Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3231322e32342e3132372e302f32342d3234203d3e20333935333734.roa
File: 3231322e32342e3132372e302f32342d3234203d3e20333935333734.roa (raw, json)
Hash identifier: E6+WIeNRGP+wCUDrBky4NzmdexZ46H10vX04h8owd1w=
Subject key identifier: 26:3D:04:91:57:BA:2F:E3:3C:AC:FF:75:0E:B7:2A:98:6A:47:BE:B1
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 68939D4B0BFE1C44F99E6E23F2F530BACF1E4D89
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3231322e32342e3132372e302f32342d3234203d3e20333935333734.roa
Signing time: Tue 22 Apr 2025 02:11:52 +0000
ROA not before: Tue 22 Apr 2025 02:06:52 +0000
ROA not after: Tue 21 Apr 2026 02:11:52 +0000
asID: 395374
IP address blocks: 212.24.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 13:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:93:9d:4b:0b:fe:1c:44:f9:9e:6e:23:f2:f5:30:ba:cf:1e:4d:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Apr 22 02:06:52 2025 GMT
Not After : Apr 21 02:11:52 2026 GMT
Subject: CN=263D049157BA2FE33CACFF750EB72A986A47BEB1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:1f:24:3d:63:91:1f:a0:e4:f0:a6:9b:62:65:
a2:cb:3e:fe:9a:91:c8:74:d7:4f:e1:c0:e0:84:b7:
87:23:39:42:3d:1f:0b:1c:55:4f:26:7c:5b:ee:f7:
c7:3d:db:e9:0e:78:cb:fc:12:23:9b:bf:75:02:17:
8b:76:73:f9:ba:fa:7e:f0:5a:0a:30:4b:c3:50:a3:
4e:9d:41:3f:30:8c:0c:c0:7c:01:1f:0e:e3:2c:a0:
af:2d:61:c5:e4:df:cc:50:98:65:66:59:64:46:56:
0f:57:19:9b:4a:f0:4a:07:30:c5:71:ca:e7:a4:a8:
3b:8a:59:e5:f3:30:1a:33:17:38:5d:79:36:26:19:
69:3c:bb:31:d6:9f:f7:e2:b4:81:19:f4:31:7a:d0:
4f:35:a9:ae:8e:d6:db:03:33:b5:58:d7:eb:da:28:
ac:80:ef:dd:68:07:33:18:c1:9b:d7:be:cf:40:83:
20:9e:5c:06:fd:29:7d:cf:0c:53:45:64:c6:18:e8:
e3:d2:82:7a:fd:1b:56:fb:04:c0:19:93:68:98:82:
94:d0:bd:d3:7d:3f:0b:90:d3:a8:5d:b3:b5:04:46:
f5:be:f8:6f:bc:cc:a8:e3:45:4b:6d:cc:2b:b0:c6:
7f:e8:9a:fd:5c:d9:65:a4:82:b6:de:ab:6c:f8:52:
db:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:3D:04:91:57:BA:2F:E3:3C:AC:FF:75:0E:B7:2A:98:6A:47:BE:B1
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3231322e32342e3132372e302f32342d3234203d3e20333935333734.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.24.127.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:45:47:8d:5e:18:37:d7:48:aa:44:04:4f:4c:77:57:89:1c:
72:67:bd:1d:0f:73:ed:10:97:b7:82:ea:db:4f:bf:3a:5c:9c:
7b:c3:1e:88:da:73:15:95:c3:40:7b:b1:2d:d4:65:b7:b6:e4:
15:f2:1f:3d:86:35:31:ba:62:1d:95:d5:e1:42:61:73:55:78:
6d:ea:ed:77:81:cf:0e:b2:32:66:93:3d:0b:95:01:fa:f2:2a:
7f:32:10:1a:f6:b7:47:22:9c:66:84:80:07:8a:90:ca:e5:1b:
a1:94:e0:66:1c:b4:a9:38:5a:3d:fb:01:63:f0:29:12:a8:35:
39:9d:a5:1f:e3:01:79:e9:c9:b4:12:0a:fd:7b:85:36:f9:f6:
8c:9e:f6:dd:e4:4d:72:51:ab:4e:b8:9a:49:a3:57:1a:e1:77:
c3:5c:54:4e:58:9f:36:9a:24:77:2a:ae:be:dc:82:01:84:01:
4f:eb:20:c4:aa:66:e9:62:a9:7e:13:4e:18:07:04:97:a5:10:
86:dc:32:b2:ba:d9:98:80:c1:8b:6f:b4:c1:c7:df:84:d1:56:
04:58:e9:91:0a:ca:44:3c:69:f5:de:45:bb:1d:0b:11:d6:59:
07:6e:ab:0b:a5:fc:37:3c:88:f0:5e:d4:7b:61:b0:4b:e0:cd:
51:11:4d:46
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUaJOdSwv+HET5nm4j8vUwus8eTYkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNTA0MjIwMjA2NTJaFw0yNjA0MjEwMjExNTJaMDMxMTAvBgNV
BAMTKDI2M0QwNDkxNTdCQTJGRTMzQ0FDRkY3NTBFQjcyQTk4NkE0N0JFQjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkHyQ9Y5EfoOTwpptiZaLLPv6a
kch010/hwOCEt4cjOUI9HwscVU8mfFvu98c92+kOeMv8EiObv3UCF4t2c/m6+n7w
WgowS8NQo06dQT8wjAzAfAEfDuMsoK8tYcXk38xQmGVmWWRGVg9XGZtK8EoHMMVx
yuekqDuKWeXzMBozFzhdeTYmGWk8uzHWn/fitIEZ9DF60E81qa6O1tsDM7VY1+va
KKyA791oBzMYwZvXvs9AgyCeXAb9KX3PDFNFZMYY6OPSgnr9G1b7BMAZk2iYgpTQ
vdN9PwuQ06hds7UERvW++G+8zKjjRUttzCuwxn/omv1c2WWkgrbeq2z4UttXAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUJj0EkVe6L+M8rP91DrcqmGpHvrEwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzIzMTMyMmUzMjM0MmUzMTMy
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzUzMzM3MzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADUGH8wDQYJKoZIhvcNAQELBQADggEBAB1FR41eGDfXSKpEBE9Md1eJHHJnvR0P
c+0Ql7eC6ttPvzpcnHvDHojacxWVw0B7sS3UZbe25BXyHz2GNTG6Yh2V1eFCYXNV
eG3q7XeBzw6yMmaTPQuVAfryKn8yEBr2t0cinGaEgAeKkMrlG6GU4GYctKk4Wj37
AWPwKRKoNTmdpR/jAXnpybQSCv17hTb59oye9t3kTXJRq064mkmjVxrhd8NcVE5Y
nzaaJHcqrr7cggGEAU/rIMSqZuliqX4TThgHBJelEIbcMrK62ZiAwYtvtMHH34TR
VgRY6ZEKykQ8afXeRbsdCxHWWQduqwul/Dc8iPBe1HthsEvgzVERTUY=
-----END CERTIFICATE-----
Generated at Sun Apr 27 01:09:09 2025 by rpki-client