Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/39342e3132362e3233372e302f32342d3234203d3e203438303730.roa
File: 39342e3132362e3233372e302f32342d3234203d3e203438303730.roa (raw, json)
Hash identifier: SY6OvQv9R/Ut8R5yFxdy0RVK/9dKsg8ZwmC3iNS9Rpw=
Subject key identifier: 11:2D:8F:8D:DE:7B:98:21:BA:E7:F1:A4:6B:2C:21:C0:AA:ED:1A:73
Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial: 30AB03D37933061BE04B62356A71D4B46091E6BD
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/39342e3132362e3233372e302f32342d3234203d3e203438303730.roa
Signing time: Tue 27 May 2025 15:50:36 +0000
ROA not before: Tue 27 May 2025 15:45:36 +0000
ROA not after: Tue 26 May 2026 15:50:36 +0000
asID: 48070
IP address blocks: 94.126.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 17:28:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:ab:03:d3:79:33:06:1b:e0:4b:62:35:6a:71:d4:b4:60:91:e6:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
Validity
Not Before: May 27 15:45:36 2025 GMT
Not After : May 26 15:50:36 2026 GMT
Subject: CN=112D8F8DDE7B9821BAE7F1A46B2C21C0AAED1A73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d8:aa:10:d3:cf:07:98:6c:79:ba:e1:f4:7c:
10:f0:6b:bb:0b:47:e8:ed:66:de:52:a5:2b:10:47:
e3:8a:dd:ea:b0:d1:15:e7:4f:7c:1c:b1:e5:6a:d1:
25:f3:8d:27:45:0a:84:51:a7:33:1b:a4:d7:4d:37:
37:8c:ab:b2:c3:bd:eb:b6:23:57:bb:d6:dc:9b:da:
62:16:6e:ce:ce:1b:25:01:47:fa:26:1f:1c:b6:6a:
f7:34:89:e9:a0:80:3a:96:a8:a4:b7:4a:f5:92:60:
33:b7:ce:5a:0b:8f:fd:13:d3:93:80:eb:41:33:78:
5b:f9:2d:e9:1c:ed:29:bf:16:9a:93:f5:dc:37:1a:
e1:c7:af:7c:57:d0:bf:c9:7d:ea:2d:3b:69:8d:84:
86:ee:6e:34:67:5a:73:e0:bc:e2:61:57:3d:0e:c0:
95:01:11:82:91:5d:f6:bd:d7:cc:75:8f:54:a2:c0:
48:0a:55:3e:19:38:86:49:75:63:a6:ac:1a:fc:0f:
c3:e3:33:4a:c8:58:44:89:c8:6e:21:dd:46:59:f4:
5e:97:9b:00:e5:09:3e:94:71:a0:ee:4c:a7:2c:d5:
93:fd:76:15:73:5b:ad:a8:ff:da:26:7a:fb:8f:b2:
22:4e:e4:71:c4:28:a4:c9:27:25:8d:aa:27:c2:45:
42:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:2D:8F:8D:DE:7B:98:21:BA:E7:F1:A4:6B:2C:21:C0:AA:ED:1A:73
X509v3 Authority Key Identifier:
keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/39342e3132362e3233372e302f32342d3234203d3e203438303730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.126.237.0/24
Signature Algorithm: sha256WithRSAEncryption
72:26:1b:4f:a8:2b:0c:b5:8f:e2:f4:61:f8:98:a5:9b:0c:32:
fd:62:a3:10:3a:5c:07:23:1f:7f:d6:19:b7:43:d1:33:57:d3:
d0:7c:d0:74:e5:b4:cb:57:e5:2c:75:72:b6:a9:7c:99:a4:a4:
3a:bb:42:77:33:81:cb:b6:87:06:82:53:c4:98:e5:b0:be:a4:
a8:66:bf:d7:74:fe:fc:2f:81:53:31:1d:44:47:67:ad:33:e5:
ea:27:42:90:59:a6:7e:f9:e1:6f:4a:2d:68:43:bc:05:d7:5a:
3c:b6:d4:b7:28:e3:2a:fd:06:31:52:15:1d:66:0c:8c:1f:0c:
08:3f:ff:25:f0:2c:3d:cf:d9:f6:43:17:34:8f:e8:3c:cc:f8:
85:6e:7e:ea:fd:24:4a:6e:df:f5:81:9f:81:63:c0:40:f4:65:
b1:e4:00:d4:0a:75:6f:95:a4:7c:98:a9:f9:7f:87:ab:f6:a9:
cc:20:61:0f:f3:91:f8:aa:8a:4e:a3:22:c9:db:b0:24:0a:db:
cd:ed:bd:20:db:50:e0:a6:23:2c:8f:cd:e9:d4:1d:0f:51:43:
03:b8:0c:3d:c9:79:82:0b:d1:a8:51:d6:11:a1:6a:8a:3c:c6:
18:12:74:42:76:b9:4b:38:d5:07:32:79:68:c2:9d:71:24:36:
3f:8f:1f:25
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUMKsD03kzBhvgS2I1anHUtGCR5r0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yNTA1MjcxNTQ1MzZaFw0yNjA1MjYxNTUwMzZaMDMxMTAvBgNV
BAMTKDExMkQ4RjhEREU3Qjk4MjFCQUU3RjFBNDZCMkMyMUMwQUFFRDFBNzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz2KoQ088HmGx5uuH0fBDwa7sL
R+jtZt5SpSsQR+OK3eqw0RXnT3wcseVq0SXzjSdFCoRRpzMbpNdNNzeMq7LDveu2
I1e71tyb2mIWbs7OGyUBR/omHxy2avc0iemggDqWqKS3SvWSYDO3zloLj/0T05OA
60EzeFv5Lekc7Sm/FpqT9dw3GuHHr3xX0L/JfeotO2mNhIbubjRnWnPgvOJhVz0O
wJUBEYKRXfa918x1j1SiwEgKVT4ZOIZJdWOmrBr8D8PjM0rIWESJyG4h3UZZ9F6X
mwDlCT6UcaDuTKcs1ZP9dhVzW62o/9omevuPsiJO5HHEKKTJJyWNqifCRULNAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUES2Pjd57mCG65/GkaywhwKrtGnMwHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUt
NGIxYS00NmVhLTljOTUtNGFmMTI5NjRhNDlkLzAvMzkzNDJlMzEzMjM2MmUzMjMz
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM4MzAzNzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Xn7tMA0GCSqGSIb3DQEBCwUAA4IBAQByJhtPqCsMtY/i9GH4mKWbDDL9YqMQOlwH
Ix9/1hm3Q9EzV9PQfNB05bTLV+UsdXK2qXyZpKQ6u0J3M4HLtocGglPEmOWwvqSo
Zr/XdP78L4FTMR1ER2etM+XqJ0KQWaZ++eFvSi1oQ7wF11o8ttS3KOMq/QYxUhUd
ZgyMHwwIP/8l8Cw9z9n2Qxc0j+g8zPiFbn7q/SRKbt/1gZ+BY8BA9GWx5ADUCnVv
laR8mKn5f4er9qnMIGEP85H4qopOoyLJ27AkCtvN7b0g21DgpiMsj83p1B0PUUMD
uAw9yXmCC9GoUdYRoWqKPMYYEnRCdrlLONUHMnlowp1xJDY/jx8l
-----END CERTIFICATE-----
Generated at Sun Jun 15 00:02:26 2025 by rpki-client