Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139332e302f32342d3234203d3e20323132323338.roa
File: 3139332e3130392e3139332e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: TaomOpEJVLmWQ3o0BqphoePUXuRH+R0mm9uBTaye7z8=
Subject key identifier: F9:1E:97:BE:6B:3C:05:1C:8C:93:5B:7F:D3:97:E7:5A:D1:DA:99:C9
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 1E2F50E7C4478BEE67EB0EDB107FD86F424359E5
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139332e302f32342d3234203d3e20323132323338.roa
Signing time: Wed 21 May 2025 07:59:19 +0000
ROA not before: Wed 21 May 2025 07:54:19 +0000
ROA not after: Wed 20 May 2026 07:59:19 +0000
asID: 212238
IP address blocks: 193.109.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:2f:50:e7:c4:47:8b:ee:67:eb:0e:db:10:7f:d8:6f:42:43:59:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: May 21 07:54:19 2025 GMT
Not After : May 20 07:59:19 2026 GMT
Subject: CN=F91E97BE6B3C051C8C935B7FD397E75AD1DA99C9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:dc:0b:00:10:d6:6f:43:9b:c1:07:a2:24:ac:
c3:e9:eb:12:8e:09:e2:c9:b9:f6:6c:d3:71:03:57:
23:6d:50:81:33:e0:89:13:13:a1:f0:c6:fb:fb:06:
8a:ba:c3:ca:69:4e:f9:0e:74:03:be:f1:b4:d9:b3:
10:5d:8d:ca:4d:ec:92:78:33:9e:24:1a:57:95:1d:
72:49:09:9f:08:96:cd:55:39:14:9b:1b:2e:19:10:
76:4f:43:3a:b5:bf:cb:a5:49:d4:49:00:b3:1e:c3:
79:14:5a:b2:d2:83:54:84:d6:b8:43:d7:eb:7c:86:
32:35:3e:55:58:f3:5c:d8:97:3a:9d:23:ed:c6:b0:
86:7c:bc:bd:86:d3:e4:88:6a:92:30:c8:58:2f:b7:
1e:74:07:da:90:5b:27:e0:d3:2d:f6:d3:f5:db:f3:
85:10:81:8b:70:c1:5c:7e:81:92:b2:21:c3:80:48:
00:e8:43:34:3e:ff:07:fe:70:ce:b4:7b:09:a3:d7:
ce:91:fe:6a:8c:77:07:49:37:8a:4e:9a:2b:98:17:
58:e2:04:dd:b5:e5:a1:e6:f3:6a:22:93:1d:6a:9f:
bb:09:9c:31:9b:15:c1:04:28:b2:3d:d4:7c:57:ae:
61:73:56:9c:64:25:d2:70:82:ff:43:9c:84:c6:ed:
a6:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:1E:97:BE:6B:3C:05:1C:8C:93:5B:7F:D3:97:E7:5A:D1:DA:99:C9
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139332e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.193.0/24
Signature Algorithm: sha256WithRSAEncryption
93:f3:9b:a4:5a:74:46:96:9b:d2:1a:76:c6:6e:2e:4d:64:3c:
43:c8:53:13:40:41:b4:6f:cb:4c:7d:57:c2:d0:99:df:18:5b:
f0:db:20:1b:ac:90:31:54:47:81:bb:42:84:21:47:dc:03:49:
3a:72:94:64:de:1c:de:05:ec:ee:91:f2:1a:06:66:16:62:28:
46:2e:b7:3c:d4:ab:d7:b4:0f:e6:01:8e:55:4b:1f:3f:65:1e:
71:73:23:3e:ce:36:ce:e2:a9:80:c6:bc:e6:d6:9a:2c:84:53:
6d:eb:b7:1b:c4:73:54:5f:9a:5a:7b:51:57:62:ff:ab:66:b1:
ba:70:b9:48:15:a6:41:16:9f:7a:d3:4f:c6:53:75:31:bc:4f:
99:c9:4c:59:d8:e4:b5:34:9c:af:13:c2:45:58:50:68:eb:4f:
e9:d9:1e:40:7d:1b:d7:58:8d:e1:bd:56:f6:0a:d5:8d:83:44:
12:c6:f3:74:f9:5e:c2:aa:2d:ca:55:6b:1d:d3:5e:b1:d0:e4:
46:c2:40:42:31:4a:03:c1:32:34:d4:a2:fb:3f:36:e9:e9:b2:
31:12:aa:6b:f3:08:37:2d:0c:60:9a:97:3f:fc:b3:b0:3c:4a:
ce:6e:52:fe:36:02:86:78:86:87:5d:86:43:1e:d4:fd:0f:a4:
16:14:ab:aa
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUHi9Q58RHi+5n6w7bEH/Yb0JDWeUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTA1MjEwNzU0MTlaFw0yNjA1MjAwNzU5MTlaMDMxMTAvBgNV
BAMTKEY5MUU5N0JFNkIzQzA1MUM4QzkzNUI3RkQzOTdFNzVBRDFEQTk5QzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCK3AsAENZvQ5vBB6IkrMPp6xKO
CeLJufZs03EDVyNtUIEz4IkTE6Hwxvv7Boq6w8ppTvkOdAO+8bTZsxBdjcpN7JJ4
M54kGleVHXJJCZ8Ils1VORSbGy4ZEHZPQzq1v8ulSdRJALMew3kUWrLSg1SE1rhD
1+t8hjI1PlVY81zYlzqdI+3GsIZ8vL2G0+SIapIwyFgvtx50B9qQWyfg0y320/Xb
84UQgYtwwVx+gZKyIcOASADoQzQ+/wf+cM60ewmj186R/mqMdwdJN4pOmiuYF1ji
BN215aHm82oikx1qn7sJnDGbFcEEKLI91HxXrmFzVpxkJdJwgv9DnITG7aYnAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU+R6Xvms8BRyMk1t/05fnWtHamckwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzOTMzMmUzMTMwMzkyZTMx
MzkzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMyMzMzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMFtwTANBgkqhkiG9w0BAQsFAAOCAQEAk/ObpFp0Rpab0hp2xm4uTWQ8Q8hT
E0BBtG/LTH1XwtCZ3xhb8NsgG6yQMVRHgbtChCFH3ANJOnKUZN4c3gXs7pHyGgZm
FmIoRi63PNSr17QP5gGOVUsfP2UecXMjPs42zuKpgMa85taaLIRTbeu3G8RzVF+a
WntRV2L/q2axunC5SBWmQRafetNPxlN1MbxPmclMWdjktTScrxPCRVhQaOtP6dke
QH0b11iN4b1W9grVjYNEEsbzdPlewqotylVrHdNesdDkRsJAQjFKA8EyNNSi+z82
6emyMRKqa/MINy0MYJqXP/yzsDxKzm5S/jYChniGh12GQx7U/Q+kFhSrqg==
-----END CERTIFICATE-----
Generated at Thu Jun 5 07:22:09 2025 by rpki-client