Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3eafc32b-ec03-4319-b1c6-3c1c4727e06f/0/39332e3135372e3134302e302f32342d3234203d3e20323132383535.roa
File: 39332e3135372e3134302e302f32342d3234203d3e20323132383535.roa (raw, json)
Hash identifier: hdp9Cx8dMbvUUOjRrqy1XfSIVtsUnXM8OZnay1usHT4=
Subject key identifier: 13:69:70:80:A1:25:B5:67:94:A4:46:A8:6F:4C:A0:F4:BE:BE:24:87
Certificate issuer: /CN=27851163005f59c06e35a8fd365f96356eb34971
Certificate serial: 48DF46948CF7C7E44FE1ABB8EE8BC14A66EC0B85
Authority key identifier: 27:85:11:63:00:5F:59:C0:6E:35:A8:FD:36:5F:96:35:6E:B3:49:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J4URYwBfWcBuNaj9Nl-WNW6zSXE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3eafc32b-ec03-4319-b1c6-3c1c4727e06f/0/39332e3135372e3134302e302f32342d3234203d3e20323132383535.roa
Signing time: Sun 26 Jan 2025 10:42:07 +0000
ROA not before: Sun 26 Jan 2025 10:37:07 +0000
ROA not after: Sun 25 Jan 2026 10:42:07 +0000
asID: 212855
IP address blocks: 93.157.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/3eafc32b-ec03-4319-b1c6-3c1c4727e06f/0/27851163005F59C06E35A8FD365F96356EB34971.crl
rsync://rsync.paas.rpki.ripe.net/repository/3eafc32b-ec03-4319-b1c6-3c1c4727e06f/0/27851163005F59C06E35A8FD365F96356EB34971.mft
rsync://rpki.ripe.net/repository/DEFAULT/J4URYwBfWcBuNaj9Nl-WNW6zSXE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:df:46:94:8c:f7:c7:e4:4f:e1:ab:b8:ee:8b:c1:4a:66:ec:0b:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27851163005f59c06e35a8fd365f96356eb34971
Validity
Not Before: Jan 26 10:37:07 2025 GMT
Not After : Jan 25 10:42:07 2026 GMT
Subject: CN=13697080A125B56794A446A86F4CA0F4BEBE2487
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b1:83:cf:75:52:bc:a9:61:dd:0f:a5:d2:1c:
2c:a3:f4:ec:b1:9c:e0:66:bd:63:3d:fb:94:b6:7e:
97:b9:25:03:06:94:93:b3:e7:dc:96:c8:ad:3e:36:
a9:2d:b9:c8:53:c0:36:e7:6c:c0:74:a7:74:05:50:
b7:26:6c:f1:21:54:53:59:f1:8e:8e:4b:69:d1:84:
51:9f:8d:70:ce:9b:9c:ac:a4:07:da:41:c8:1a:60:
d9:71:79:73:58:9d:4c:16:b2:c2:03:16:a0:d1:a1:
1c:84:6f:52:a8:07:73:35:9a:32:82:77:14:25:7d:
42:63:d8:4b:23:7b:01:e2:d1:5b:00:81:b1:0c:f7:
04:ae:e1:c3:da:31:42:d2:ad:e8:2b:7a:98:7a:c1:
00:71:bb:69:81:29:92:c3:a0:0b:97:85:81:89:1b:
68:3a:38:67:94:10:07:45:29:1c:c6:60:18:2e:40:
aa:49:1b:48:82:08:2a:61:62:10:32:f5:07:2b:53:
f6:ef:9a:66:a2:71:fe:f2:00:84:80:d1:98:cc:96:
1a:46:b0:a7:be:cd:fb:2f:ad:17:88:fa:dc:33:b0:
44:ca:db:93:8f:0f:7b:b5:32:5f:3b:4e:d2:64:71:
ee:10:a4:1d:31:4c:88:6b:a5:0a:d8:50:03:f1:b8:
5e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:69:70:80:A1:25:B5:67:94:A4:46:A8:6F:4C:A0:F4:BE:BE:24:87
X509v3 Authority Key Identifier:
keyid:27:85:11:63:00:5F:59:C0:6E:35:A8:FD:36:5F:96:35:6E:B3:49:71
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/3eafc32b-ec03-4319-b1c6-3c1c4727e06f/0/27851163005F59C06E35A8FD365F96356EB34971.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J4URYwBfWcBuNaj9Nl-WNW6zSXE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3eafc32b-ec03-4319-b1c6-3c1c4727e06f/0/39332e3135372e3134302e302f32342d3234203d3e20323132383535.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.157.140.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:d4:e8:e4:77:61:58:54:31:4e:e6:2d:de:e0:2b:26:bc:b1:
78:6c:5d:9c:7e:59:04:ea:69:7d:71:61:e2:77:97:da:db:fc:
13:4f:ca:95:75:f1:68:5a:a3:69:5f:e1:e2:0d:f4:5c:cb:ee:
75:8f:fa:2a:2b:f0:fc:fd:43:a6:ce:5f:56:03:af:d2:f7:32:
cd:73:60:f2:90:1d:a6:38:60:45:ab:6d:25:06:07:02:22:b0:
90:96:b8:b0:a1:2d:a7:dc:c5:c0:61:28:38:17:c4:8d:aa:ce:
e3:f1:62:6b:8a:18:65:f6:96:3a:c1:24:f4:3f:f8:73:68:ed:
a0:22:e7:02:33:0d:85:77:5d:80:80:a3:e0:cf:f1:5f:d2:56:
9e:ea:a5:12:be:7c:6d:25:f2:5c:45:e5:2d:99:d3:8a:8e:bb:
e1:fc:c6:83:d5:51:52:c1:ea:59:86:07:52:fa:d0:2d:f9:71:
c4:10:32:a0:ca:b0:89:86:02:03:05:bf:17:2c:36:bb:b2:cf:
bf:c7:38:0f:e8:27:1a:a4:65:b2:e7:d4:58:fa:08:4f:c5:50:
98:d7:b1:be:13:21:06:e0:0f:ab:14:c7:76:f0:02:1b:55:8b:
26:8f:40:16:2f:36:53:31:ad:d6:c8:cc:70:d0:7d:a8:48:4a:
ac:c4:a5:5d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUSN9GlIz3x+RP4au47ovBSmbsC4UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjc4NTExNjMwMDVmNTljMDZlMzVhOGZkMzY1Zjk2MzU2
ZWIzNDk3MTAeFw0yNTAxMjYxMDM3MDdaFw0yNjAxMjUxMDQyMDdaMDMxMTAvBgNV
BAMTKDEzNjk3MDgwQTEyNUI1Njc5NEE0NDZBODZGNENBMEY0QkVCRTI0ODcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQsYPPdVK8qWHdD6XSHCyj9Oyx
nOBmvWM9+5S2fpe5JQMGlJOz59yWyK0+NqktuchTwDbnbMB0p3QFULcmbPEhVFNZ
8Y6OS2nRhFGfjXDOm5yspAfaQcgaYNlxeXNYnUwWssIDFqDRoRyEb1KoB3M1mjKC
dxQlfUJj2EsjewHi0VsAgbEM9wSu4cPaMULSregreph6wQBxu2mBKZLDoAuXhYGJ
G2g6OGeUEAdFKRzGYBguQKpJG0iCCCphYhAy9QcrU/bvmmaicf7yAISA0ZjMlhpG
sKe+zfsvrReI+twzsETK25OPD3u1Ml87TtJkce4QpB0xTIhrpQrYUAPxuF6NAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUE2lwgKEltWeUpEaob0yg9L6+JIcwHwYDVR0j
BBgwFoAUJ4URYwBfWcBuNaj9Nl+WNW6zSXEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvM2VhZmMzMmItZWMwMy00MzE5LWIxYzYtM2MxYzQ3Mjdl
MDZmLzAvMjc4NTExNjMwMDVGNTlDMDZFMzVBOEZEMzY1Rjk2MzU2RUIzNDk3MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0o0VVJZd0JmV2NCdU5hajlObC1XTlc2
elNYRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvM2VhZmMzMmIt
ZWMwMy00MzE5LWIxYzYtM2MxYzQ3MjdlMDZmLzAvMzkzMzJlMzEzNTM3MmUzMTM0
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzODM1MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABdnYwwDQYJKoZIhvcNAQELBQADggEBAFvU6OR3YVhUMU7mLd7gKya8sXhsXZx+
WQTqaX1xYeJ3l9rb/BNPypV18Whao2lf4eIN9FzL7nWP+ior8Pz9Q6bOX1YDr9L3
Ms1zYPKQHaY4YEWrbSUGBwIisJCWuLChLafcxcBhKDgXxI2qzuPxYmuKGGX2ljrB
JPQ/+HNo7aAi5wIzDYV3XYCAo+DP8V/SVp7qpRK+fG0l8lxF5S2Z04qOu+H8xoPV
UVLB6lmGB1L60C35ccQQMqDKsImGAgMFvxcsNruyz7/HOA/oJxqkZbLn1Fj6CE/F
UJjXsb4TIQbgD6sUx3bwAhtViyaPQBYvNlMxrdbIzHDQfahISqzEpV0=
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:02:14 2025 by rpki-client