Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e39322e302f32342d3234203d3e20383334.roa
File: 3231332e3133392e39322e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: v0tNFH1u/s9uww1+x0zLopoqAlrYrdWeRhsSzqaLV6I=
Subject key identifier: 6A:B8:64:91:1E:AD:B6:79:F5:E6:FB:16:89:F8:9E:EB:97:96:48:BC
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 14CD48CCFA647C8CA1074BA86CB6946EA353BB10
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e39322e302f32342d3234203d3e20383334.roa
Signing time: Tue 22 Apr 2025 08:54:03 +0000
ROA not before: Tue 22 Apr 2025 08:49:03 +0000
ROA not after: Tue 21 Apr 2026 08:54:03 +0000
asID: 834
IP address blocks: 213.139.92.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 00:36:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:cd:48:cc:fa:64:7c:8c:a1:07:4b:a8:6c:b6:94:6e:a3:53:bb:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Apr 22 08:49:03 2025 GMT
Not After : Apr 21 08:54:03 2026 GMT
Subject: CN=6AB864911EADB679F5E6FB1689F89EEB979648BC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:bd:25:3d:35:cf:f3:f3:7d:e4:75:a2:38:76:
b3:da:30:e1:9a:6b:ad:c1:f0:84:0a:08:9b:27:e7:
e4:99:f4:32:59:06:a3:6b:48:1e:81:88:18:1a:2e:
47:6f:b6:1a:1f:36:56:4d:2e:b7:6e:fa:07:51:88:
9f:56:16:b8:e1:3d:60:1c:eb:72:4b:63:90:9d:ef:
4a:f3:91:ce:be:45:bd:18:cb:56:60:9c:b6:92:fe:
26:af:6a:4e:2c:85:f8:ab:33:ba:b8:80:37:bb:2d:
3b:38:3c:3f:af:09:b4:d8:b1:01:de:76:9e:ed:43:
82:a1:bd:2d:20:15:fd:b2:52:2b:87:2b:41:62:50:
25:08:67:de:2d:08:95:11:5e:62:18:c1:09:2c:d1:
66:9e:02:49:a5:c1:ca:8b:5d:a9:00:98:b4:92:1d:
3a:d2:1a:31:c7:25:91:52:06:0c:dd:ec:aa:51:b3:
55:38:31:ec:a4:d7:76:a9:04:10:66:d4:94:d1:da:
3d:03:36:f3:74:27:e4:4e:57:e1:41:36:b5:16:c9:
bf:61:9f:26:da:5b:dd:8b:a2:ca:66:5e:d1:59:15:
37:95:d4:2d:ac:4e:db:08:9b:3f:ed:97:37:d1:53:
3a:62:a7:07:9a:35:0b:de:4f:97:ae:64:6d:91:e3:
42:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:B8:64:91:1E:AD:B6:79:F5:E6:FB:16:89:F8:9E:EB:97:96:48:BC
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e39322e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.92.0/24
Signature Algorithm: sha256WithRSAEncryption
97:5c:76:cd:75:c3:68:7d:68:dc:0e:d1:29:b3:50:c3:a3:31:
a9:dc:8a:a1:17:f7:cb:d5:fe:70:50:6b:03:9e:95:99:98:15:
9a:0f:1a:1e:98:45:8d:8b:f4:09:9b:0b:0e:7f:7c:e4:09:e4:
7a:56:90:9b:be:53:cb:3d:44:ac:8a:87:e5:14:45:9a:5f:44:
48:7e:96:08:5c:73:db:ff:8e:65:ad:3a:0f:d4:12:f1:c4:00:
38:d3:ad:11:81:be:e5:fa:1c:7b:4e:dd:55:49:5c:cf:32:9c:
29:bf:a7:f9:53:38:95:61:9e:2f:ee:ab:2c:68:cd:98:01:93:
e8:f1:c0:76:1f:9d:c0:5c:22:b9:7a:5f:eb:a2:f3:e7:3d:62:
6a:4f:fd:5a:02:cc:59:05:f3:e4:1b:b5:28:8c:9b:3b:1f:6c:
61:23:22:af:22:75:82:84:2d:ab:f8:52:55:c8:a1:21:dc:89:
78:bf:54:99:35:8b:05:98:08:a9:6c:5c:13:73:75:da:6b:1e:
8e:af:40:26:cb:9b:af:df:d4:12:84:6e:cb:8f:0e:07:5f:fc:
95:42:37:c9:f7:5e:6f:d6:d1:f5:56:16:31:07:09:68:47:89:
da:f3:5a:3d:ba:ad:bd:d6:96:e3:b9:dd:37:e9:7b:3e:f6:9b:
54:2d:a0:8c
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUFM1IzPpkfIyhB0uobLaUbqNTuxAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNTA0MjIwODQ5MDNaFw0yNjA0MjEwODU0MDNaMDMxMTAvBgNV
BAMTKDZBQjg2NDkxMUVBREI2NzlGNUU2RkIxNjg5Rjg5RUVCOTc5NjQ4QkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfvSU9Nc/z833kdaI4drPaMOGa
a63B8IQKCJsn5+SZ9DJZBqNrSB6BiBgaLkdvthofNlZNLrdu+gdRiJ9WFrjhPWAc
63JLY5Cd70rzkc6+Rb0Yy1ZgnLaS/iavak4shfirM7q4gDe7LTs4PD+vCbTYsQHe
dp7tQ4KhvS0gFf2yUiuHK0FiUCUIZ94tCJURXmIYwQks0WaeAkmlwcqLXakAmLSS
HTrSGjHHJZFSBgzd7KpRs1U4Meyk13apBBBm1JTR2j0DNvN0J+ROV+FBNrUWyb9h
nybaW92LospmXtFZFTeV1C2sTtsImz/tlzfRUzpipweaNQveT5euZG2R40INAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUarhkkR6ttnn15vsWifie65eWSLwwHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM5
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADVi1ww
DQYJKoZIhvcNAQELBQADggEBAJdcds11w2h9aNwO0SmzUMOjManciqEX98vV/nBQ
awOelZmYFZoPGh6YRY2L9AmbCw5/fOQJ5HpWkJu+U8s9RKyKh+UURZpfREh+lghc
c9v/jmWtOg/UEvHEADjTrRGBvuX6HHtO3VVJXM8ynCm/p/lTOJVhni/uqyxozZgB
k+jxwHYfncBcIrl6X+ui8+c9YmpP/VoCzFkF8+QbtSiMmzsfbGEjIq8idYKELav4
UlXIoSHciXi/VJk1iwWYCKlsXBNzddprHo6vQCbLm6/f1BKEbsuPDgdf/JVCN8n3
Xm/W0fVWFjEHCWhHidrzWj26rb3WluO53Tfpez72m1QtoIw=
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:52:05 2025 by rpki-client