Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3138302e302f32342d3234203d3e20323033373538.roa
File: 39352e3231342e3138302e302f32342d3234203d3e20323033373538.roa (raw, json)
Hash identifier: yeHT2siMw+46e40lrxlb+yyyQe2+Rk/4CH0GwC6laEg=
Subject key identifier: 90:D3:8D:75:E4:86:A8:47:11:B7:05:6C:64:EE:BE:18:BE:AE:A2:68
Certificate issuer: /CN=92f49de8684f1287f4f6cb185d5cf7de80c90b94
Certificate serial: 15F6946467568191E241F63CFDF7B5BE13A9D4E8
Authority key identifier: 92:F4:9D:E8:68:4F:12:87:F4:F6:CB:18:5D:5C:F7:DE:80:C9:0B:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3138302e302f32342d3234203d3e20323033373538.roa
Signing time: Tue 22 Apr 2025 06:57:23 +0000
ROA not before: Tue 22 Apr 2025 06:52:23 +0000
ROA not after: Tue 21 Apr 2026 06:57:23 +0000
asID: 203758
IP address blocks: 95.214.180.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.crl
rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.mft
rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 03 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:f6:94:64:67:56:81:91:e2:41:f6:3c:fd:f7:b5:be:13:a9:d4:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92f49de8684f1287f4f6cb185d5cf7de80c90b94
Validity
Not Before: Apr 22 06:52:23 2025 GMT
Not After : Apr 21 06:57:23 2026 GMT
Subject: CN=90D38D75E486A84711B7056C64EEBE18BEAEA268
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ce:d1:aa:d7:81:fa:2a:c9:ca:73:f5:26:0a:
74:ab:46:a6:f1:20:fb:c0:40:6b:6c:61:7b:64:e0:
7a:9f:cb:db:73:29:48:3c:c5:40:a2:84:9f:62:b9:
cc:a6:d6:7d:20:3e:b3:b3:b8:61:c7:53:7c:8a:27:
60:31:b4:4f:15:7e:c7:c1:56:ab:d9:7f:82:fd:dd:
71:f0:ef:f8:8e:34:fd:5a:ff:97:f3:14:d2:9c:76:
e2:4a:b9:bd:e2:17:f3:67:97:66:4e:68:3d:e5:34:
88:62:dc:2b:d4:e7:a3:7b:10:c6:7e:cb:63:42:d9:
df:15:ae:25:aa:d8:1d:4f:c3:9e:7c:2d:fe:e6:00:
76:61:70:c7:33:73:c6:1a:36:19:0c:96:26:74:ab:
55:5e:db:85:2a:e5:cb:14:98:ea:ad:e5:29:52:1b:
0e:28:38:19:3e:3b:92:7d:33:9f:d6:29:d1:42:0f:
d6:5c:8e:5d:df:f2:35:0a:20:0d:8b:0d:7b:1b:c0:
0b:4d:c7:8b:b5:7e:4c:07:e0:6f:e6:08:d0:b0:54:
e8:af:6f:1a:c3:86:e8:59:d4:50:bc:63:8c:5d:f0:
61:d5:b6:5e:64:ee:85:20:45:8f:2d:3a:e8:c3:72:
65:ad:1c:72:f2:e4:6b:c1:b3:23:79:34:f5:72:1e:
fa:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:D3:8D:75:E4:86:A8:47:11:B7:05:6C:64:EE:BE:18:BE:AE:A2:68
X509v3 Authority Key Identifier:
keyid:92:F4:9D:E8:68:4F:12:87:F4:F6:CB:18:5D:5C:F7:DE:80:C9:0B:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3138302e302f32342d3234203d3e20323033373538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.180.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:8d:dd:b3:4d:f2:ae:61:d0:90:2c:f2:d6:7b:48:27:4e:78:
9d:6e:67:64:6e:b3:d0:89:2a:a9:6c:e9:31:0a:aa:b8:24:68:
7a:b6:69:83:c9:bc:39:0a:65:60:ed:ae:03:63:cc:0b:ae:b5:
85:76:b6:62:32:39:94:e2:bf:48:0e:99:41:39:e1:dc:43:ad:
1f:29:23:c9:90:38:21:ff:dc:0e:58:48:20:ef:01:98:3c:5b:
08:e6:2d:91:ad:4e:0c:43:59:d8:99:93:1c:08:81:9c:7b:c2:
c2:0a:3c:87:f5:c5:16:50:e6:3e:2e:c2:3d:2c:19:12:e1:2b:
79:82:26:8b:51:1f:82:54:24:70:8e:3c:98:e8:f3:96:3d:09:
91:9e:83:df:70:ce:4b:34:36:80:31:18:b2:43:3a:dd:c2:9a:
a3:ba:3d:2e:4a:cc:b0:93:27:da:76:2d:e3:ad:79:b7:9d:fe:
38:10:d7:e9:1b:87:94:7e:13:91:69:7e:1f:d8:81:91:dc:3e:
5b:df:79:75:8e:2b:03:a2:f0:02:7e:f7:f2:76:64:d9:d0:53:
08:03:bf:67:99:e7:d3:bc:7e:0d:5e:d8:fb:71:ad:54:bf:28:
20:b5:1e:ac:d9:a5:8b:9a:ab:e7:82:9b:1b:72:9f:76:b3:4f:
b9:6a:b6:bc
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUFfaUZGdWgZHiQfY8/fe1vhOp1OgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTJmNDlkZTg2ODRmMTI4N2Y0ZjZjYjE4NWQ1Y2Y3ZGU4
MGM5MGI5NDAeFw0yNTA0MjIwNjUyMjNaFw0yNjA0MjEwNjU3MjNaMDMxMTAvBgNV
BAMTKDkwRDM4RDc1RTQ4NkE4NDcxMUI3MDU2QzY0RUVCRTE4QkVBRUEyNjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDztGq14H6KsnKc/UmCnSrRqbx
IPvAQGtsYXtk4Hqfy9tzKUg8xUCihJ9iucym1n0gPrOzuGHHU3yKJ2AxtE8VfsfB
VqvZf4L93XHw7/iONP1a/5fzFNKcduJKub3iF/Nnl2ZOaD3lNIhi3CvU56N7EMZ+
y2NC2d8VriWq2B1Pw558Lf7mAHZhcMczc8YaNhkMliZ0q1Ve24Uq5csUmOqt5SlS
Gw4oOBk+O5J9M5/WKdFCD9Zcjl3f8jUKIA2LDXsbwAtNx4u1fkwH4G/mCNCwVOiv
bxrDhuhZ1FC8Y4xd8GHVtl5k7oUgRY8tOujDcmWtHHLy5GvBsyN5NPVyHvrJAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUkNONdeSGqEcRtwVsZO6+GL6uomgwHwYDVR0j
BBgwFoAUkvSd6GhPEof09ssYXVz33oDJC5QwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNjA5MjMzODktMmJkZS00M2UwLWIwZDUtZmMyNDRhNjMw
M2QwLzAvOTJGNDlERTg2ODRGMTI4N0Y0RjZDQjE4NUQ1Q0Y3REU4MEM5MEI5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2t2U2Q2R2hQRW9mMDlzc1lYVnozM29E
SkM1US5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNjA5MjMzODkt
MmJkZS00M2UwLWIwZDUtZmMyNDRhNjMwM2QwLzAvMzkzNTJlMzIzMTM0MmUzMTM4
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzMzNzM1Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABf1rQwDQYJKoZIhvcNAQELBQADggEBAKKN3bNN8q5h0JAs8tZ7SCdOeJ1uZ2Ru
s9CJKqls6TEKqrgkaHq2aYPJvDkKZWDtrgNjzAuutYV2tmIyOZTiv0gOmUE54dxD
rR8pI8mQOCH/3A5YSCDvAZg8WwjmLZGtTgxDWdiZkxwIgZx7wsIKPIf1xRZQ5j4u
wj0sGRLhK3mCJotRH4JUJHCOPJjo85Y9CZGeg99wzks0NoAxGLJDOt3CmqO6PS5K
zLCTJ9p2LeOtebed/jgQ1+kbh5R+E5Fpfh/YgZHcPlvfeXWOKwOi8AJ+9/J2ZNnQ
UwgDv2eZ59O8fg1e2PtxrVS/KCC1HqzZpYuaq+eCmxtyn3azT7lqtrw=
-----END CERTIFICATE-----
Generated at Fri May 2 19:26:27 2025 by rpki-client