Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/39342e3132362e3233392e302f32342d3234203d3e203438303730.roa
File: 39342e3132362e3233392e302f32342d3234203d3e203438303730.roa (raw, json)
Hash identifier: NDHvIIcUiAk7uX5boyMA8yHxKUGe6BZWK+cptlXNnOA=
Subject key identifier: D2:7F:B4:A3:E2:4D:02:FD:29:09:2B:00:CB:7C:30:1E:8C:87:87:86
Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial: 18D5CAFEB5976667AD4C9CD4842FFD42063D802A
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/39342e3132362e3233392e302f32342d3234203d3e203438303730.roa
Signing time: Tue 27 May 2025 15:50:37 +0000
ROA not before: Tue 27 May 2025 15:45:37 +0000
ROA not after: Tue 26 May 2026 15:50:37 +0000
asID: 48070
IP address blocks: 94.126.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 17:28:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:d5:ca:fe:b5:97:66:67:ad:4c:9c:d4:84:2f:fd:42:06:3d:80:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
Validity
Not Before: May 27 15:45:37 2025 GMT
Not After : May 26 15:50:37 2026 GMT
Subject: CN=D27FB4A3E24D02FD29092B00CB7C301E8C878786
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:46:bb:bb:7f:ac:2b:cb:17:aa:96:68:62:9b:
e4:77:f7:a4:ee:10:0c:a6:22:b2:19:67:37:7e:cb:
5e:f3:44:c6:d4:27:8a:2d:0e:29:27:c3:24:70:ad:
23:eb:1e:7e:24:89:60:c5:57:c7:e1:7c:f6:3a:62:
f8:d2:79:1d:dc:21:fa:77:ae:1c:97:fb:20:5c:b3:
79:19:db:1e:38:15:75:98:a7:53:ea:0e:2e:dd:d2:
30:6e:b1:9f:93:4c:2d:98:d9:25:ba:45:9a:22:fc:
85:1e:7e:6a:3f:ce:fc:0e:f4:b2:a7:11:66:a7:69:
17:a6:2b:c0:22:ab:b3:3e:67:c6:6d:55:da:f4:69:
18:bf:9c:37:eb:2f:ae:88:2d:32:a9:a6:10:9b:6a:
4d:6b:a6:ef:d1:9a:b2:c9:a7:83:f6:4f:cd:06:05:
a8:d5:43:2f:fb:b0:7b:1e:fe:f8:ad:0e:47:b6:42:
db:b8:f7:a4:a5:e6:95:b3:60:aa:a5:e6:0a:28:6d:
91:3d:ad:c5:0b:d4:e2:69:79:a3:b9:38:9f:28:c1:
e8:b2:c9:e2:18:1a:e5:88:3c:5c:75:9e:be:0f:ff:
17:d3:9e:ee:73:a8:30:ac:59:89:fa:89:7c:0a:f2:
cf:20:02:01:8a:d7:8e:77:7c:ea:4d:1a:ab:23:0f:
df:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:7F:B4:A3:E2:4D:02:FD:29:09:2B:00:CB:7C:30:1E:8C:87:87:86
X509v3 Authority Key Identifier:
keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/39342e3132362e3233392e302f32342d3234203d3e203438303730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.126.239.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:68:9b:20:fc:2d:75:1f:4d:4f:4d:90:81:e0:36:02:7b:33:
af:44:fd:25:ba:42:5c:1e:ac:9f:10:3e:55:20:cc:cd:92:6a:
76:98:b3:96:59:10:7e:b1:28:5e:fc:29:b9:d7:a7:51:af:0f:
c4:73:1d:55:9a:78:b1:5b:b1:fe:f6:e7:91:22:4e:79:23:5c:
04:ec:3f:0d:bf:12:56:df:6e:61:48:38:dc:84:a2:55:16:5e:
32:35:20:a4:2a:04:fe:56:38:a2:75:fd:c3:66:ea:63:4c:6f:
c0:2b:0c:7e:89:bd:9e:04:27:1c:31:27:5e:6e:01:48:b6:9c:
d7:6f:70:d4:8b:83:30:c0:60:e5:94:b1:a8:25:fe:73:7b:d7:
50:2b:65:9f:98:f5:c4:f9:71:92:77:73:2c:db:6c:32:d9:c1:
f9:7d:8f:0d:3c:2c:39:3b:39:85:28:c0:6c:71:22:cd:61:df:
d7:ac:b9:df:05:0f:af:8e:0f:86:e0:af:49:f2:3e:9c:3b:fc:
67:1a:67:54:06:d3:dc:8e:c0:f3:6b:e3:dd:a6:30:e2:3e:16:
bc:6f:22:58:36:08:93:91:7d:41:1a:dd:94:9f:8c:b1:c9:e9:
64:44:f9:54:1f:a4:d9:b5:22:c8:21:e4:ce:98:9e:ea:4b:ac:
9d:40:c8:40
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUGNXK/rWXZmetTJzUhC/9QgY9gCowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yNTA1MjcxNTQ1MzdaFw0yNjA1MjYxNTUwMzdaMDMxMTAvBgNV
BAMTKEQyN0ZCNEEzRTI0RDAyRkQyOTA5MkIwMENCN0MzMDFFOEM4Nzg3ODYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsRru7f6wryxeqlmhim+R396Tu
EAymIrIZZzd+y17zRMbUJ4otDiknwyRwrSPrHn4kiWDFV8fhfPY6YvjSeR3cIfp3
rhyX+yBcs3kZ2x44FXWYp1PqDi7d0jBusZ+TTC2Y2SW6RZoi/IUefmo/zvwO9LKn
EWanaRemK8Aiq7M+Z8ZtVdr0aRi/nDfrL66ILTKpphCbak1rpu/RmrLJp4P2T80G
BajVQy/7sHse/vitDke2Qtu496Sl5pWzYKql5goobZE9rcUL1OJpeaO5OJ8oweiy
yeIYGuWIPFx1nr4P/xfTnu5zqDCsWYn6iXwK8s8gAgGK1453fOpNGqsjD9+1AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU0n+0o+JNAv0pCSsAy3wwHoyHh4YwHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUt
NGIxYS00NmVhLTljOTUtNGFmMTI5NjRhNDlkLzAvMzkzNDJlMzEzMjM2MmUzMjMz
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM4MzAzNzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Xn7vMA0GCSqGSIb3DQEBCwUAA4IBAQClaJsg/C11H01PTZCB4DYCezOvRP0lukJc
HqyfED5VIMzNkmp2mLOWWRB+sShe/Cm516dRrw/Ecx1VmnixW7H+9ueRIk55I1wE
7D8NvxJW325hSDjchKJVFl4yNSCkKgT+Vjiidf3DZupjTG/AKwx+ib2eBCccMSde
bgFItpzXb3DUi4MwwGDllLGoJf5ze9dQK2WfmPXE+XGSd3Ms22wy2cH5fY8NPCw5
OzmFKMBscSLNYd/XrLnfBQ+vjg+G4K9J8j6cO/xnGmdUBtPcjsDza+PdpjDiPha8
byJYNgiTkX1BGt2Un4yxyelkRPlUH6TZtSLIIeTOmJ7qS6ydQMhA
-----END CERTIFICATE-----
Generated at Sun Jun 15 00:02:57 2025 by rpki-client