Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3138332e302f32342d3234203d3e20323039313831.roa
File: 39352e3231342e3138332e302f32342d3234203d3e20323039313831.roa (raw, json)
Hash identifier: lTsB3YA1lHFbSl1Cmaufvak87ZyxIaRmoFdP+J/wwxc=
Subject key identifier: 35:6C:31:23:BA:26:96:CA:1E:74:2C:D9:67:78:03:AF:7C:31:FF:9F
Certificate issuer: /CN=92f49de8684f1287f4f6cb185d5cf7de80c90b94
Certificate serial: 5BAD83EEA1FD7C90F6CB04FE69047947A11B0F11
Authority key identifier: 92:F4:9D:E8:68:4F:12:87:F4:F6:CB:18:5D:5C:F7:DE:80:C9:0B:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3138332e302f32342d3234203d3e20323039313831.roa
Signing time: Tue 22 Apr 2025 06:57:23 +0000
ROA not before: Tue 22 Apr 2025 06:52:23 +0000
ROA not after: Tue 21 Apr 2026 06:57:23 +0000
asID: 209181
IP address blocks: 95.214.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.crl
rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.mft
rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 01 May 2025 15:17:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:ad:83:ee:a1:fd:7c:90:f6:cb:04:fe:69:04:79:47:a1:1b:0f:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92f49de8684f1287f4f6cb185d5cf7de80c90b94
Validity
Not Before: Apr 22 06:52:23 2025 GMT
Not After : Apr 21 06:57:23 2026 GMT
Subject: CN=356C3123BA2696CA1E742CD9677803AF7C31FF9F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:84:7d:7b:19:2e:f0:df:95:e0:cc:30:25:57:
9b:98:04:0f:46:5d:bf:c5:8a:91:1c:66:28:de:b9:
7d:d3:8b:9e:9d:33:a1:12:36:4c:6f:a0:7a:95:06:
ec:7e:e8:57:b4:c0:23:cc:20:d2:29:63:0d:9d:d0:
7c:ea:ab:43:d6:48:43:93:7b:5f:d7:7b:cb:5f:59:
07:94:9c:a0:4b:ff:ec:57:d4:57:c2:58:a2:aa:1d:
cf:12:74:d6:db:c1:23:aa:8b:50:ff:fc:61:da:14:
20:84:b2:ea:fc:e0:b9:67:91:61:cb:15:f4:b5:0e:
2c:07:fa:90:f2:b8:d8:cb:9b:96:2c:fd:39:44:c7:
33:07:c9:9d:27:92:07:ea:da:5d:da:9e:48:56:87:
d3:6d:f6:25:ca:a1:36:f9:f1:92:0c:8e:22:91:75:
d7:fb:26:2c:8e:7e:b4:65:d4:3b:58:49:bf:5f:3a:
0d:af:dc:7f:2d:bd:86:36:8a:77:3c:7d:16:2f:4b:
d4:77:b9:e3:19:34:34:d9:09:c7:5e:49:0c:02:99:
52:98:fe:60:17:a7:0c:ac:16:98:49:70:de:82:94:
33:20:60:bb:65:c3:d0:4c:4b:6a:65:18:d8:d5:5c:
ae:14:1e:6d:f7:04:44:88:29:b1:71:9f:94:f2:07:
31:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:6C:31:23:BA:26:96:CA:1E:74:2C:D9:67:78:03:AF:7C:31:FF:9F
X509v3 Authority Key Identifier:
keyid:92:F4:9D:E8:68:4F:12:87:F4:F6:CB:18:5D:5C:F7:DE:80:C9:0B:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3138332e302f32342d3234203d3e20323039313831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.183.0/24
Signature Algorithm: sha256WithRSAEncryption
51:c7:e8:f5:ca:f4:3f:9a:74:40:7f:7a:fd:51:a0:03:47:56:
42:29:c8:6c:95:d9:bd:8c:6f:14:41:24:98:27:8b:47:7e:d7:
45:19:88:56:4f:a5:4b:b0:e7:81:91:7a:33:7d:50:ed:7a:7e:
83:9d:f5:aa:6d:2c:9e:10:b6:86:80:2b:ee:4b:76:e1:d3:ba:
a4:d4:56:a5:10:f5:79:b1:34:71:7a:61:c8:04:b0:85:7d:ed:
94:e7:e2:cb:3e:ff:92:0b:f2:a0:d8:11:9e:02:65:0e:5b:c3:
75:9b:f5:c7:8b:ec:2b:ab:6d:98:5b:a3:e5:b6:23:f6:60:b3:
d1:14:ec:c7:b1:1b:41:de:3d:10:d9:8d:32:e2:8a:4f:7c:50:
d8:71:57:c5:e7:03:35:13:6b:34:91:ab:f1:9c:b1:ce:45:86:
73:e2:9b:96:60:0b:7b:8a:ac:51:a1:0d:9b:c6:9e:fe:00:93:
48:50:89:2e:65:4c:e4:e2:d3:20:94:53:d2:62:55:ce:03:9e:
5f:c2:82:f4:07:16:37:84:34:1d:d2:ea:71:77:da:0e:53:e5:
72:12:af:33:e8:a1:b4:3b:bb:37:3e:7f:63:0b:70:86:4a:64:
7d:a8:e1:88:18:36:6b:4f:af:75:e7:75:63:d4:5c:ff:3c:67:
f6:b1:1c:b6
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUW62D7qH9fJD2ywT+aQR5R6EbDxEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTJmNDlkZTg2ODRmMTI4N2Y0ZjZjYjE4NWQ1Y2Y3ZGU4
MGM5MGI5NDAeFw0yNTA0MjIwNjUyMjNaFw0yNjA0MjEwNjU3MjNaMDMxMTAvBgNV
BAMTKDM1NkMzMTIzQkEyNjk2Q0ExRTc0MkNEOTY3NzgwM0FGN0MzMUZGOUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnhH17GS7w35XgzDAlV5uYBA9G
Xb/FipEcZijeuX3Ti56dM6ESNkxvoHqVBux+6Fe0wCPMINIpYw2d0Hzqq0PWSEOT
e1/Xe8tfWQeUnKBL/+xX1FfCWKKqHc8SdNbbwSOqi1D//GHaFCCEsur84LlnkWHL
FfS1DiwH+pDyuNjLm5Ys/TlExzMHyZ0nkgfq2l3ankhWh9Nt9iXKoTb58ZIMjiKR
ddf7JiyOfrRl1DtYSb9fOg2v3H8tvYY2inc8fRYvS9R3ueMZNDTZCcdeSQwCmVKY
/mAXpwysFphJcN6ClDMgYLtlw9BMS2plGNjVXK4UHm33BESIKbFxn5TyBzErAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUNWwxI7omlsoedCzZZ3gDr3wx/58wHwYDVR0j
BBgwFoAUkvSd6GhPEof09ssYXVz33oDJC5QwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNjA5MjMzODktMmJkZS00M2UwLWIwZDUtZmMyNDRhNjMw
M2QwLzAvOTJGNDlERTg2ODRGMTI4N0Y0RjZDQjE4NUQ1Q0Y3REU4MEM5MEI5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2t2U2Q2R2hQRW9mMDlzc1lYVnozM29E
SkM1US5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNjA5MjMzODkt
MmJkZS00M2UwLWIwZDUtZmMyNDRhNjMwM2QwLzAvMzkzNTJlMzIzMTM0MmUzMTM4
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzkzMTM4MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABf1rcwDQYJKoZIhvcNAQELBQADggEBAFHH6PXK9D+adEB/ev1RoANHVkIpyGyV
2b2MbxRBJJgni0d+10UZiFZPpUuw54GRejN9UO16foOd9aptLJ4QtoaAK+5LduHT
uqTUVqUQ9XmxNHF6YcgEsIV97ZTn4ss+/5IL8qDYEZ4CZQ5bw3Wb9ceL7CurbZhb
o+W2I/Zgs9EU7MexG0HePRDZjTLiik98UNhxV8XnAzUTazSRq/Gcsc5FhnPim5Zg
C3uKrFGhDZvGnv4Ak0hQiS5lTOTi0yCUU9JiVc4Dnl/CgvQHFjeENB3S6nF32g5T
5XISrzPoobQ7uzc+f2MLcIZKZH2o4YgYNmtPr3XndWPUXP88Z/axHLY=
-----END CERTIFICATE-----
Generated at Thu May 1 02:40:37 2025 by rpki-client