Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/39342e3132362e3233382e302f32342d3234203d3e203438303730.roa
File: 39342e3132362e3233382e302f32342d3234203d3e203438303730.roa (raw, json)
Hash identifier: EEtfGKQPQ42nFzzdsRfixi4zKQ5tTYPEdAQ1iAcmdE4=
Subject key identifier: BE:2E:1F:C1:2C:2C:FA:55:74:3C:99:D2:70:31:45:33:79:DA:87:60
Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial: 4930D8E5AE7CC60BC488E2E97781CD1FEB116F7D
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/39342e3132362e3233382e302f32342d3234203d3e203438303730.roa
Signing time: Tue 27 May 2025 15:50:36 +0000
ROA not before: Tue 27 May 2025 15:45:36 +0000
ROA not after: Tue 26 May 2026 15:50:36 +0000
asID: 48070
IP address blocks: 94.126.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 17:28:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:30:d8:e5:ae:7c:c6:0b:c4:88:e2:e9:77:81:cd:1f:eb:11:6f:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
Validity
Not Before: May 27 15:45:36 2025 GMT
Not After : May 26 15:50:36 2026 GMT
Subject: CN=BE2E1FC12C2CFA55743C99D27031453379DA8760
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:54:e7:8d:05:d0:7b:d1:fe:82:df:61:71:1c:
ca:fd:b5:f4:22:83:50:bc:2e:8d:fe:84:7f:ef:6a:
87:00:f6:5b:8a:11:3f:7d:1e:fb:9a:78:28:f7:a1:
77:96:36:f5:19:e6:3c:e6:30:eb:9f:ad:e9:20:9d:
1b:7e:d9:7c:00:02:13:f4:90:bc:23:66:a1:2a:52:
93:9d:6f:34:cf:de:c0:d0:e2:98:15:b9:0f:73:40:
30:e8:26:ec:61:d4:76:f5:f0:fe:ed:2e:10:84:95:
a7:7e:de:3a:d9:c3:6c:57:53:47:30:fa:99:42:a5:
98:22:87:6b:8e:0f:9d:a6:fc:2c:4e:72:81:e8:8b:
1e:a9:92:39:04:5d:b5:8a:76:46:ae:cb:d7:2c:74:
7d:b1:d5:af:48:a3:ef:51:49:71:b1:1a:74:d6:af:
8b:21:06:69:6e:bf:35:ae:74:4b:62:73:a9:3c:7a:
8d:4e:97:01:6d:8c:14:f9:7b:53:57:25:f0:23:77:
c2:da:8d:a5:7e:4a:5c:82:55:16:93:aa:b2:d6:71:
d6:34:77:74:e4:f9:10:f4:35:41:c0:6d:20:d2:20:
c3:bb:e4:c6:70:1a:19:87:48:21:c3:aa:93:73:f4:
90:15:1a:b1:ab:6a:0a:d0:29:74:bc:47:35:9c:0c:
51:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:2E:1F:C1:2C:2C:FA:55:74:3C:99:D2:70:31:45:33:79:DA:87:60
X509v3 Authority Key Identifier:
keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/39342e3132362e3233382e302f32342d3234203d3e203438303730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.126.238.0/24
Signature Algorithm: sha256WithRSAEncryption
43:fe:09:98:fe:2e:b2:66:85:71:8b:6b:a8:28:9e:96:e3:c8:
f2:c7:5c:79:63:76:97:e0:5d:6a:3c:44:0a:23:a7:34:b8:3d:
7b:9b:d6:25:ad:c0:0a:b3:6a:ad:cd:48:c3:ca:05:eb:99:1c:
30:7e:bd:cf:db:92:cd:04:42:3e:f2:80:1c:40:2a:17:fc:a8:
56:3c:b3:fd:10:5e:39:23:6a:f9:58:82:ad:b9:9c:5b:f2:d7:
79:98:df:6a:26:0c:64:2f:eb:f9:3e:57:1d:8b:2c:13:86:92:
38:57:58:66:46:1b:14:47:cf:0e:f4:47:dd:5b:44:b3:aa:43:
4f:07:45:95:34:cf:4d:b2:16:d4:89:67:29:53:24:e2:60:8d:
b1:f2:28:c9:f4:0b:a9:48:25:08:6c:2d:e7:ce:6e:c0:0e:d7:
6d:3b:49:78:d3:56:6b:07:88:8c:cf:1a:7c:44:24:cf:50:7a:
48:45:40:0a:46:4b:2f:aa:39:9a:4d:e5:f7:99:ab:9e:19:c3:
e5:19:4c:60:6a:ab:77:2d:13:0e:6b:7d:d9:d6:2d:30:2f:e8:
62:74:61:52:fb:6b:44:0a:b2:ac:65:2a:b4:1f:1d:ed:a2:07:
eb:f7:fe:ad:c5:8b:11:ea:4a:32:6c:9c:5c:1c:6d:c9:58:14:
62:86:5c:a3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUSTDY5a58xgvEiOLpd4HNH+sRb30wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yNTA1MjcxNTQ1MzZaFw0yNjA1MjYxNTUwMzZaMDMxMTAvBgNV
BAMTKEJFMkUxRkMxMkMyQ0ZBNTU3NDNDOTlEMjcwMzE0NTMzNzlEQTg3NjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5VOeNBdB70f6C32FxHMr9tfQi
g1C8Lo3+hH/vaocA9luKET99HvuaeCj3oXeWNvUZ5jzmMOufrekgnRt+2XwAAhP0
kLwjZqEqUpOdbzTP3sDQ4pgVuQ9zQDDoJuxh1Hb18P7tLhCElad+3jrZw2xXU0cw
+plCpZgih2uOD52m/CxOcoHoix6pkjkEXbWKdkauy9csdH2x1a9Io+9RSXGxGnTW
r4shBmluvzWudEtic6k8eo1OlwFtjBT5e1NXJfAjd8LajaV+SlyCVRaTqrLWcdY0
d3Tk+RD0NUHAbSDSIMO75MZwGhmHSCHDqpNz9JAVGrGragrQKXS8RzWcDFEvAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUvi4fwSws+lV0PJnScDFFM3nah2AwHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUt
NGIxYS00NmVhLTljOTUtNGFmMTI5NjRhNDlkLzAvMzkzNDJlMzEzMjM2MmUzMjMz
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM4MzAzNzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Xn7uMA0GCSqGSIb3DQEBCwUAA4IBAQBD/gmY/i6yZoVxi2uoKJ6W48jyx1x5Y3aX
4F1qPEQKI6c0uD17m9YlrcAKs2qtzUjDygXrmRwwfr3P25LNBEI+8oAcQCoX/KhW
PLP9EF45I2r5WIKtuZxb8td5mN9qJgxkL+v5PlcdiywThpI4V1hmRhsUR88O9Efd
W0SzqkNPB0WVNM9NshbUiWcpUyTiYI2x8ijJ9AupSCUIbC3nzm7ADtdtO0l401Zr
B4iMzxp8RCTPUHpIRUAKRksvqjmaTeX3maueGcPlGUxgaqt3LRMOa33Z1i0wL+hi
dGFS+2tECrKsZSq0Hx3togfr9/6txYsR6koybJxcHG3JWBRihlyj
-----END CERTIFICATE-----
Generated at Sun Jun 15 08:58:15 2025 by rpki-client