Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39342e3132352e3132382e302f32312d3231203d3e203432363839.roa
File: 39342e3132352e3132382e302f32312d3231203d3e203432363839.roa (raw, json)
Hash identifier: AKTbyD2C42V1ffoC+Db0+XQFysmQ8BDr7e17jexJRWs=
Subject key identifier: 07:68:7E:81:FA:54:83:B1:BE:75:4F:84:D4:E0:FF:A0:54:5E:B5:D7
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 5A23190D2CD51EF706E74D1CF3BE81BC4865578F
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39342e3132352e3132382e302f32312d3231203d3e203432363839.roa
Signing time: Tue 18 Feb 2025 10:21:31 +0000
ROA not before: Tue 18 Feb 2025 10:16:31 +0000
ROA not after: Tue 17 Feb 2026 10:21:31 +0000
asID: 42689
IP address blocks: 94.125.128.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 11:25:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:23:19:0d:2c:d5:1e:f7:06:e7:4d:1c:f3:be:81:bc:48:65:57:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Feb 18 10:16:31 2025 GMT
Not After : Feb 17 10:21:31 2026 GMT
Subject: CN=07687E81FA5483B1BE754F84D4E0FFA0545EB5D7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:c7:d7:18:78:5b:45:df:4d:0c:e6:91:1c:ac:
fa:6d:ce:fe:ee:df:7b:06:9c:62:de:b3:73:22:91:
24:3e:01:70:bf:7f:78:39:74:27:42:ec:eb:42:71:
b5:d9:d1:70:e5:ed:8a:8e:50:b1:73:40:cb:c3:75:
1f:76:9c:e8:fd:6c:3b:5d:cd:92:bf:28:d8:b2:7b:
58:13:a0:0b:f8:91:0f:36:bb:e0:a3:d7:0e:bf:49:
32:60:d5:6c:ad:3c:1f:c7:ac:02:8f:a9:d6:04:8d:
2c:f5:60:af:a5:59:3c:b9:40:66:e5:2b:53:be:09:
c4:f1:71:47:8c:c7:40:5f:5e:42:3a:49:30:6b:db:
2e:46:bb:7a:39:fd:99:44:5f:dc:ca:c4:cf:11:17:
4d:60:eb:72:be:24:8e:e8:09:1a:34:73:d8:fc:62:
84:b5:fb:00:bf:1f:4e:85:db:5f:90:19:bb:64:a1:
ad:00:e3:8d:40:f7:de:b6:2d:2f:11:c3:45:09:ef:
30:1c:f9:44:58:04:b3:20:cb:fe:82:96:4b:4a:9b:
48:5e:9f:ad:d8:43:3f:9e:50:f7:ac:df:2b:1b:6b:
0f:a4:45:31:9d:38:ce:e1:d4:86:51:da:b2:8d:f6:
57:6c:b7:67:ff:8c:13:6e:11:66:9b:d2:12:4e:a2:
63:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:68:7E:81:FA:54:83:B1:BE:75:4F:84:D4:E0:FF:A0:54:5E:B5:D7
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/39342e3132352e3132382e302f32312d3231203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.125.128.0/21
Signature Algorithm: sha256WithRSAEncryption
4f:7e:dc:e9:5d:a0:59:22:32:58:f1:ae:db:dd:ef:f0:a4:91:
3a:fa:16:20:1f:fb:92:4b:17:4a:94:02:c6:6a:f1:2b:49:68:
f7:17:00:56:9d:f0:3f:2e:9a:10:1d:0d:58:ca:60:6a:c3:71:
f9:99:86:30:c4:97:3b:8c:45:34:3d:b3:2d:11:7e:38:67:e7:
4c:97:11:f5:75:76:ad:15:22:1a:bc:72:b6:c2:3e:e8:31:52:
9f:8b:7b:33:d9:2e:f3:10:20:37:d4:78:5e:d3:3e:f4:a1:47:
3e:fe:ac:b1:31:2e:ad:1e:6d:4c:82:20:c3:36:55:37:21:42:
74:65:85:4a:07:58:84:56:ac:85:a7:eb:d5:1a:e3:25:23:5a:
f6:5a:9b:2b:fb:5f:a5:f8:e2:b7:46:2b:b1:32:bb:f6:ba:f5:
e1:0c:f6:b7:aa:56:bf:3b:99:1b:1c:47:c3:89:ff:8e:33:dd:
8a:9a:64:fd:be:0c:f7:65:0e:08:55:e7:83:ae:dc:31:5d:fe:
48:87:50:14:65:f3:2c:c6:95:55:41:3a:9f:f3:b5:0d:06:8c:
b7:ff:97:f0:de:ad:f9:b8:57:65:e1:68:f1:09:70:28:02:25:
95:6c:ce:90:ad:bd:a0:83:a1:10:d9:45:50:88:e9:84:49:0c:
bd:c8:15:1a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUWiMZDSzVHvcG500c876BvEhlV48wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNTAyMTgxMDE2MzFaFw0yNjAyMTcxMDIxMzFaMDMxMTAvBgNV
BAMTKDA3Njg3RTgxRkE1NDgzQjFCRTc1NEY4NEQ0RTBGRkEwNTQ1RUI1RDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVx9cYeFtF300M5pEcrPptzv7u
33sGnGLes3MikSQ+AXC/f3g5dCdC7OtCcbXZ0XDl7YqOULFzQMvDdR92nOj9bDtd
zZK/KNiye1gToAv4kQ82u+Cj1w6/STJg1WytPB/HrAKPqdYEjSz1YK+lWTy5QGbl
K1O+CcTxcUeMx0BfXkI6STBr2y5Gu3o5/ZlEX9zKxM8RF01g63K+JI7oCRo0c9j8
YoS1+wC/H06F21+QGbtkoa0A441A9962LS8Rw0UJ7zAc+URYBLMgy/6ClktKm0he
n63YQz+eUPes3ysbaw+kRTGdOM7h1IZR2rKN9ldst2f/jBNuEWab0hJOomORAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUB2h+gfpUg7G+dU+E1OD/oFRetdcwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzkzNDJlMzEzMjM1MmUzMTMy
MzgyZTMwMmYzMjMxMmQzMjMxMjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
Xn2AMA0GCSqGSIb3DQEBCwUAA4IBAQBPftzpXaBZIjJY8a7b3e/wpJE6+hYgH/uS
SxdKlALGavErSWj3FwBWnfA/LpoQHQ1YymBqw3H5mYYwxJc7jEU0PbMtEX44Z+dM
lxH1dXatFSIavHK2wj7oMVKfi3sz2S7zECA31Hhe0z70oUc+/qyxMS6tHm1MgiDD
NlU3IUJ0ZYVKB1iEVqyFp+vVGuMlI1r2Wpsr+1+l+OK3RiuxMrv2uvXhDPa3qla/
O5kbHEfDif+OM92KmmT9vgz3ZQ4IVeeDrtwxXf5Ih1AUZfMsxpVVQTqf87UNBoy3
/5fw3q35uFdl4WjxCXAoAiWVbM6Qrb2gg6EQ2UVQiOmESQy9yBUa
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:35:38 2025 by rpki-client