Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS399641.roa
File: AS399641.roa (raw, json)
Hash identifier: pZBd9WrjwFV75ud+rEIcrcUF6FuiFLjY9N8yLvVGqUQ=
Subject key identifier: 25:4F:CF:C8:17:AA:70:37:48:01:CE:12:8D:21:74:8B:BF:39:FE:FA
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 69532BB2231234AC54E5579157B524E2812560E5
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS399641.roa
Signing time: Fri 31 Jan 2025 00:53:52 +0000
ROA not before: Fri 31 Jan 2025 00:48:52 +0000
ROA not after: Fri 30 Jan 2026 00:53:52 +0000
asID: 399641
IP address blocks: 192.166.115.0/24 maxlen: 24
193.176.55.0/24 maxlen: 24
195.20.98.0/24 maxlen: 24
195.206.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 16:49:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:53:2b:b2:23:12:34:ac:54:e5:57:91:57:b5:24:e2:81:25:60:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: Jan 31 00:48:52 2025 GMT
Not After : Jan 30 00:53:52 2026 GMT
Subject: CN=254FCFC817AA70374801CE128D21748BBF39FEFA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f8:ac:a3:8c:f0:a2:23:21:3b:36:fd:ca:b5:
ee:bc:bb:ba:ff:2d:fd:fa:f7:c7:00:5d:e2:e8:db:
bc:4c:9d:dd:34:75:1a:4e:e0:53:3a:e8:f5:df:18:
c1:40:ab:8a:4d:74:b6:9c:1f:8e:59:92:e6:83:21:
d0:08:27:df:56:d8:80:db:26:1f:99:66:53:12:5f:
99:c7:9d:eb:b4:86:e0:b7:36:dc:8c:44:bb:96:a6:
41:98:e0:87:2d:58:c0:52:70:f8:d7:e7:0c:04:ac:
07:13:6a:50:d3:ac:d2:4a:19:88:9f:cd:12:7c:a9:
de:56:85:9f:dd:29:37:cb:5c:47:5e:25:bf:8a:5e:
a8:6a:66:ab:5f:0a:67:17:08:8e:d2:ac:0a:cf:af:
0a:c5:3b:e5:25:a5:4b:35:6d:44:46:56:46:d8:0a:
86:ec:f7:93:51:24:b1:9d:f1:58:94:d5:28:7b:32:
02:2b:2a:cd:9b:45:76:0b:c6:bd:70:09:ad:d7:5e:
0d:22:f4:db:a6:67:fa:99:b5:c1:3b:25:59:fd:3c:
da:92:08:db:0e:a1:61:1a:0b:3a:1e:6e:84:63:82:
d7:70:f9:8d:ad:60:eb:e4:58:ba:13:fa:8a:1d:55:
c6:7b:d0:1f:8c:c0:71:8b:df:91:c7:8c:0c:20:db:
5a:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:4F:CF:C8:17:AA:70:37:48:01:CE:12:8D:21:74:8B:BF:39:FE:FA
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS399641.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.166.115.0/24
193.176.55.0/24
195.20.98.0/24
195.206.231.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:6b:8f:f3:16:4c:31:c9:ad:68:a6:19:f9:57:ed:42:96:f0:
1b:ec:d4:3e:1e:64:8e:a6:44:57:e9:6f:31:5c:34:a4:b2:b0:
f7:ad:42:3e:e3:aa:4c:8d:0e:85:1a:9e:6a:11:ee:a9:54:d0:
91:30:ca:6b:9a:1b:7f:1d:ca:02:f7:dd:e3:b8:64:e8:ea:1d:
c0:ff:3d:fb:b0:bf:40:f1:08:87:84:1b:e2:af:34:55:78:53:
69:5e:ab:b5:0d:d7:7e:b6:0c:7f:ab:6c:6e:62:0d:7b:cb:a3:
95:cb:dd:ba:e2:74:a4:85:6d:88:d5:99:d9:2b:be:ae:e5:9d:
1f:c0:3f:d2:97:06:20:d1:41:24:8e:dd:3c:c8:cf:ca:2a:6d:
50:42:b9:d6:d9:eb:2f:df:70:40:18:45:a9:43:e6:e5:a9:e1:
ef:00:07:4c:3a:bd:c6:fe:22:9f:8e:93:d5:bb:a7:a3:0a:d2:
d9:f2:0c:59:4f:75:a6:1a:49:1e:5b:04:ac:5b:67:17:eb:52:
be:17:db:f1:12:22:fa:04:79:de:81:2f:ba:32:b8:6a:df:e6:
0f:c1:b8:cb:f5:93:d8:17:0f:3c:76:29:6c:9c:82:9d:78:77:
66:3a:2f:36:19:4f:79:4b:e6:0f:14:4a:9d:52:e7:67:a0:95:
db:c1:fe:db
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUaVMrsiMSNKxU5VeRV7Uk4oElYOUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNTAxMzEwMDQ4NTJaFw0yNjAxMzAwMDUzNTJaMDMxMTAvBgNV
BAMTKDI1NEZDRkM4MTdBQTcwMzc0ODAxQ0UxMjhEMjE3NDhCQkYzOUZFRkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1+KyjjPCiIyE7Nv3Kte68u7r/
Lf3698cAXeLo27xMnd00dRpO4FM66PXfGMFAq4pNdLacH45ZkuaDIdAIJ99W2IDb
Jh+ZZlMSX5nHneu0huC3NtyMRLuWpkGY4IctWMBScPjX5wwErAcTalDTrNJKGYif
zRJ8qd5WhZ/dKTfLXEdeJb+KXqhqZqtfCmcXCI7SrArPrwrFO+UlpUs1bURGVkbY
Cobs95NRJLGd8ViU1Sh7MgIrKs2bRXYLxr1wCa3XXg0i9NumZ/qZtcE7JVn9PNqS
CNsOoWEaCzoeboRjgtdw+Y2tYOvkWLoT+oodVcZ70B+MwHGL35HHjAwg21pDAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUJU/PyBeqcDdIAc4SjSF0i785/vowHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMzk5NjQxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwKZz
AwQAwbA3AwQAwxRiAwQAw87nMA0GCSqGSIb3DQEBCwUAA4IBAQAaa4/zFkwxya1o
phn5V+1ClvAb7NQ+HmSOpkRX6W8xXDSksrD3rUI+46pMjQ6FGp5qEe6pVNCRMMpr
mht/HcoC993juGTo6h3A/z37sL9A8QiHhBvirzRVeFNpXqu1Ddd+tgx/q2xuYg17
y6OVy9264nSkhW2I1ZnZK76u5Z0fwD/SlwYg0UEkjt08yM/KKm1QQrnW2esv33BA
GEWpQ+blqeHvAAdMOr3G/iKfjpPVu6ejCtLZ8gxZT3WmGkkeWwSsW2cX61K+F9vx
EiL6BHnegS+6Mrhq3+YPwbjL9ZPYFw88dilsnIKdeHdmOi82GU95S+YPFEqdUudn
oJXbwf7b
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:20:45 2025 by rpki-client