Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139362e302f32342d3234203d3e20323030303137.roa
File: 3139342e33312e3139362e302f32342d3234203d3e20323030303137.roa (raw, json)
Hash identifier: +5av7/JwxJ2GdszhVyEajY1bsnLhd2JhS01B+/f5cdU=
Subject key identifier: 83:EE:ED:A6:55:4E:3D:AE:91:BA:CF:71:4F:8D:10:C1:79:38:AA:E0
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 34F8719E979C37B56CBE161FC60712603B37F3F4
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139362e302f32342d3234203d3e20323030303137.roa
Signing time: Tue 27 May 2025 08:00:43 +0000
ROA not before: Tue 27 May 2025 07:55:43 +0000
ROA not after: Tue 26 May 2026 08:00:43 +0000
asID: 200017
IP address blocks: 194.31.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 14:50:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:f8:71:9e:97:9c:37:b5:6c:be:16:1f:c6:07:12:60:3b:37:f3:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: May 27 07:55:43 2025 GMT
Not After : May 26 08:00:43 2026 GMT
Subject: CN=83EEEDA6554E3DAE91BACF714F8D10C17938AAE0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:41:1b:5d:0f:c2:d0:f7:0b:5f:eb:2e:e5:11:
73:2e:78:a3:51:3b:29:59:9b:cb:3b:b4:5d:cb:da:
84:1b:6e:4f:95:32:49:50:12:82:4a:73:6b:26:7f:
c4:b6:ff:d8:4b:c0:35:fb:71:54:d8:5c:19:4f:22:
b3:7d:0a:e9:50:2f:aa:a4:6a:05:c8:f6:5d:64:97:
91:ce:2e:90:b7:3c:80:d5:f9:51:bf:8d:47:9e:c9:
a9:65:02:70:34:77:1f:33:ec:e2:1a:22:76:59:b3:
a0:9d:d7:86:49:3a:04:46:be:be:0c:ef:20:48:20:
a2:ba:be:2b:be:c1:c4:05:8f:e6:0c:5d:ea:48:93:
a6:e6:5c:af:4c:d0:1e:46:3a:9b:9b:31:ff:aa:f0:
b8:3c:36:bd:8f:ad:d0:db:0e:8b:b9:f9:b2:13:b3:
3f:91:20:df:c0:2d:cd:35:69:2b:09:9a:c3:09:fc:
b9:16:bc:d9:ca:d2:8b:70:7f:d7:1e:31:ed:4b:39:
74:a0:a2:7e:7c:65:90:69:53:31:93:fe:8d:15:95:
57:06:0f:8e:10:bc:64:88:f8:5b:08:61:48:a7:23:
8a:7c:c5:46:2f:b4:31:0b:da:7f:8a:85:1d:52:19:
df:22:32:89:56:a3:4b:f5:79:0b:4f:17:87:23:1f:
3e:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:EE:ED:A6:55:4E:3D:AE:91:BA:CF:71:4F:8D:10:C1:79:38:AA:E0
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139362e302f32342d3234203d3e20323030303137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.196.0/24
Signature Algorithm: sha256WithRSAEncryption
07:80:7a:e9:21:48:de:e2:f7:7d:45:5e:96:a7:34:f1:01:c6:
37:17:a1:a8:9e:fa:52:2c:08:c0:cd:65:6e:d3:fd:f7:0c:15:
4d:ba:ab:0f:c9:71:e8:5e:12:3d:03:29:f9:f5:f9:e2:bc:ea:
08:fd:fa:5a:7e:d1:60:c1:9a:a2:29:e9:c3:57:4c:d9:94:79:
4b:e9:fc:ad:d1:ce:fe:16:fe:21:28:70:eb:62:53:86:42:3d:
8b:45:56:75:5f:28:e0:ef:d1:ca:79:57:6d:5a:c2:dd:43:66:
5c:14:06:05:46:ed:5d:25:27:c2:0a:63:65:70:d8:ff:00:06:
f4:89:0b:4f:e5:b6:07:10:3e:dd:39:8d:db:e4:08:1f:88:c4:
75:12:96:5b:dd:30:c6:15:40:82:b1:55:52:b7:f0:b7:ce:83:
d3:e3:0b:0a:50:ff:bd:0a:15:a5:3e:75:95:8a:04:0f:64:40:
39:43:c5:ad:74:25:0f:75:81:a7:7b:39:2c:27:33:9d:2b:c1:
08:9d:9b:59:3c:8d:dd:4c:cb:58:a2:9e:e0:c6:56:b3:69:93:
ae:78:96:a0:9b:04:61:38:7b:a0:39:4c:2b:77:a1:e8:c7:4a:
9e:a5:b8:56:d0:be:a6:0b:bf:e2:25:8b:be:6c:5b:76:66:89:
e5:e6:1c:f1
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUNPhxnpecN7VsvhYfxgcSYDs38/QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNTA1MjcwNzU1NDNaFw0yNjA1MjYwODAwNDNaMDMxMTAvBgNV
BAMTKDgzRUVFREE2NTU0RTNEQUU5MUJBQ0Y3MTRGOEQxMEMxNzkzOEFBRTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXQRtdD8LQ9wtf6y7lEXMueKNR
OylZm8s7tF3L2oQbbk+VMklQEoJKc2smf8S2/9hLwDX7cVTYXBlPIrN9CulQL6qk
agXI9l1kl5HOLpC3PIDV+VG/jUeeyallAnA0dx8z7OIaInZZs6Cd14ZJOgRGvr4M
7yBIIKK6viu+wcQFj+YMXepIk6bmXK9M0B5GOpubMf+q8Lg8Nr2PrdDbDou5+bIT
sz+RIN/ALc01aSsJmsMJ/LkWvNnK0otwf9ceMe1LOXSgon58ZZBpUzGT/o0VlVcG
D44QvGSI+FsIYUinI4p8xUYvtDEL2n+KhR1SGd8iMolWo0v1eQtPF4cjHz4rAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUg+7tplVOPa6Rus9xT40QwXk4quAwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzEzOTM0MmUzMzMxMmUzMTM5
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzAzMDMxMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCH8QwDQYJKoZIhvcNAQELBQADggEBAAeAeukhSN7i931FXpanNPEBxjcXoaie
+lIsCMDNZW7T/fcMFU26qw/JceheEj0DKfn1+eK86gj9+lp+0WDBmqIp6cNXTNmU
eUvp/K3Rzv4W/iEocOtiU4ZCPYtFVnVfKODv0cp5V21awt1DZlwUBgVG7V0lJ8IK
Y2Vw2P8ABvSJC0/ltgcQPt05jdvkCB+IxHUSllvdMMYVQIKxVVK38LfOg9PjCwpQ
/70KFaU+dZWKBA9kQDlDxa10JQ91gad7OSwnM50rwQidm1k8jd1My1iinuDGVrNp
k654lqCbBGE4e6A5TCt3oejHSp6luFbQvqYLv+Ili75sW3ZmieXmHPE=
-----END CERTIFICATE-----
Generated at Fri Jun 6 19:41:37 2025 by rpki-client