Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3137322e302f32342d3234203d3e20313937343737.roa
File: 39352e3231342e3137322e302f32342d3234203d3e20313937343737.roa (raw, json)
Hash identifier: PxR9Gj8WOc/7LwGO5t67j8SuO3iXayzi64SIiemjFkw=
Subject key identifier: 69:92:23:D4:27:FE:3A:AA:12:41:A9:8C:C0:74:2D:AF:BF:3B:9C:25
Certificate issuer: /CN=92f49de8684f1287f4f6cb185d5cf7de80c90b94
Certificate serial: 0ECAAB33CE232C6DFAB50CC80E56FCE3C49920E2
Authority key identifier: 92:F4:9D:E8:68:4F:12:87:F4:F6:CB:18:5D:5C:F7:DE:80:C9:0B:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3137322e302f32342d3234203d3e20313937343737.roa
Signing time: Tue 22 Apr 2025 06:57:23 +0000
ROA not before: Tue 22 Apr 2025 06:52:23 +0000
ROA not after: Tue 21 Apr 2026 06:57:23 +0000
asID: 197477
IP address blocks: 95.214.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.crl
rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.mft
rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 01 May 2025 15:17:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:ca:ab:33:ce:23:2c:6d:fa:b5:0c:c8:0e:56:fc:e3:c4:99:20:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92f49de8684f1287f4f6cb185d5cf7de80c90b94
Validity
Not Before: Apr 22 06:52:23 2025 GMT
Not After : Apr 21 06:57:23 2026 GMT
Subject: CN=699223D427FE3AAA1241A98CC0742DAFBF3B9C25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:12:ba:c4:b8:b4:2a:74:9b:78:2d:4e:82:11:
70:67:56:82:c5:0b:ca:46:b3:6c:f0:e9:88:72:ae:
56:d3:2a:46:3b:28:d9:8a:8c:3a:32:cb:80:75:ae:
66:bf:b7:1b:af:66:1b:b7:66:91:4f:09:4b:50:3f:
2f:cf:e2:06:05:2a:23:7c:e9:cf:94:e9:aa:21:3d:
de:c1:ac:c0:88:04:9c:30:97:94:f6:43:85:b6:60:
6c:70:17:12:b4:e2:13:b2:84:8c:66:21:e1:6f:0b:
a2:78:4e:f7:1a:79:3a:5c:c9:74:78:2f:e3:6a:3c:
54:6f:c9:ea:c7:02:0c:b5:16:17:5c:d0:aa:3f:2e:
9e:a5:12:e1:d7:c2:9f:79:4e:db:07:d3:2e:29:a4:
a5:19:44:0a:cd:9a:30:2b:76:b5:cb:bc:a2:ca:e0:
40:a3:01:2d:be:94:2e:fa:59:33:e1:07:f7:fb:5a:
df:41:5f:a3:2f:85:6b:17:9e:c1:95:bc:6d:ac:c8:
da:2c:2b:a3:39:e6:9a:99:6b:11:f1:69:d6:9c:0f:
99:39:7a:3b:ed:2a:ed:a0:2a:6c:71:26:b3:1e:3c:
f9:5e:bd:2b:71:f6:aa:3b:1f:8b:01:60:07:c8:66:
c2:ba:e2:22:ac:46:12:0b:9c:84:51:8b:d2:ad:b6:
e8:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:92:23:D4:27:FE:3A:AA:12:41:A9:8C:C0:74:2D:AF:BF:3B:9C:25
X509v3 Authority Key Identifier:
keyid:92:F4:9D:E8:68:4F:12:87:F4:F6:CB:18:5D:5C:F7:DE:80:C9:0B:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3137322e302f32342d3234203d3e20313937343737.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.172.0/24
Signature Algorithm: sha256WithRSAEncryption
07:28:d0:c0:22:85:0b:1b:04:66:db:2b:3a:e4:f4:f1:61:cb:
8a:5d:32:16:53:1e:c9:0d:9c:68:14:3f:fd:2d:80:15:a0:77:
0b:0d:2d:09:ec:36:5a:a3:fe:b8:40:d3:e1:a5:0f:7b:54:40:
ce:6c:da:23:35:f8:19:96:77:d1:14:cb:09:2e:fb:6b:e8:96:
f6:db:16:63:1c:f3:94:41:b3:04:22:07:c2:72:85:c0:c8:7a:
92:ba:21:7e:92:2c:d3:9d:19:1a:67:49:4b:70:4f:be:7b:cd:
22:85:8b:d9:e3:b0:80:b7:73:85:a6:86:fc:3b:90:05:d6:01:
4f:cc:08:c9:35:55:d7:26:f0:50:12:fd:78:45:d2:1c:a7:2b:
75:e8:d3:97:a4:cf:95:41:22:5d:2c:dc:72:5b:b0:89:bd:92:
bc:c1:1c:15:d6:44:16:47:a5:b4:75:c2:ca:42:c1:45:44:17:
4e:23:a4:3d:3c:fc:06:21:62:37:4a:64:a5:18:5d:dc:62:79:
e7:ad:13:75:60:10:a4:ab:46:00:05:c2:00:f2:61:d8:92:44:
aa:02:13:f2:8c:dd:99:1f:e4:03:80:45:34:35:81:e3:ba:da:
81:b7:81:69:d2:65:c0:fa:31:ad:15:8e:8d:52:bc:e9:9a:cd:
b6:f1:73:b8
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUDsqrM84jLG36tQzIDlb848SZIOIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTJmNDlkZTg2ODRmMTI4N2Y0ZjZjYjE4NWQ1Y2Y3ZGU4
MGM5MGI5NDAeFw0yNTA0MjIwNjUyMjNaFw0yNjA0MjEwNjU3MjNaMDMxMTAvBgNV
BAMTKDY5OTIyM0Q0MjdGRTNBQUExMjQxQTk4Q0MwNzQyREFGQkYzQjlDMjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeErrEuLQqdJt4LU6CEXBnVoLF
C8pGs2zw6YhyrlbTKkY7KNmKjDoyy4B1rma/txuvZhu3ZpFPCUtQPy/P4gYFKiN8
6c+U6aohPd7BrMCIBJwwl5T2Q4W2YGxwFxK04hOyhIxmIeFvC6J4TvcaeTpcyXR4
L+NqPFRvyerHAgy1Fhdc0Ko/Lp6lEuHXwp95TtsH0y4ppKUZRArNmjArdrXLvKLK
4ECjAS2+lC76WTPhB/f7Wt9BX6MvhWsXnsGVvG2syNosK6M55pqZaxHxadacD5k5
ejvtKu2gKmxxJrMePPlevStx9qo7H4sBYAfIZsK64iKsRhILnIRRi9KttujtAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUaZIj1Cf+OqoSQamMwHQtr787nCUwHwYDVR0j
BBgwFoAUkvSd6GhPEof09ssYXVz33oDJC5QwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNjA5MjMzODktMmJkZS00M2UwLWIwZDUtZmMyNDRhNjMw
M2QwLzAvOTJGNDlERTg2ODRGMTI4N0Y0RjZDQjE4NUQ1Q0Y3REU4MEM5MEI5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2t2U2Q2R2hQRW9mMDlzc1lYVnozM29E
SkM1US5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNjA5MjMzODkt
MmJkZS00M2UwLWIwZDUtZmMyNDRhNjMwM2QwLzAvMzkzNTJlMzIzMTM0MmUzMTM3
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM5MzczNDM3Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABf1qwwDQYJKoZIhvcNAQELBQADggEBAAco0MAihQsbBGbbKzrk9PFhy4pdMhZT
HskNnGgUP/0tgBWgdwsNLQnsNlqj/rhA0+GlD3tUQM5s2iM1+BmWd9EUywku+2vo
lvbbFmMc85RBswQiB8JyhcDIepK6IX6SLNOdGRpnSUtwT757zSKFi9njsIC3c4Wm
hvw7kAXWAU/MCMk1Vdcm8FAS/XhF0hynK3Xo05ekz5VBIl0s3HJbsIm9krzBHBXW
RBZHpbR1wspCwUVEF04jpD08/AYhYjdKZKUYXdxieeetE3VgEKSrRgAFwgDyYdiS
RKoCE/KM3Zkf5AOARTQ1geO62oG3gWnSZcD6Ma0Vjo1SvOmazbbxc7g=
-----END CERTIFICATE-----
Generated at Wed Apr 30 23:55:26 2025 by rpki-client