Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e3131362e302f32322d3232203d3e203135343139.roa
File: 38392e3131362e3131362e302f32322d3232203d3e203135343139.roa (raw, json)
Hash identifier: +6pKiWIr1xfpXpXCXiVMVMi0tFetJIO1JWmpuLH4c10=
Subject key identifier: 25:57:0A:76:DC:51:C3:E7:8B:57:4C:60:2C:4F:0E:45:56:DB:18:64
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 7CFE8AAC697F76F357BFDF547799A42E85FFC30A
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e3131362e302f32322d3232203d3e203135343139.roa
Signing time: Fri 09 May 2025 09:37:58 +0000
ROA not before: Fri 09 May 2025 09:32:58 +0000
ROA not after: Fri 08 May 2026 09:37:58 +0000
asID: 15419
IP address blocks: 89.116.116.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 18:42:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:fe:8a:ac:69:7f:76:f3:57:bf:df:54:77:99:a4:2e:85:ff:c3:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: May 9 09:32:58 2025 GMT
Not After : May 8 09:37:58 2026 GMT
Subject: CN=25570A76DC51C3E78B574C602C4F0E4556DB1864
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:c8:a3:1b:03:01:a7:8a:15:5d:78:68:73:b0:
d2:7a:96:54:34:03:c6:2d:84:c6:c9:98:eb:db:68:
f2:66:0b:b5:09:b5:43:cc:e1:be:a7:fd:be:90:75:
76:c2:45:25:fd:b2:fd:35:d1:f7:fd:ef:b4:09:1b:
80:90:61:45:e0:02:3f:4a:90:65:0b:a5:82:11:16:
3d:cb:77:85:cf:00:7e:c2:99:a3:7c:ec:27:bc:49:
b3:7c:82:6f:f1:62:db:65:49:dc:45:c6:2a:59:43:
5d:fe:a6:69:06:d1:d2:e6:81:00:7d:be:03:5c:7d:
0f:f7:eb:af:72:58:94:66:a4:d1:45:12:29:aa:41:
8b:ec:c8:10:80:60:47:63:7e:09:fb:0d:c3:10:b9:
22:06:3d:4f:6e:6d:30:11:9b:da:bf:18:88:58:57:
56:8a:88:c5:56:b2:40:57:f2:b8:6d:17:71:bf:4f:
4d:be:0d:40:67:35:a1:18:ef:d7:d2:e0:93:25:a2:
8e:9d:2f:38:a6:40:41:06:7c:95:00:89:a6:32:32:
2c:dd:09:ef:ac:29:89:f5:25:ee:63:a5:d0:e7:b1:
50:55:b2:24:06:9a:b3:6a:94:ed:36:68:65:22:e2:
2d:0d:c7:ac:5e:2c:79:03:23:01:32:cb:aa:1e:e8:
7c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:57:0A:76:DC:51:C3:E7:8B:57:4C:60:2C:4F:0E:45:56:DB:18:64
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e3131362e302f32322d3232203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.116.116.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:3e:97:ec:14:05:e4:3f:97:4e:d8:cf:c5:5a:aa:20:a4:12:
1e:c7:d9:b3:02:f1:b7:fa:71:42:c5:12:c8:41:52:c9:9a:4a:
ca:88:c6:3e:cf:34:f5:15:33:ec:0e:d6:9d:1f:06:48:2d:49:
1a:7e:10:e6:80:6a:98:5d:92:ed:e5:c7:43:05:65:67:1b:ac:
dd:a3:a0:bc:67:4a:e9:19:6e:20:30:7a:74:9f:6e:89:a9:b7:
d5:f6:12:6b:96:b4:24:b1:82:77:3a:5a:3a:bb:93:cd:c1:cb:
64:6b:9f:99:ba:c0:82:40:2b:18:e2:88:02:5a:8b:37:b3:66:
57:a5:07:fb:15:c6:1e:62:b5:cd:0c:27:5a:7e:66:be:ed:71:
bc:99:26:4c:e4:53:51:c2:3f:e5:96:51:78:6b:35:17:62:5d:
01:45:af:d7:bd:9c:43:30:ab:da:13:2f:9e:4d:d3:25:f9:f5:
4b:8e:9b:aa:52:8b:e8:17:12:11:7f:f9:79:dd:f8:16:c9:4b:
4a:11:a7:63:49:9a:ad:c3:04:6c:b6:bb:b9:eb:e9:f6:3e:a4:
01:b6:36:8a:a8:a1:15:da:2f:ba:8e:9c:ac:60:2f:b5:4e:e2:
30:b7:d6:73:30:b3:34:4c:a7:9b:c2:8a:05:a8:b0:87:c7:95:
3a:c0:94:0c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUfP6KrGl/dvNXv99Ud5mkLoX/wwowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNTA1MDkwOTMyNThaFw0yNjA1MDgwOTM3NThaMDMxMTAvBgNV
BAMTKDI1NTcwQTc2REM1MUMzRTc4QjU3NEM2MDJDNEYwRTQ1NTZEQjE4NjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeyKMbAwGnihVdeGhzsNJ6llQ0
A8YthMbJmOvbaPJmC7UJtUPM4b6n/b6QdXbCRSX9sv010ff977QJG4CQYUXgAj9K
kGULpYIRFj3Ld4XPAH7CmaN87Ce8SbN8gm/xYttlSdxFxipZQ13+pmkG0dLmgQB9
vgNcfQ/3669yWJRmpNFFEimqQYvsyBCAYEdjfgn7DcMQuSIGPU9ubTARm9q/GIhY
V1aKiMVWskBX8rhtF3G/T02+DUBnNaEY79fS4JMloo6dLzimQEEGfJUAiaYyMizd
Ce+sKYn1Je5jpdDnsVBVsiQGmrNqlO02aGUi4i0Nx6xeLHkDIwEyy6oe6HyrAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUJVcKdtxRw+eLV0xgLE8ORVbbGGQwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzgzOTJlMzEzMTM2MmUzMTMx
MzYyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMTM1MzQzMTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
WXR0MA0GCSqGSIb3DQEBCwUAA4IBAQCkPpfsFAXkP5dO2M/FWqogpBIex9mzAvG3
+nFCxRLIQVLJmkrKiMY+zzT1FTPsDtadHwZILUkafhDmgGqYXZLt5cdDBWVnG6zd
o6C8Z0rpGW4gMHp0n26JqbfV9hJrlrQksYJ3Olo6u5PNwctka5+ZusCCQCsY4ogC
Wos3s2ZXpQf7FcYeYrXNDCdafma+7XG8mSZM5FNRwj/lllF4azUXYl0BRa/XvZxD
MKvaEy+eTdMl+fVLjpuqUovoFxIRf/l53fgWyUtKEadjSZqtwwRstru56+n2PqQB
tjaKqKEV2i+6jpysYC+1TuIwt9ZzMLM0TKebwooFqLCHx5U6wJQM
-----END CERTIFICATE-----
Generated at Fri Jun 6 06:34:52 2025 by rpki-client