Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3137352e302f32342d3234203d3e20313335333931.roa
File: 39352e3231342e3137352e302f32342d3234203d3e20313335333931.roa (raw, json)
Hash identifier: dZLABnxKpTxFiKmt1/yK20i3zGqpWgZ6NnQoPD/883U=
Subject key identifier: A9:4B:BD:2C:8F:D4:2A:DD:E4:BB:13:0A:E9:25:24:30:C4:09:5C:49
Certificate issuer: /CN=92f49de8684f1287f4f6cb185d5cf7de80c90b94
Certificate serial: 79DF460405C4FD206BBAE025255023DC1CDE6436
Authority key identifier: 92:F4:9D:E8:68:4F:12:87:F4:F6:CB:18:5D:5C:F7:DE:80:C9:0B:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3137352e302f32342d3234203d3e20313335333931.roa
Signing time: Tue 22 Apr 2025 06:57:23 +0000
ROA not before: Tue 22 Apr 2025 06:52:23 +0000
ROA not after: Tue 21 Apr 2026 06:57:23 +0000
asID: 135391
IP address blocks: 95.214.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.crl
rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.mft
rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:df:46:04:05:c4:fd:20:6b:ba:e0:25:25:50:23:dc:1c:de:64:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92f49de8684f1287f4f6cb185d5cf7de80c90b94
Validity
Not Before: Apr 22 06:52:23 2025 GMT
Not After : Apr 21 06:57:23 2026 GMT
Subject: CN=A94BBD2C8FD42ADDE4BB130AE9252430C4095C49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:0f:0c:b8:d8:ad:3c:2b:bf:2e:08:8b:42:b0:
44:fc:35:0a:41:d6:e6:c1:5f:88:6e:a1:17:5c:91:
07:9d:4a:b2:5b:c9:91:9b:08:80:c6:df:42:53:ae:
ef:e6:ea:a5:0e:3d:f8:b5:c7:04:dd:42:ba:eb:90:
b7:49:31:e7:9f:18:46:ca:59:68:49:92:84:29:69:
9b:b5:f9:ad:de:33:e4:0a:00:68:f9:15:80:2f:a2:
8e:e2:3b:a2:f3:f3:8a:16:75:7c:27:38:99:f7:42:
1e:fe:11:5a:46:69:ec:76:02:f7:cb:7a:6d:92:40:
df:fa:20:d6:2d:7b:ac:ec:ca:a7:3c:54:30:43:7f:
f3:49:ae:ef:4c:a8:c0:d8:8d:1a:43:25:a5:45:e8:
a6:62:77:d4:52:81:33:56:70:20:2f:59:f7:20:7a:
44:d8:7e:a6:6f:3f:3b:26:ed:10:fc:aa:ae:23:f5:
ef:9d:4a:c3:dd:4b:52:80:24:61:a9:4f:8d:91:ce:
ab:69:ea:64:30:28:63:b1:52:72:b6:e5:98:6d:e9:
ce:f8:21:b7:4c:4a:df:ac:7f:44:45:a9:b8:91:52:
d3:f9:52:a8:0f:2b:75:23:c6:de:f3:14:1b:57:12:
a4:c4:0d:79:80:0a:86:12:fd:0a:b0:d7:36:98:ed:
92:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:4B:BD:2C:8F:D4:2A:DD:E4:BB:13:0A:E9:25:24:30:C4:09:5C:49
X509v3 Authority Key Identifier:
keyid:92:F4:9D:E8:68:4F:12:87:F4:F6:CB:18:5D:5C:F7:DE:80:C9:0B:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3137352e302f32342d3234203d3e20313335333931.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.175.0/24
Signature Algorithm: sha256WithRSAEncryption
51:6f:64:01:7d:c2:c3:99:31:c4:69:81:e4:71:3f:e1:d7:9e:
6d:52:f4:f8:c4:cd:29:87:3d:bd:4a:fd:a0:b5:43:ed:6a:a1:
d7:45:c5:56:78:ab:4a:53:ca:02:ae:ff:c2:92:02:bb:68:ec:
bc:4a:69:06:d9:f8:a6:96:b5:37:46:ed:ba:76:15:82:a6:3a:
b5:96:ab:7a:d3:ef:a6:8c:b5:64:92:2a:1b:03:95:f9:4d:8d:
fb:ca:43:b1:90:2f:c2:c7:95:48:f8:86:8f:0d:e9:52:8c:84:
e6:d7:4c:b1:76:9c:37:cb:57:d7:8f:cf:fa:92:5d:3c:12:e6:
2b:b2:9c:a6:68:92:6c:85:cb:43:b8:50:dd:35:66:6f:e0:af:
61:58:0a:93:ee:3b:00:2b:fb:f5:b5:3e:26:cb:52:eb:03:06:
2d:3d:23:cb:88:9b:22:93:ae:2a:f5:e0:e5:0c:f9:c1:01:bf:
45:0c:f5:d3:bc:09:89:bd:98:d0:95:55:5f:be:d3:1f:0f:af:
f2:10:06:4f:1f:b5:44:b7:7b:95:d4:51:cb:67:92:2f:43:52:
21:23:78:98:9d:1d:01:45:a8:2c:8a:ce:36:51:e1:0b:6d:d1:
73:ab:8c:31:2b:f5:17:f6:0d:54:bf:94:f3:48:31:dd:ee:17:
69:bf:a4:c8
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUed9GBAXE/SBruuAlJVAj3BzeZDYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTJmNDlkZTg2ODRmMTI4N2Y0ZjZjYjE4NWQ1Y2Y3ZGU4
MGM5MGI5NDAeFw0yNTA0MjIwNjUyMjNaFw0yNjA0MjEwNjU3MjNaMDMxMTAvBgNV
BAMTKEE5NEJCRDJDOEZENDJBRERFNEJCMTMwQUU5MjUyNDMwQzQwOTVDNDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuDwy42K08K78uCItCsET8NQpB
1ubBX4huoRdckQedSrJbyZGbCIDG30JTru/m6qUOPfi1xwTdQrrrkLdJMeefGEbK
WWhJkoQpaZu1+a3eM+QKAGj5FYAvoo7iO6Lz84oWdXwnOJn3Qh7+EVpGaex2AvfL
em2SQN/6INYte6zsyqc8VDBDf/NJru9MqMDYjRpDJaVF6KZid9RSgTNWcCAvWfcg
ekTYfqZvPzsm7RD8qq4j9e+dSsPdS1KAJGGpT42Rzqtp6mQwKGOxUnK25Zht6c74
IbdMSt+sf0RFqbiRUtP5UqgPK3Ujxt7zFBtXEqTEDXmACoYS/Qqw1zaY7ZKjAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUqUu9LI/UKt3kuxMK6SUkMMQJXEkwHwYDVR0j
BBgwFoAUkvSd6GhPEof09ssYXVz33oDJC5QwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNjA5MjMzODktMmJkZS00M2UwLWIwZDUtZmMyNDRhNjMw
M2QwLzAvOTJGNDlERTg2ODRGMTI4N0Y0RjZDQjE4NUQ1Q0Y3REU4MEM5MEI5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2t2U2Q2R2hQRW9mMDlzc1lYVnozM29E
SkM1US5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNjA5MjMzODkt
MmJkZS00M2UwLWIwZDUtZmMyNDRhNjMwM2QwLzAvMzkzNTJlMzIzMTM0MmUzMTM3
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzUzMzM5MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABf1q8wDQYJKoZIhvcNAQELBQADggEBAFFvZAF9wsOZMcRpgeRxP+HXnm1S9PjE
zSmHPb1K/aC1Q+1qoddFxVZ4q0pTygKu/8KSArto7LxKaQbZ+KaWtTdG7bp2FYKm
OrWWq3rT76aMtWSSKhsDlflNjfvKQ7GQL8LHlUj4ho8N6VKMhObXTLF2nDfLV9eP
z/qSXTwS5iuynKZokmyFy0O4UN01Zm/gr2FYCpPuOwAr+/W1PibLUusDBi09I8uI
myKTrir14OUM+cEBv0UM9dO8CYm9mNCVVV++0x8Pr/IQBk8ftUS3e5XUUctnki9D
UiEjeJidHQFFqCyKzjZR4Qtt0XOrjDEr9Rf2DVS/lPNIMd3uF2m/pMg=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:52:28 2025 by rpki-client