Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3135322e38392e3132372e302f32342d3234203d3e20333938373034.roa
File: 3135322e38392e3132372e302f32342d3234203d3e20333938373034.roa (raw, json)
Hash identifier: CVDX6qjMEoJM4bDxHCsjP9L7vyMObJAMK+01ZYFldlw=
Subject key identifier: E1:78:52:5B:68:9D:BB:D5:74:BB:BE:7D:D0:31:A7:5E:81:6D:43:AE
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 5C8C20F439C85520BCB8C1D4DD8046F78E9B0433
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3135322e38392e3132372e302f32342d3234203d3e20333938373034.roa
Signing time: Mon 19 May 2025 10:36:09 +0000
ROA not before: Mon 19 May 2025 10:31:09 +0000
ROA not after: Mon 18 May 2026 10:36:09 +0000
asID: 398704
IP address blocks: 152.89.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 22:19:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:8c:20:f4:39:c8:55:20:bc:b8:c1:d4:dd:80:46:f7:8e:9b:04:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: May 19 10:31:09 2025 GMT
Not After : May 18 10:36:09 2026 GMT
Subject: CN=E178525B689DBBD574BBBE7DD031A75E816D43AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ac:5e:95:cb:80:2f:64:df:99:4e:15:45:6c:
a6:12:70:d9:c3:99:fb:c5:8e:af:64:b3:9a:5e:5c:
f1:ca:d1:c3:1b:c1:dc:82:8d:4d:4c:c4:f5:d3:0b:
9e:ef:4e:73:da:6e:68:81:37:f0:80:af:25:d9:82:
c3:81:05:50:8e:4e:95:dd:c3:81:b1:f9:5a:e5:91:
de:7d:57:47:b9:c1:6a:52:d5:34:ea:c5:6e:8c:43:
5e:e1:29:50:7e:a0:b7:d7:fa:49:13:5a:16:80:7b:
6b:ee:2b:8c:5a:9d:bd:36:57:d8:ab:17:c0:45:a6:
10:54:14:35:f2:4e:cf:9b:bb:5d:9c:b9:21:fe:52:
8c:b3:74:43:f6:d0:21:34:1d:23:30:d9:8f:7c:0b:
a8:c5:88:1b:0d:f8:8c:cd:5d:48:ee:7e:e0:c8:26:
b5:03:19:ea:9d:e6:8b:a3:4f:8d:2d:f8:ef:a6:19:
08:20:59:66:ee:2c:b6:71:b2:c4:a9:ac:68:90:6b:
52:6e:da:89:5c:5a:6d:a2:66:44:fd:f5:ca:9d:51:
62:09:62:88:f2:88:fe:09:89:ed:9c:83:14:1e:46:
e8:99:8a:fe:df:46:c7:bb:ac:86:0b:f3:d4:29:7d:
dd:58:9d:04:1e:02:b5:ed:01:2d:5a:cb:f1:06:b6:
b0:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:78:52:5B:68:9D:BB:D5:74:BB:BE:7D:D0:31:A7:5E:81:6D:43:AE
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3135322e38392e3132372e302f32342d3234203d3e20333938373034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.127.0/24
Signature Algorithm: sha256WithRSAEncryption
67:f4:5a:ad:fa:47:7f:75:6e:eb:5a:af:59:d4:da:22:1d:83:
d5:03:ca:e3:14:e1:14:15:d3:92:85:0d:08:36:2c:f3:b8:89:
00:e1:86:b3:16:fa:68:73:ae:11:8f:c6:ac:e6:93:87:63:c3:
81:1f:f3:4b:64:0e:99:4e:94:c3:79:a3:78:7e:40:1c:45:fc:
58:6f:04:d7:4e:f5:30:5d:c3:f7:44:4f:a5:85:74:3c:a4:bf:
6a:c7:48:3d:e4:07:6d:c0:16:90:4c:3f:63:d0:f5:88:92:a3:
15:aa:07:2a:d1:77:77:8b:c5:5d:cd:ed:56:45:d3:e3:f6:5b:
16:1d:be:31:a0:c8:ba:c9:b9:df:0f:6e:7c:2e:3e:b8:28:9d:
2a:b1:be:0d:a8:3f:42:5b:e1:d7:89:0e:08:41:88:49:ad:fc:
48:f6:18:f5:e7:bc:91:b3:e0:92:36:e5:f1:3b:89:1a:05:10:
1f:47:24:71:f9:34:00:70:a9:89:bf:4f:ff:3b:ae:e8:66:b2:
34:64:8d:d7:ee:63:c3:7b:f9:38:8e:89:b2:57:97:72:32:a5:
fb:cf:3d:74:19:c0:73:df:d2:f4:32:ed:0a:36:bc:29:0f:e5:
21:54:c0:0d:67:c0:e7:c8:aa:94:42:f9:24:df:f0:29:2e:27:
51:85:c3:a7
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUXIwg9DnIVSC8uMHU3YBG946bBDMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTA1MTkxMDMxMDlaFw0yNjA1MTgxMDM2MDlaMDMxMTAvBgNV
BAMTKEUxNzg1MjVCNjg5REJCRDU3NEJCQkU3REQwMzFBNzVFODE2RDQzQUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYrF6Vy4AvZN+ZThVFbKYScNnD
mfvFjq9ks5peXPHK0cMbwdyCjU1MxPXTC57vTnPabmiBN/CAryXZgsOBBVCOTpXd
w4Gx+Vrlkd59V0e5wWpS1TTqxW6MQ17hKVB+oLfX+kkTWhaAe2vuK4xanb02V9ir
F8BFphBUFDXyTs+bu12cuSH+UoyzdEP20CE0HSMw2Y98C6jFiBsN+IzNXUjufuDI
JrUDGeqd5oujT40t+O+mGQggWWbuLLZxssSprGiQa1Ju2olcWm2iZkT99cqdUWIJ
YojyiP4Jie2cgxQeRuiZiv7fRse7rIYL89Qpfd1YnQQeArXtAS1ay/EGtrBjAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU4XhSW2idu9V0u7590DGnXoFtQ64wHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzNTMyMmUzODM5MmUzMTMy
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzgzNzMwMzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACYWX8wDQYJKoZIhvcNAQELBQADggEBAGf0Wq36R391butar1nU2iIdg9UDyuMU
4RQV05KFDQg2LPO4iQDhhrMW+mhzrhGPxqzmk4djw4Ef80tkDplOlMN5o3h+QBxF
/FhvBNdO9TBdw/dET6WFdDykv2rHSD3kB23AFpBMP2PQ9YiSoxWqByrRd3eLxV3N
7VZF0+P2WxYdvjGgyLrJud8PbnwuPrgonSqxvg2oP0Jb4deJDghBiEmt/Ej2GPXn
vJGz4JI25fE7iRoFEB9HJHH5NABwqYm/T/87ruhmsjRkjdfuY8N7+TiOibJXl3Iy
pfvPPXQZwHPf0vQy7Qo2vCkP5SFUwA1nwOfIqpRC+STf8CkuJ1GFw6c=
-----END CERTIFICATE-----
Generated at Sun Jun 15 07:45:30 2025 by rpki-client