Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3136302e3130302e302f32342d3234203d3e20323037313337.roa
File: 3139332e3136302e3130302e302f32342d3234203d3e20323037313337.roa (raw, json)
Hash identifier: buvnYwJMvAr33u0yuSXmI3I4305eh+uPYNIHmbxH2UI=
Subject key identifier: 36:50:58:19:4F:C3:0F:25:A5:5D:11:52:7B:C3:09:57:F7:59:A3:3C
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7BB796FAAFDF7A9F5CD4EA09F1051B940C253C8B
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3136302e3130302e302f32342d3234203d3e20323037313337.roa
Signing time: Wed 02 Apr 2025 12:45:57 +0000
ROA not before: Wed 02 Apr 2025 12:40:57 +0000
ROA not after: Wed 01 Apr 2026 12:45:57 +0000
asID: 207137
IP address blocks: 193.160.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 05:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:b7:96:fa:af:df:7a:9f:5c:d4:ea:09:f1:05:1b:94:0c:25:3c:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 2 12:40:57 2025 GMT
Not After : Apr 1 12:45:57 2026 GMT
Subject: CN=365058194FC30F25A55D11527BC30957F759A33C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:39:51:09:32:03:b2:f3:4a:cf:53:a7:d9:42:
91:46:2e:c7:82:fb:06:79:60:23:85:f3:ef:7c:b6:
e4:ca:a9:19:3e:1f:eb:de:fa:3b:31:5b:ea:3e:ec:
9f:0c:1b:a9:90:77:92:c3:bc:e3:15:2a:5d:97:ca:
4a:4f:d3:87:e5:9f:73:0e:a8:71:59:0c:44:0a:32:
28:18:03:b6:b2:c7:19:1d:73:cd:7b:90:27:d5:59:
e8:bc:af:9d:db:96:22:93:22:1f:ca:a5:c5:aa:fd:
be:2b:d4:0d:e0:23:95:2c:05:05:6d:c8:a0:56:0e:
17:2a:5a:40:44:79:b5:bb:b4:66:3d:9c:15:e8:c1:
9b:b5:29:34:4d:0d:75:f3:29:a6:21:79:21:57:e7:
1b:5c:ae:14:3d:ed:b6:08:ad:37:49:d9:ff:33:30:
20:e6:b5:84:d9:c2:f0:53:6f:b5:ce:5b:0c:fe:27:
36:7a:ac:e8:6b:db:2d:39:27:21:f9:08:5b:14:de:
a8:56:6a:1b:23:4f:86:43:3e:d2:d0:2e:e2:ef:df:
fe:bb:d3:e8:37:0b:7d:f2:4f:98:f0:36:8f:9d:08:
7f:32:4e:53:d5:a7:ec:2b:71:90:26:c1:7b:f5:67:
da:75:b3:4d:96:a3:e1:92:7d:6a:f3:1e:ce:c6:56:
09:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:50:58:19:4F:C3:0F:25:A5:5D:11:52:7B:C3:09:57:F7:59:A3:3C
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3136302e3130302e302f32342d3234203d3e20323037313337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.160.100.0/24
Signature Algorithm: sha256WithRSAEncryption
08:87:8a:65:ae:cd:6e:d1:f5:06:17:fc:cc:69:10:21:65:1d:
25:4b:da:d9:82:0d:6d:1a:38:5c:a9:78:7e:43:9f:dd:9b:46:
ca:dd:60:d7:10:7e:91:e6:e5:db:25:d2:e7:a6:8e:04:75:64:
9f:38:72:6d:26:e1:f3:12:3c:0a:78:d7:3d:cf:57:99:24:55:
92:03:4c:5e:33:09:4b:b5:a5:f6:bc:3d:93:fc:1c:9d:86:b8:
8e:aa:61:ed:e0:98:74:89:f1:51:80:42:5b:b5:6d:09:a5:2c:
b9:0a:0a:4c:dd:e8:a7:ba:b6:d5:94:0f:44:57:22:3e:da:dc:
8b:d8:c7:2a:f5:2d:d5:48:11:af:3b:b6:88:b4:f5:58:46:ec:
58:b4:4a:cc:80:62:f1:1a:84:49:6a:43:e6:a8:5a:f1:5e:81:
d7:d5:49:cf:6a:b0:aa:f4:bf:f8:c0:dd:5f:60:a6:d0:86:e3:
d5:5e:f0:dd:f0:df:21:4c:6a:9b:98:75:f8:9a:34:3c:f5:59:
db:ea:58:48:00:00:1c:29:75:ff:1c:cb:aa:a2:b9:ae:b7:2e:
37:33:2d:af:ac:7e:0b:c2:b8:49:9b:69:f9:13:b6:e8:35:5b:
4f:19:cf:42:16:e2:fd:11:d5:e7:8a:2b:5e:84:b3:6b:bf:c9:
c4:d7:39:45
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUe7eW+q/fep9c1OoJ8QUblAwlPIswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA0MDIxMjQwNTdaFw0yNjA0MDExMjQ1NTdaMDMxMTAvBgNV
BAMTKDM2NTA1ODE5NEZDMzBGMjVBNTVEMTE1MjdCQzMwOTU3Rjc1OUEzM0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD2OVEJMgOy80rPU6fZQpFGLseC
+wZ5YCOF8+98tuTKqRk+H+ve+jsxW+o+7J8MG6mQd5LDvOMVKl2XykpP04fln3MO
qHFZDEQKMigYA7ayxxkdc817kCfVWei8r53bliKTIh/KpcWq/b4r1A3gI5UsBQVt
yKBWDhcqWkBEebW7tGY9nBXowZu1KTRNDXXzKaYheSFX5xtcrhQ97bYIrTdJ2f8z
MCDmtYTZwvBTb7XOWwz+JzZ6rOhr2y05JyH5CFsU3qhWahsjT4ZDPtLQLuLv3/67
0+g3C33yT5jwNo+dCH8yTlPVp+wrcZAmwXv1Z9p1s02Wo+GSfWrzHs7GVgkbAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUNlBYGU/DDyWlXRFSe8MJV/dZozwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTMzMmUzMTM2MzAyZTMx
MzAzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNzMxMzMzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMGgZDANBgkqhkiG9w0BAQsFAAOCAQEACIeKZa7NbtH1Bhf8zGkQIWUdJUva
2YINbRo4XKl4fkOf3ZtGyt1g1xB+kebl2yXS56aOBHVknzhybSbh8xI8CnjXPc9X
mSRVkgNMXjMJS7Wl9rw9k/wcnYa4jqph7eCYdInxUYBCW7VtCaUsuQoKTN3op7q2
1ZQPRFciPtrci9jHKvUt1UgRrzu2iLT1WEbsWLRKzIBi8RqESWpD5qha8V6B19VJ
z2qwqvS/+MDdX2Cm0Ibj1V7w3fDfIUxqm5h1+Jo0PPVZ2+pYSAAAHCl1/xzLqqK5
rrcuNzMtr6x+C8K4SZtp+RO26DVbTxnPQhbi/RHV54orXoSza7/JxNc5RQ==
-----END CERTIFICATE-----
Generated at Sun Apr 27 15:20:28 2025 by rpki-client