY2jtUUNQRDd1T2i0z4v
9XAVZfJmpCh2CPuUjC97OVpUEzf/rD1e1psHRtY0YpXY+lGhfsn5wvM6tn7HAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQURMVWGO2gBOs2cZn3WncKFlTHhJMwHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM4
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzOTMwMzAzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANWL
WDANBgkqhkiG9w0BAQsFAAOCAQEApmkweGwiUbDeAZGQ9djho9pACc4AabF+lTXW
z6Rt+l2wWj+wdTHVh5TzgeOgN+luoTLlofnwK1lStLfkkAbtgwZNKlxNRCnFYa57
ucdfuZZ4KmRbhzB626206fHW/3UbzSpm/qk0NBwheEE54JDGYJU907NpPsdfmtgF
fTTGurn5VkciJE9ndWDX2faJTi35p321UMOH0XKD0JyQqB4RT2fZIU6bAqjap9l9
M962d2ynAglJ5CwIekngaFdMhivB0HO1sdHPef4eDjYo/G95YCzyR9hlVNsww8yh
jrgFSZaAgFjwvcP7ZlDBkhHeB1Vrq90HhBza1mAGJimde9yaiA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:33:19 2025 by rpki-client