Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e39352e302f32342d3234203d3e2039303039.roa
File: 3231332e3133392e39352e302f32342d3234203d3e2039303039.roa (raw, json)
Hash identifier: CLzyfVEPAwKX3mhx3cFkDV2A+7c3eW1iEPnVFN3/un0=
Subject key identifier: 3C:D4:D3:A9:A9:0B:51:12:42:90:84:A3:A9:26:77:35:5E:27:FB:44
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 78B82B13460334C9FB182500F2CC5883F6A68A68
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e39352e302f32342d3234203d3e2039303039.roa
Signing time: Tue 22 Apr 2025 08:54:03 +0000
ROA not before: Tue 22 Apr 2025 08:49:03 +0000
ROA not after: Tue 21 Apr 2026 08:54:03 +0000
asID: 9009
IP address blocks: 213.139.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:b8:2b:13:46:03:34:c9:fb:18:25:00:f2:cc:58:83:f6:a6:8a:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Apr 22 08:49:03 2025 GMT
Not After : Apr 21 08:54:03 2026 GMT
Subject: CN=3CD4D3A9A90B5112429084A3A92677355E27FB44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:7e:bf:4d:2d:78:f3:e1:12:86:53:e2:f1:92:
a1:29:74:30:ac:db:4b:ea:05:2d:5c:b9:e0:c2:40:
ad:80:07:2b:e3:ea:b7:f7:e7:84:7d:46:20:15:62:
95:ca:bd:58:5e:46:79:12:0a:1b:26:c3:45:24:c6:
d8:10:f9:88:94:af:6e:96:99:17:d7:ae:f1:86:f0:
35:ca:12:d5:61:66:75:e7:f1:ff:dc:41:91:0d:cd:
93:c8:28:2f:b6:2e:ef:b0:a3:37:90:48:85:21:8d:
c1:04:15:03:5a:53:23:f4:23:8b:25:5f:98:26:56:
a6:72:94:67:97:f7:c6:04:ca:f0:a8:d2:53:cc:97:
12:b0:76:31:f5:40:52:88:42:41:a2:4e:e8:15:cb:
85:29:f3:2c:02:96:b6:a5:b0:ff:cf:fd:8c:c1:22:
50:a2:3c:96:f0:a3:39:bd:95:16:b6:53:44:64:56:
d6:03:00:87:34:80:5b:17:ee:3e:31:b7:4d:f8:d2:
0e:b2:55:72:99:1e:26:ce:2b:b9:d4:07:a3:a7:da:
12:00:68:7c:86:ac:98:13:c5:50:35:1b:7a:f7:ef:
ae:16:2d:0c:25:44:13:c1:f5:73:a4:27:15:a9:d6:
ee:ef:78:3d:4f:cd:1d:39:71:cf:58:25:bc:17:cc:
e2:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:D4:D3:A9:A9:0B:51:12:42:90:84:A3:A9:26:77:35:5E:27:FB:44
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e39352e302f32342d3234203d3e2039303039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.95.0/24
Signature Algorithm: sha256WithRSAEncryption
73:be:26:0f:ed:63:3d:f8:f2:17:11:07:ac:91:47:5c:f1:e7:
f4:39:c2:99:09:a6:27:7c:90:35:8c:c6:b7:10:3e:93:66:d5:
6c:6a:cd:1d:da:ac:b5:e5:62:f7:85:ef:8b:63:eb:cf:6a:cb:
b9:5e:b9:83:9c:5c:c0:36:de:a2:be:00:2b:3c:70:fc:cb:e7:
9a:09:93:2c:e1:70:94:6e:ac:56:dd:14:4d:62:d6:79:36:9f:
e9:8b:af:3a:8f:e7:23:2a:24:3a:db:47:f4:69:d1:74:25:a3:
78:b9:68:eb:d4:be:91:66:76:c9:65:3c:7e:d0:a7:eb:7d:6f:
ee:fc:7e:00:4d:5a:2d:93:12:22:9b:d1:7e:13:45:97:b9:8c:
76:c9:83:25:8d:1f:39:78:40:3e:1b:07:1a:62:dd:d8:f3:2f:
24:36:14:76:61:9a:97:56:0d:b2:60:0d:64:9f:bc:2c:ab:2f:
7f:9e:ba:31:8f:9a:88:be:6e:6f:c2:1a:32:18:0c:a6:21:5e:
30:ba:47:ef:a9:dd:9f:97:27:44:54:15:ca:46:2c:35:88:c6:
20:84:83:91:9e:bc:27:88:b2:50:17:f9:47:2d:08:a9:9a:68:
cc:c4:5e:11:f2:e7:d6:76:ff:2d:c4:ed:30:45:af:64:47:34:
70:c9:6a:d9
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUeLgrE0YDNMn7GCUA8sxYg/amimgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNTA0MjIwODQ5MDNaFw0yNjA0MjEwODU0MDNaMDMxMTAvBgNV
BAMTKDNDRDREM0E5QTkwQjUxMTI0MjkwODRBM0E5MjY3NzM1NUUyN0ZCNDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCJfr9NLXjz4RKGU+LxkqEpdDCs
20vqBS1cueDCQK2AByvj6rf354R9RiAVYpXKvVheRnkSChsmw0UkxtgQ+YiUr26W
mRfXrvGG8DXKEtVhZnXn8f/cQZENzZPIKC+2Lu+wozeQSIUhjcEEFQNaUyP0I4sl
X5gmVqZylGeX98YEyvCo0lPMlxKwdjH1QFKIQkGiTugVy4Up8ywClralsP/P/YzB
IlCiPJbwozm9lRa2U0RkVtYDAIc0gFsX7j4xt0340g6yVXKZHibOK7nUB6On2hIA
aHyGrJgTxVA1G3r3764WLQwlRBPB9XOkJxWp1u7veD1PzR05cc9YJbwXzOLvAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUPNTTqakLURJCkISjqSZ3NV4n+0QwHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM5
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzOTMwMzAzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANWL
XzANBgkqhkiG9w0BAQsFAAOCAQEAc74mD+1jPfjyFxEHrJFHXPHn9DnCmQmmJ3yQ
NYzGtxA+k2bVbGrNHdqsteVi94Xvi2Prz2rLuV65g5xcwDbeor4AKzxw/MvnmgmT
LOFwlG6sVt0UTWLWeTaf6YuvOo/nIyokOttH9GnRdCWjeLlo69S+kWZ2yWU8ftCn
631v7vx+AE1aLZMSIpvRfhNFl7mMdsmDJY0fOXhAPhsHGmLd2PMvJDYUdmGal1YN
smANZJ+8LKsvf566MY+aiL5ub8IaMhgMpiFeMLpH76ndn5cnRFQVykYsNYjGIISD
kZ68J4iyUBf5Ry0IqZpozMReEfLn1nb/LcTtMEWvZEc0cMlq2Q==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:52:10 2025 by rpki-client