Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139352e302f32342d3234203d3e20323133363638.roa
File: 3139342e33312e3139352e302f32342d3234203d3e20323133363638.roa (raw, json)
Hash identifier: tD4GyhGOomU4ZODP9QGqyOztFfw1vKOkCjucViT/SZg=
Subject key identifier: F3:C6:F7:34:7C:4D:B8:94:59:68:ED:40:33:7E:79:7D:CC:10:BA:3C
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 7B7D672A4DCF018D5763A0FD887743D32A7DC6FE
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139352e302f32342d3234203d3e20323133363638.roa
Signing time: Fri 25 Apr 2025 08:25:17 +0000
ROA not before: Fri 25 Apr 2025 08:20:17 +0000
ROA not after: Fri 24 Apr 2026 08:25:17 +0000
asID: 213668
IP address blocks: 194.31.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 00:30:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:7d:67:2a:4d:cf:01:8d:57:63:a0:fd:88:77:43:d3:2a:7d:c6:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Apr 25 08:20:17 2025 GMT
Not After : Apr 24 08:25:17 2026 GMT
Subject: CN=F3C6F7347C4DB8945968ED40337E797DCC10BA3C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e0:58:a8:2b:56:f8:69:82:97:51:33:75:63:
06:65:e0:4c:64:51:3d:1f:ac:95:87:de:71:80:44:
1d:fc:73:60:89:24:51:6a:df:ab:87:7f:c6:3f:bd:
18:06:bf:8b:ea:fa:54:a3:e9:e0:16:56:6d:c9:a2:
a8:76:28:52:2b:ff:92:2e:10:52:0c:86:0e:27:14:
db:ed:52:63:53:86:2c:24:09:70:cc:ba:7b:75:f8:
3c:af:03:23:c8:4d:bc:06:39:9b:b1:59:46:bc:10:
a7:d6:da:0b:53:09:3a:bf:d7:81:e8:e4:e5:48:22:
61:de:f2:a3:93:e1:7e:5f:26:bf:fd:e1:48:0e:a2:
67:d9:74:d9:43:50:28:58:1d:16:ab:91:e1:9c:2a:
3b:f6:e3:4b:7a:2f:56:c2:09:5c:9d:03:1a:27:e9:
00:cb:72:88:32:fc:1a:4e:26:6a:c1:be:fc:d3:fb:
a1:cb:0b:84:be:6f:fe:57:de:ad:14:30:0f:ee:3f:
62:a3:99:86:d6:67:35:e2:5b:53:18:3f:d5:f7:e0:
d0:45:17:1a:cc:c0:51:a1:a6:78:dd:ba:8e:ca:8f:
53:26:ef:55:36:45:a9:f2:d9:c2:24:03:4e:ef:6e:
dd:46:8f:c8:06:a6:38:26:4c:3a:d8:8a:4c:de:01:
92:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:C6:F7:34:7C:4D:B8:94:59:68:ED:40:33:7E:79:7D:CC:10:BA:3C
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139352e302f32342d3234203d3e20323133363638.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.195.0/24
Signature Algorithm: sha256WithRSAEncryption
59:d0:70:73:3b:21:97:ce:63:38:43:e2:6c:5b:6d:ea:3b:46:
95:91:ee:63:9d:71:e3:27:a3:7c:40:53:9c:88:05:ed:bc:15:
c7:ef:db:85:ff:00:df:45:82:54:de:b7:58:3a:5d:86:af:fa:
c5:7e:32:dd:92:4d:57:a1:b2:9c:a1:c9:13:37:b4:81:36:c1:
42:80:94:b3:ee:98:cb:47:c5:1f:9c:81:97:82:69:21:4e:36:
55:3c:8e:1d:10:33:1d:10:fb:a5:fd:26:33:ef:a7:10:8f:37:
25:af:b8:31:ac:41:b6:aa:2a:60:f9:24:59:92:0a:7f:bc:68:
10:f3:9a:86:8c:44:db:e9:6d:10:e6:36:52:fc:69:61:f7:d9:
71:cb:12:35:69:f6:5e:11:98:73:e7:61:20:f7:c9:e4:14:8e:
c8:17:ad:6a:20:5e:f8:72:be:b7:4b:95:cf:ad:42:25:5a:9c:
d4:e3:98:85:8b:51:ea:39:22:18:a0:38:8f:2b:cf:fc:f5:00:
96:a1:3f:81:da:c4:d4:2f:3e:c2:b7:48:b1:fe:02:87:29:68:
b3:83:2a:c3:86:7f:c7:6c:21:9d:b1:eb:b3:a0:3e:e2:05:b8:
79:92:df:18:2d:db:41:0a:91:a7:09:d2:ec:ee:53:3e:6e:da:
72:84:59:29
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUe31nKk3PAY1XY6D9iHdD0yp9xv4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNTA0MjUwODIwMTdaFw0yNjA0MjQwODI1MTdaMDMxMTAvBgNV
BAMTKEYzQzZGNzM0N0M0REI4OTQ1OTY4RUQ0MDMzN0U3OTdEQ0MxMEJBM0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCn4FioK1b4aYKXUTN1YwZl4Exk
UT0frJWH3nGARB38c2CJJFFq36uHf8Y/vRgGv4vq+lSj6eAWVm3Joqh2KFIr/5Iu
EFIMhg4nFNvtUmNThiwkCXDMunt1+DyvAyPITbwGOZuxWUa8EKfW2gtTCTq/14Ho
5OVIImHe8qOT4X5fJr/94UgOomfZdNlDUChYHRarkeGcKjv240t6L1bCCVydAxon
6QDLcogy/BpOJmrBvvzT+6HLC4S+b/5X3q0UMA/uP2KjmYbWZzXiW1MYP9X34NBF
FxrMwFGhpnjduo7Kj1Mm71U2Rany2cIkA07vbt1Gj8gGpjgmTDrYikzeAZIvAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU88b3NHxNuJRZaO1AM355fcwQujwwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzEzOTM0MmUzMzMxMmUzMTM5
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzMzNjM2Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCH8MwDQYJKoZIhvcNAQELBQADggEBAFnQcHM7IZfOYzhD4mxbbeo7RpWR7mOd
ceMno3xAU5yIBe28Fcfv24X/AN9FglTet1g6XYav+sV+Mt2STVehspyhyRM3tIE2
wUKAlLPumMtHxR+cgZeCaSFONlU8jh0QMx0Q+6X9JjPvpxCPNyWvuDGsQbaqKmD5
JFmSCn+8aBDzmoaMRNvpbRDmNlL8aWH32XHLEjVp9l4RmHPnYSD3yeQUjsgXrWog
XvhyvrdLlc+tQiVanNTjmIWLUeo5IhigOI8rz/z1AJahP4HaxNQvPsK3SLH+Aocp
aLODKsOGf8dsIZ2x67OgPuIFuHmS3xgt20EKkacJ0uzuUz5u2nKEWSk=
-----END CERTIFICATE-----
Generated at Sun Apr 27 17:58:02 2025 by rpki-client