Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/3139332e39332e3135332e302f32342d3234203d3e203439313237.roa
File: 3139332e39332e3135332e302f32342d3234203d3e203439313237.roa (raw, json)
Hash identifier: 0/cfjGj4KR4GGAb3iVBdR7EXi3eZGMMRZK+KEv9RsCI=
Subject key identifier: D9:68:90:6C:AF:88:F9:43:C9:4C:F0:CB:52:DC:DD:5F:25:47:65:8D
Certificate issuer: /CN=f29fbab4db867f6bd9a7eff6aa55d98c162e1aad
Certificate serial: 47E2362D3F5753E37B77073E474BB63520702BCA
Authority key identifier: F2:9F:BA:B4:DB:86:7F:6B:D9:A7:EF:F6:AA:55:D9:8C:16:2E:1A:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/3139332e39332e3135332e302f32342d3234203d3e203439313237.roa
Signing time: Thu 12 Jun 2025 09:54:09 +0000
ROA not before: Thu 12 Jun 2025 09:49:09 +0000
ROA not after: Thu 11 Jun 2026 09:54:09 +0000
asID: 49127
IP address blocks: 193.93.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.crl
rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.mft
rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Jun 2025 22:46:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:e2:36:2d:3f:57:53:e3:7b:77:07:3e:47:4b:b6:35:20:70:2b:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f29fbab4db867f6bd9a7eff6aa55d98c162e1aad
Validity
Not Before: Jun 12 09:49:09 2025 GMT
Not After : Jun 11 09:54:09 2026 GMT
Subject: CN=D968906CAF88F943C94CF0CB52DCDD5F2547658D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:a0:47:dd:81:02:7c:81:b0:a6:1d:ab:07:fd:
2c:15:f9:77:9b:de:63:33:62:fd:fb:ce:b9:97:03:
25:e7:ba:01:6d:7d:54:d2:e3:c1:f3:03:b8:51:9a:
45:3d:31:7f:c4:5c:70:0f:42:ff:dc:ed:35:9c:bd:
0f:19:02:7b:b8:25:09:d1:53:23:6e:31:16:4b:ec:
bd:2b:90:3e:fe:9d:2b:12:d0:78:c1:a5:6c:c1:70:
6a:ad:a6:6a:37:2b:76:a2:c2:fe:6b:50:f7:49:80:
d0:7d:a8:1f:62:ef:52:24:5b:bd:f6:fb:86:b1:f4:
58:ed:b4:0f:48:ee:96:3e:5c:5b:c8:2d:f8:0e:3a:
28:95:2f:e6:87:46:15:ad:82:b5:da:d0:5a:36:87:
c0:d8:45:1d:ff:f0:e5:a1:43:db:de:87:89:75:df:
34:35:d6:ab:d6:e1:0b:b5:2d:d5:c3:da:5c:9c:19:
1f:9c:71:f4:b4:42:81:fa:2e:23:cb:86:5a:3d:73:
52:b1:09:45:8f:9b:28:1e:b1:07:83:63:ce:81:fd:
3f:c1:c0:a3:95:d2:99:c8:0e:98:6b:d3:82:10:55:
88:22:2c:07:1a:24:10:dc:47:d6:d8:73:cf:9c:5d:
34:0c:2b:81:03:d4:e3:dc:9c:f7:2c:05:e5:87:63:
ab:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:68:90:6C:AF:88:F9:43:C9:4C:F0:CB:52:DC:DD:5F:25:47:65:8D
X509v3 Authority Key Identifier:
keyid:F2:9F:BA:B4:DB:86:7F:6B:D9:A7:EF:F6:AA:55:D9:8C:16:2E:1A:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/3139332e39332e3135332e302f32342d3234203d3e203439313237.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.93.153.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:ee:97:8d:d5:ea:a9:9c:99:17:40:8c:3d:30:ef:dd:bc:f4:
32:40:68:2e:fa:eb:c2:a7:32:ce:25:31:e5:e1:d9:83:35:be:
d5:24:88:89:8e:b6:b6:c2:7a:3c:85:25:9d:2f:90:11:38:0e:
8e:3f:7a:49:21:24:8d:89:b1:e6:ea:e5:18:7f:bd:2d:6f:8a:
81:bd:4f:2e:95:fd:c0:e8:a8:24:12:95:e2:ed:37:37:5c:80:
f0:40:5e:9c:f3:06:0c:7b:7c:76:aa:54:9a:fb:2d:66:93:fd:
71:fb:d2:ec:86:ed:31:94:09:a5:c3:ab:29:d1:a9:13:2c:3f:
41:4d:b2:7f:1b:e9:c4:90:f6:c2:14:d8:65:bf:c2:5f:b9:7d:
36:5e:a8:e5:54:80:c9:a0:d5:e2:d0:f4:25:0e:15:96:1c:d1:
72:14:6f:ee:2e:62:ca:e9:a8:60:fa:8b:66:fa:ae:54:b3:bf:
3a:b9:20:31:ae:eb:d7:cc:82:0a:69:92:f0:79:fe:95:03:3f:
10:00:db:d9:34:71:c1:4d:6f:33:63:f3:ff:02:51:c5:1c:9d:
96:eb:66:c6:b3:43:84:08:43:df:1a:61:14:4b:4e:1a:c9:25:
1b:ce:db:74:00:a5:85:fd:1c:66:4b:71:0c:9a:44:8e:27:9f:
b8:a6:98:db
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUR+I2LT9XU+N7dwc+R0u2NSBwK8owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjI5ZmJhYjRkYjg2N2Y2YmQ5YTdlZmY2YWE1NWQ5OGMx
NjJlMWFhZDAeFw0yNTA2MTIwOTQ5MDlaFw0yNjA2MTEwOTU0MDlaMDMxMTAvBgNV
BAMTKEQ5Njg5MDZDQUY4OEY5NDNDOTRDRjBDQjUyRENERDVGMjU0NzY1OEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqoEfdgQJ8gbCmHasH/SwV+Xeb
3mMzYv37zrmXAyXnugFtfVTS48HzA7hRmkU9MX/EXHAPQv/c7TWcvQ8ZAnu4JQnR
UyNuMRZL7L0rkD7+nSsS0HjBpWzBcGqtpmo3K3aiwv5rUPdJgNB9qB9i71IkW732
+4ax9FjttA9I7pY+XFvILfgOOiiVL+aHRhWtgrXa0Fo2h8DYRR3/8OWhQ9veh4l1
3zQ11qvW4Qu1LdXD2lycGR+ccfS0QoH6LiPLhlo9c1KxCUWPmygesQeDY86B/T/B
wKOV0pnIDphr04IQVYgiLAcaJBDcR9bYc8+cXTQMK4ED1OPcnPcsBeWHY6t/AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU2WiQbK+I+UPJTPDLUtzdXyVHZY0wHwYDVR0j
BBgwFoAU8p+6tNuGf2vZp+/2qlXZjBYuGq0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmY1MmQ4MTQtM2QyZi00ZGY0LTgxNDAtZGZiNTMwZjc0
OTEyLzAvRjI5RkJBQjREQjg2N0Y2QkQ5QTdFRkY2QUE1NUQ5OEMxNjJFMUFBRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhwLTZ0TnVHZjJ2WnAtXzJxbFhaakJZ
dUdxMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmY1MmQ4MTQt
M2QyZi00ZGY0LTgxNDAtZGZiNTMwZjc0OTEyLzAvMzEzOTMzMmUzOTMzMmUzMTM1
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM5MzEzMjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wV2ZMA0GCSqGSIb3DQEBCwUAA4IBAQCt7peN1eqpnJkXQIw9MO/dvPQyQGgu+uvC
pzLOJTHl4dmDNb7VJIiJjra2wno8hSWdL5AROA6OP3pJISSNibHm6uUYf70tb4qB
vU8ulf3A6KgkEpXi7Tc3XIDwQF6c8wYMe3x2qlSa+y1mk/1x+9Lshu0xlAmlw6sp
0akTLD9BTbJ/G+nEkPbCFNhlv8JfuX02XqjlVIDJoNXi0PQlDhWWHNFyFG/uLmLK
6ahg+otm+q5Us786uSAxruvXzIIKaZLwef6VAz8QANvZNHHBTW8zY/P/AlHFHJ2W
62bGs0OECEPfGmEUS04aySUbztt0AKWF/RxmS3EMmkSOJ5+4ppjb
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:31:38 2025 by rpki-client