Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139352e302f32342d3234203d3e203132383236.roa
File: 3139342e33312e3139352e302f32342d3234203d3e203132383236.roa (raw, json)
Hash identifier: Hiowcu87+rnRP4VBm949hK9/XoAe1JP45hqg/KNcyVc=
Subject key identifier: 30:87:16:98:18:2C:24:A3:E0:A0:71:51:DB:85:09:07:6C:EC:16:06
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 3BD0FB46C8DE76151913ACBB1898331C81B14560
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139352e302f32342d3234203d3e203132383236.roa
Signing time: Mon 10 Feb 2025 22:53:55 +0000
ROA not before: Mon 10 Feb 2025 22:48:55 +0000
ROA not after: Mon 09 Feb 2026 22:53:55 +0000
asID: 12826
IP address blocks: 194.31.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 01:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:d0:fb:46:c8:de:76:15:19:13:ac:bb:18:98:33:1c:81:b1:45:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Feb 10 22:48:55 2025 GMT
Not After : Feb 9 22:53:55 2026 GMT
Subject: CN=30871698182C24A3E0A07151DB8509076CEC1606
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:78:5c:0c:24:2d:d5:5c:92:2f:1a:de:f4:95:
17:f7:40:a2:55:10:57:b2:68:54:4f:5b:90:55:0d:
71:90:9b:2f:2f:bd:81:bd:03:4a:41:e4:6a:a9:11:
b3:24:17:84:c1:5d:ac:1a:01:0f:e3:63:d3:26:ba:
57:13:b5:08:30:15:b4:25:0a:78:ff:b7:47:98:df:
a2:ac:c8:a7:f9:13:10:4e:48:3f:35:f6:78:1d:05:
52:aa:98:0f:2f:ba:7e:b6:87:b0:40:43:1a:af:e4:
98:8e:55:3b:37:9d:cd:f2:fe:ae:05:d2:a4:6b:88:
fe:dc:b5:20:76:b1:3a:5a:af:30:d8:45:e3:46:84:
f5:0f:8a:18:33:ec:a1:a2:28:72:3d:cb:c4:08:e0:
b1:55:8d:cd:03:65:cd:48:01:8e:b2:a3:4e:f1:63:
cf:b3:df:a9:54:22:f6:8d:a7:ad:8b:20:89:bc:80:
f6:2b:c7:21:57:79:9a:98:40:5b:69:f7:31:0e:cd:
62:63:e5:4f:8e:76:fd:d3:47:e5:6f:4e:97:0a:67:
7a:64:59:dc:7e:33:ce:c0:22:91:aa:b9:85:85:a5:
be:32:6f:24:b4:ce:30:15:8e:13:14:0e:95:b3:12:
6b:59:e1:14:de:70:eb:09:31:d3:e0:4b:ec:b0:5f:
9e:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:87:16:98:18:2C:24:A3:E0:A0:71:51:DB:85:09:07:6C:EC:16:06
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139352e302f32342d3234203d3e203132383236.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.195.0/24
Signature Algorithm: sha256WithRSAEncryption
23:92:9e:0d:6d:67:32:f4:eb:ce:23:17:27:8b:24:49:1a:97:
23:b4:db:85:06:fe:49:32:bb:ec:c5:1c:1c:cc:f8:7c:dd:ac:
a2:bc:a2:84:b1:e8:96:28:34:79:57:fd:54:14:cc:80:11:4e:
c3:08:9f:46:1b:77:b6:7d:f8:ad:ee:a0:05:34:bc:1b:09:3a:
08:77:ab:dd:63:f4:0d:86:98:18:19:a7:74:11:82:07:e8:68:
a9:f8:4e:43:46:02:dd:f9:2f:66:fd:a4:20:c6:35:63:12:c3:
ee:98:45:7d:0d:0f:59:61:eb:ec:c1:a6:f1:e6:1e:39:8c:a3:
58:a7:1a:dd:86:e4:5d:cb:27:28:74:cf:af:52:de:e4:6b:cf:
07:e1:32:16:e6:f1:f1:8c:1d:aa:46:65:cb:c4:7c:3f:66:0c:
ae:bc:1e:e2:ba:21:b6:df:7a:65:b5:20:d1:58:f6:d4:c1:4d:
0c:03:f3:57:c6:80:3b:a5:66:7b:51:05:2c:93:d9:a6:ef:ab:
f5:06:dc:bd:df:01:d1:cb:6c:3f:7d:24:65:fb:a8:7c:f6:6a:
08:d5:6e:92:ff:0a:6d:a0:0a:08:a1:e7:8d:ed:5a:81:09:27:
13:e8:5b:fe:a8:18:8a:65:f4:8e:90:d1:c2:56:d8:3b:06:a7:
5e:0b:22:13
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUO9D7RsjedhUZE6y7GJgzHIGxRWAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNTAyMTAyMjQ4NTVaFw0yNjAyMDkyMjUzNTVaMDMxMTAvBgNV
BAMTKDMwODcxNjk4MTgyQzI0QTNFMEEwNzE1MURCODUwOTA3NkNFQzE2MDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3eFwMJC3VXJIvGt70lRf3QKJV
EFeyaFRPW5BVDXGQmy8vvYG9A0pB5GqpEbMkF4TBXawaAQ/jY9MmulcTtQgwFbQl
Cnj/t0eY36KsyKf5ExBOSD819ngdBVKqmA8vun62h7BAQxqv5JiOVTs3nc3y/q4F
0qRriP7ctSB2sTparzDYReNGhPUPihgz7KGiKHI9y8QI4LFVjc0DZc1IAY6yo07x
Y8+z36lUIvaNp62LIIm8gPYrxyFXeZqYQFtp9zEOzWJj5U+Odv3TR+VvTpcKZ3pk
Wdx+M87AIpGquYWFpb4ybyS0zjAVjhMUDpWzEmtZ4RTecOsJMdPgS+ywX55DAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUMIcWmBgsJKPgoHFR24UJB2zsFgYwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzEzOTM0MmUzMzMxMmUzMTM5
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMyMzgzMjM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wh/DMA0GCSqGSIb3DQEBCwUAA4IBAQAjkp4NbWcy9OvOIxcniyRJGpcjtNuFBv5J
MrvsxRwczPh83ayivKKEseiWKDR5V/1UFMyAEU7DCJ9GG3e2ffit7qAFNLwbCToI
d6vdY/QNhpgYGad0EYIH6Gip+E5DRgLd+S9m/aQgxjVjEsPumEV9DQ9ZYevswabx
5h45jKNYpxrdhuRdyycodM+vUt7ka88H4TIW5vHxjB2qRmXLxHw/ZgyuvB7iuiG2
33pltSDRWPbUwU0MA/NXxoA7pWZ7UQUsk9mm76v1Bty93wHRy2w/fSRl+6h89moI
1W6S/wptoAoIoeeN7VqBCScT6Fv+qBiKZfSOkNHCVtg7BqdeCyIT
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:51:32 2025 by rpki-client