Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3137302e302f32342d3234203d3e203239303134.roa
File: 39352e3136392e3137302e302f32342d3234203d3e203239303134.roa (raw, json)
Hash identifier: i2xhkApVfgj04fX+hojCpQK4wvNEUE95SvVCLWaHLBA=
Subject key identifier: FB:C4:D5:0A:8A:02:95:E4:17:29:B0:1B:A2:13:2A:1D:B5:CC:B0:B3
Certificate issuer: /CN=9e576996388e94b8c7ab20effb23bd11becb4108
Certificate serial: 04AFD7E17A3438927F501A067003D33793771EA9
Authority key identifier: 9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3137302e302f32342d3234203d3e203239303134.roa
Signing time: Thu 03 Jul 2025 16:54:13 +0000
ROA not before: Thu 03 Jul 2025 16:49:13 +0000
ROA not after: Thu 02 Jul 2026 16:54:13 +0000
asID: 29014
IP address blocks: 95.169.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.mft
rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:af:d7:e1:7a:34:38:92:7f:50:1a:06:70:03:d3:37:93:77:1e:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e576996388e94b8c7ab20effb23bd11becb4108
Validity
Not Before: Jul 3 16:49:13 2025 GMT
Not After : Jul 2 16:54:13 2026 GMT
Subject: CN=FBC4D50A8A0295E41729B01BA2132A1DB5CCB0B3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d8:0f:1c:71:1e:bd:ea:eb:d7:c5:bd:d6:9b:
7e:68:cc:1f:5b:64:b6:8f:08:d1:2e:cb:3f:71:9f:
29:4f:98:2d:14:24:72:90:c2:86:9d:92:25:e7:6b:
cf:78:59:32:5d:e1:49:44:16:61:7e:ac:64:86:b8:
b8:3b:32:b6:5b:c7:90:7c:81:3e:86:53:be:bc:b7:
1f:2b:07:d5:8f:db:73:62:66:b8:72:ba:31:d1:b8:
de:be:aa:6d:69:d0:31:b4:c0:f8:81:5e:ea:7b:77:
f6:dd:de:40:11:1d:4d:e3:af:ac:4c:e8:8f:71:f9:
0d:80:ff:29:21:68:cd:19:87:a2:18:86:f2:c6:83:
30:46:30:08:85:3d:e8:f4:01:fc:87:bc:0f:42:d9:
48:1c:64:64:a2:24:ff:d6:ac:fa:93:7d:3d:11:76:
42:f0:df:20:17:9d:99:1e:b2:e3:eb:dc:1b:3c:18:
8e:13:eb:6b:e9:5e:97:c3:b4:c0:a3:df:c1:d9:cf:
46:f8:41:ae:b4:0a:77:ad:53:a6:f8:0d:ab:a0:a1:
02:36:d2:93:d1:cc:d1:c3:1a:c1:a7:10:22:48:95:
bc:6c:cc:30:07:9a:ac:3b:bf:0d:d0:94:5d:d3:5f:
a8:5f:51:c9:42:67:2e:68:21:b6:ac:91:32:b9:23:
9e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:C4:D5:0A:8A:02:95:E4:17:29:B0:1B:A2:13:2A:1D:B5:CC:B0:B3
X509v3 Authority Key Identifier:
keyid:9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3137302e302f32342d3234203d3e203239303134.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.169.170.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:83:03:d0:06:ad:fd:e1:06:18:9e:8b:f4:22:fa:ee:37:aa:
f4:78:fb:35:7b:e1:c0:ce:35:72:15:86:01:8e:f2:53:b7:3b:
2a:8a:ab:72:84:6f:23:a2:ec:72:c0:d5:3f:df:f9:e1:96:2c:
c2:65:b8:53:14:a2:ee:49:3c:54:6c:c0:f4:88:f5:8f:f8:80:
32:2d:0d:3f:f5:c5:39:59:33:fd:ae:88:57:82:b6:28:ad:18:
7a:65:51:a7:62:58:4b:27:a5:c9:ce:01:67:31:8b:50:fb:ed:
fc:e3:f6:22:14:7f:27:c4:fe:e7:51:c6:e9:3b:4a:1a:0a:44:
07:8b:be:70:90:d6:a0:27:36:c7:f4:8c:12:ce:cb:94:97:11:
cc:50:14:06:49:4a:c1:8d:93:7c:69:83:80:c4:dd:65:52:dd:
24:dc:e7:18:ed:f0:09:1f:7f:94:53:7e:39:4e:05:e3:a1:27:
09:62:b2:66:f8:33:29:fc:c6:f7:e8:3e:ae:f7:42:3a:48:4c:
79:6d:0e:f0:1c:05:5f:26:87:a9:c2:e8:a3:43:3e:e8:a8:99:
2a:f3:53:22:f7:fd:2c:57:da:87:32:df:43:f8:90:46:c1:f3:
5d:d0:1b:47:d0:91:7f:27:bc:97:36:39:0e:50:0d:54:2f:66:
e7:3d:e4:f6
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUBK/X4Xo0OJJ/UBoGcAPTN5N3HqkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWU1NzY5OTYzODhlOTRiOGM3YWIyMGVmZmIyM2JkMTFi
ZWNiNDEwODAeFw0yNTA3MDMxNjQ5MTNaFw0yNjA3MDIxNjU0MTNaMDMxMTAvBgNV
BAMTKEZCQzRENTBBOEEwMjk1RTQxNzI5QjAxQkEyMTMyQTFEQjVDQ0IwQjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC42A8ccR696uvXxb3Wm35ozB9b
ZLaPCNEuyz9xnylPmC0UJHKQwoadkiXna894WTJd4UlEFmF+rGSGuLg7MrZbx5B8
gT6GU768tx8rB9WP23NiZrhyujHRuN6+qm1p0DG0wPiBXup7d/bd3kARHU3jr6xM
6I9x+Q2A/ykhaM0Zh6IYhvLGgzBGMAiFPej0AfyHvA9C2UgcZGSiJP/WrPqTfT0R
dkLw3yAXnZkesuPr3Bs8GI4T62vpXpfDtMCj38HZz0b4Qa60CnetU6b4DaugoQI2
0pPRzNHDGsGnECJIlbxszDAHmqw7vw3QlF3TX6hfUclCZy5oIbaskTK5I565AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU+8TVCooCleQXKbAbohMqHbXMsLMwHwYDVR0j
BBgwFoAUnldpljiOlLjHqyDv+yO9Eb7LQQgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAtMmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2
MTIzLzAvOUU1NzY5OTYzODhFOTRCOEM3QUIyMEVGRkIyM0JEMTFCRUNCNDEwOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25sZHBsamlPbExqSHF5RHYteU85RWI3
TFFRZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAt
MmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2MTIzLzAvMzkzNTJlMzEzNjM5MmUzMTM3
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM5MzAzMTM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
X6mqMA0GCSqGSIb3DQEBCwUAA4IBAQBcgwPQBq394QYYnov0IvruN6r0ePs1e+HA
zjVyFYYBjvJTtzsqiqtyhG8jouxywNU/3/nhlizCZbhTFKLuSTxUbMD0iPWP+IAy
LQ0/9cU5WTP9rohXgrYorRh6ZVGnYlhLJ6XJzgFnMYtQ++384/YiFH8nxP7nUcbp
O0oaCkQHi75wkNagJzbH9IwSzsuUlxHMUBQGSUrBjZN8aYOAxN1lUt0k3OcY7fAJ
H3+UU345TgXjoScJYrJm+DMp/Mb36D6u90I6SEx5bQ7wHAVfJoepwuijQz7oqJkq
81Mi9/0sV9qHMt9D+JBGwfNd0BtH0JF/J7yXNjkOUA1UL2bnPeT2
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:25:14 2025 by rpki-client