Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3139352e3131342e3130322e302f32332d3233203d3e203432363839.roa
File: 3139352e3131342e3130322e302f32332d3233203d3e203432363839.roa (raw, json)
Hash identifier: cvOtAiiTjs1N2U0Lk0hg/4mL7/6zWaQfvLCDfoTcYHg=
Subject key identifier: 10:35:2C:06:4A:45:59:59:DD:A6:AA:DF:59:76:C2:91:0A:32:6B:0E
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 220429F701D00A83A7C9ACC55F59815ADD980E4C
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3139352e3131342e3130322e302f32332d3233203d3e203432363839.roa
Signing time: Tue 18 Feb 2025 11:21:32 +0000
ROA not before: Tue 18 Feb 2025 11:16:32 +0000
ROA not after: Tue 17 Feb 2026 11:21:32 +0000
asID: 42689
IP address blocks: 195.114.102.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:04:29:f7:01:d0:0a:83:a7:c9:ac:c5:5f:59:81:5a:dd:98:0e:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Feb 18 11:16:32 2025 GMT
Not After : Feb 17 11:21:32 2026 GMT
Subject: CN=10352C064A455959DDA6AADF5976C2910A326B0E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:37:c3:71:69:2e:88:2d:0e:2e:3a:38:05:50:
ae:5c:1f:15:32:d4:23:cb:57:22:ab:7a:c3:08:d1:
f0:de:84:39:48:18:f0:a3:f7:e6:49:71:ba:90:50:
e3:e5:78:56:9f:e3:2a:63:82:f1:73:b9:4d:30:9c:
66:5e:87:44:5a:8d:d5:89:f4:48:d6:4c:55:df:a2:
3e:61:9a:d0:e9:9b:57:b1:94:38:b1:de:61:00:20:
7e:23:f0:e5:8f:fe:5f:03:14:1a:96:c6:ad:48:3b:
e0:24:db:23:96:5e:31:1d:ef:5b:78:b0:ce:83:a3:
34:a2:95:4e:18:08:02:70:8a:a7:b3:68:77:9a:5d:
65:45:c4:1b:af:2e:3d:39:a9:46:00:f7:ba:30:b7:
de:71:93:15:aa:7f:4f:7c:09:9a:0a:fa:d6:aa:cc:
bd:8a:19:9d:c6:3a:47:24:d1:dc:0c:5c:e0:d4:8a:
85:8e:eb:4b:82:de:0a:6c:6a:e6:d2:c1:1b:c2:71:
f5:99:1f:31:43:a1:ec:13:f2:a4:4e:91:8d:b6:6d:
ac:61:18:c7:6c:6d:3c:e3:33:82:af:64:3f:5f:a1:
c3:16:1f:58:49:49:1b:ce:fb:17:85:af:bd:e6:b6:
ff:bd:3c:99:2c:e2:c3:90:09:3d:ed:cb:15:0e:67:
b6:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:35:2C:06:4A:45:59:59:DD:A6:AA:DF:59:76:C2:91:0A:32:6B:0E
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3139352e3131342e3130322e302f32332d3233203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.114.102.0/23
Signature Algorithm: sha256WithRSAEncryption
57:5b:2d:4c:d9:e6:bd:90:ea:c6:60:58:f3:c2:fa:e0:a4:21:
1a:e1:1c:b2:00:bc:c7:bc:79:54:c6:b8:a8:b9:2d:c1:9b:f2:
83:69:11:f2:e1:13:4e:bd:20:55:09:74:74:43:d9:6d:c0:19:
36:21:a1:38:37:b6:a9:96:82:2a:e1:81:37:b2:a1:99:4d:dd:
32:72:bb:75:bb:ac:d0:90:47:2c:a0:2c:20:a0:e7:d3:43:27:
2b:6b:22:67:31:0a:11:e7:c5:66:06:a7:00:c0:57:c3:87:61:
2b:25:bc:b3:a5:c5:cf:20:18:76:16:bc:a9:c7:cb:d1:43:5a:
9b:d1:71:14:20:52:0c:59:4f:f7:40:76:06:53:02:f4:7d:25:
b9:40:92:da:d5:87:c1:20:b2:93:a5:2c:ea:ca:dd:b5:2c:51:
db:1f:74:60:2b:4f:ff:34:38:6b:fd:23:d0:b4:1f:ce:18:82:
6c:d2:3c:f3:8c:71:1e:56:e8:87:aa:2b:ec:34:ee:a0:7c:12:
d3:42:8e:b5:62:1e:2a:fd:e8:4b:c6:d8:8a:9a:db:1d:d1:65:
3f:c9:96:ea:ab:0d:8b:26:28:03:92:bf:77:c0:e5:68:0a:9b:
74:a3:96:c4:d8:5b:cc:26:c4:48:49:69:2f:b8:97:5c:fc:49:
cf:d1:ed:78
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUIgQp9wHQCoOnyazFX1mBWt2YDkwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNTAyMTgxMTE2MzJaFw0yNjAyMTcxMTIxMzJaMDMxMTAvBgNV
BAMTKDEwMzUyQzA2NEE0NTU5NTlEREE2QUFERjU5NzZDMjkxMEEzMjZCMEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMN8NxaS6ILQ4uOjgFUK5cHxUy
1CPLVyKresMI0fDehDlIGPCj9+ZJcbqQUOPleFaf4ypjgvFzuU0wnGZeh0RajdWJ
9EjWTFXfoj5hmtDpm1exlDix3mEAIH4j8OWP/l8DFBqWxq1IO+Ak2yOWXjEd71t4
sM6DozSilU4YCAJwiqezaHeaXWVFxBuvLj05qUYA97owt95xkxWqf098CZoK+taq
zL2KGZ3GOkck0dwMXODUioWO60uC3gpsaubSwRvCcfWZHzFDoewT8qROkY22baxh
GMdsbTzjM4KvZD9focMWH1hJSRvO+xeFr73mtv+9PJks4sOQCT3tyxUOZ7YlAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUEDUsBkpFWVndpqrfWXbCkQoyaw4wHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzEzOTM1MmUzMTMxMzQyZTMx
MzAzMjJlMzAyZjMyMzMyZDMyMzMyMDNkM2UyMDM0MzIzNjM4Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAHDcmYwDQYJKoZIhvcNAQELBQADggEBAFdbLUzZ5r2Q6sZgWPPC+uCkIRrhHLIA
vMe8eVTGuKi5LcGb8oNpEfLhE069IFUJdHRD2W3AGTYhoTg3tqmWgirhgTeyoZlN
3TJyu3W7rNCQRyygLCCg59NDJytrImcxChHnxWYGpwDAV8OHYSslvLOlxc8gGHYW
vKnHy9FDWpvRcRQgUgxZT/dAdgZTAvR9JblAktrVh8EgspOlLOrK3bUsUdsfdGAr
T/80OGv9I9C0H84YgmzSPPOMcR5W6IeqK+w07qB8EtNCjrViHir96EvG2Iqa2x3R
ZT/JluqrDYsmKAOSv3fA5WgKm3SjlsTYW8wmxEhJaS+4l1z8Sc/R7Xg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:52:23 2025 by rpki-client