Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/96573e88-daba-4ac7-a2ed-321c8277d25e/0/39332e39352e3131342e302f32342d3234203d3e2035303635.roa
File: 39332e39352e3131342e302f32342d3234203d3e2035303635.roa (raw, json)
Hash identifier: MF/szlJtg3jR946D7Iy8tt2rHbx2IcEkKMT7PmewPLE=
Subject key identifier: 18:CB:DA:52:D0:2B:43:85:8D:65:F2:93:1C:B2:3F:13:C6:6A:9B:57
Certificate issuer: /CN=b172548fa3c460e26cb519ee524361bca6c7132e
Certificate serial: 34AA419D4D9D86C7282FB28D1879B57897E05E6F
Authority key identifier: B1:72:54:8F:A3:C4:60:E2:6C:B5:19:EE:52:43:61:BC:A6:C7:13:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sXJUj6PEYOJstRnuUkNhvKbHEy4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/96573e88-daba-4ac7-a2ed-321c8277d25e/0/39332e39352e3131342e302f32342d3234203d3e2035303635.roa
Signing time: Sun 09 Mar 2025 12:53:57 +0000
ROA not before: Sun 09 Mar 2025 12:48:57 +0000
ROA not after: Sun 08 Mar 2026 12:53:57 +0000
asID: 5065
IP address blocks: 93.95.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/96573e88-daba-4ac7-a2ed-321c8277d25e/0/B172548FA3C460E26CB519EE524361BCA6C7132E.crl
rsync://rsync.paas.rpki.ripe.net/repository/96573e88-daba-4ac7-a2ed-321c8277d25e/0/B172548FA3C460E26CB519EE524361BCA6C7132E.mft
rsync://rpki.ripe.net/repository/DEFAULT/sXJUj6PEYOJstRnuUkNhvKbHEy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:aa:41:9d:4d:9d:86:c7:28:2f:b2:8d:18:79:b5:78:97:e0:5e:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b172548fa3c460e26cb519ee524361bca6c7132e
Validity
Not Before: Mar 9 12:48:57 2025 GMT
Not After : Mar 8 12:53:57 2026 GMT
Subject: CN=18CBDA52D02B43858D65F2931CB23F13C66A9B57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:cb:52:fb:1e:90:f6:5b:fa:ee:7f:e2:20:f4:
ec:aa:1c:a5:f5:65:e9:be:73:82:16:e9:3e:df:f5:
e8:16:b8:fc:47:27:ed:85:ba:55:16:c5:7b:4e:91:
cd:87:7c:7f:f2:ad:18:57:99:24:4f:ee:11:fc:d1:
3b:f8:c9:89:33:93:4d:a8:ef:20:7e:20:cd:18:25:
cf:79:43:2b:08:d4:35:78:68:49:97:51:d9:86:3b:
9b:d6:45:7e:ca:33:d9:53:d9:1a:2e:7e:5d:d9:77:
da:31:4e:14:72:f1:97:1b:c3:82:dc:2e:c8:3e:aa:
fb:a5:45:40:88:27:5d:bf:0b:0a:c1:7f:f1:04:19:
2b:43:0d:99:b3:af:c8:e1:fe:d6:4c:d1:d3:0a:14:
5f:83:0f:b6:56:0b:5d:de:3b:24:37:bf:f9:c3:cf:
2d:b6:7f:23:d6:b5:a4:3e:fd:aa:d0:99:63:ea:4a:
4d:9a:17:40:e3:79:3b:88:8b:41:3a:b6:ed:02:ac:
8c:fa:81:73:8f:07:bf:97:50:74:b9:86:9e:a3:0d:
6d:d5:a5:57:6c:6c:0c:74:49:a7:c1:de:b1:19:26:
4a:ac:e5:63:52:4c:e7:2d:97:04:95:08:28:69:47:
7c:66:b0:dc:7a:09:b1:40:18:d3:36:4f:d4:f5:ad:
61:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:CB:DA:52:D0:2B:43:85:8D:65:F2:93:1C:B2:3F:13:C6:6A:9B:57
X509v3 Authority Key Identifier:
keyid:B1:72:54:8F:A3:C4:60:E2:6C:B5:19:EE:52:43:61:BC:A6:C7:13:2E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/96573e88-daba-4ac7-a2ed-321c8277d25e/0/B172548FA3C460E26CB519EE524361BCA6C7132E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sXJUj6PEYOJstRnuUkNhvKbHEy4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/96573e88-daba-4ac7-a2ed-321c8277d25e/0/39332e39352e3131342e302f32342d3234203d3e2035303635.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.95.114.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:c5:e2:9d:7b:7f:76:28:a4:6e:0d:1e:6c:06:97:ed:13:fa:
e4:90:ff:99:fb:93:28:0b:32:20:57:42:f5:c4:aa:59:87:0a:
0e:ae:7a:48:20:88:50:70:a9:ee:bc:f8:90:2f:79:4c:46:d2:
38:53:78:d9:53:80:d9:f4:6e:fe:aa:a7:bf:24:a9:97:4c:f9:
00:fd:71:6e:c6:97:f4:78:15:b3:84:37:32:98:9a:a1:df:de:
a3:9b:94:94:ba:0d:79:78:d4:a3:4a:b7:a0:bf:f4:42:fe:52:
df:47:8a:22:b2:41:28:40:a4:05:67:99:29:dc:74:7c:85:b9:
44:81:02:8b:6d:59:93:73:5a:0a:2b:d3:2e:54:f9:08:c4:20:
71:91:e8:25:5c:6c:5e:ed:dd:c0:82:f4:2a:fa:ea:1f:fc:72:
ba:72:ac:d0:cf:02:f7:e0:fa:15:32:dc:89:c2:b7:dc:c2:3f:
d3:be:34:f4:1d:bb:04:6c:2f:d9:01:54:9d:41:58:32:d9:22:
5e:84:c9:ae:d4:13:67:7f:06:ab:34:6d:1f:19:70:99:fa:37:
0b:c8:16:51:65:50:0c:30:98:fa:fb:09:d9:c2:1f:42:4a:d2:
88:aa:23:8f:34:9a:de:75:5d:68:8d:49:84:10:67:90:73:a4:
8b:76:84:15
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUNKpBnU2dhscoL7KNGHm1eJfgXm8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjE3MjU0OGZhM2M0NjBlMjZjYjUxOWVlNTI0MzYxYmNh
NmM3MTMyZTAeFw0yNTAzMDkxMjQ4NTdaFw0yNjAzMDgxMjUzNTdaMDMxMTAvBgNV
BAMTKDE4Q0JEQTUyRDAyQjQzODU4RDY1RjI5MzFDQjIzRjEzQzY2QTlCNTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvy1L7HpD2W/ruf+Ig9OyqHKX1
Zem+c4IW6T7f9egWuPxHJ+2FulUWxXtOkc2HfH/yrRhXmSRP7hH80Tv4yYkzk02o
7yB+IM0YJc95QysI1DV4aEmXUdmGO5vWRX7KM9lT2Roufl3Zd9oxThRy8Zcbw4Lc
Lsg+qvulRUCIJ12/CwrBf/EEGStDDZmzr8jh/tZM0dMKFF+DD7ZWC13eOyQ3v/nD
zy22fyPWtaQ+/arQmWPqSk2aF0DjeTuIi0E6tu0CrIz6gXOPB7+XUHS5hp6jDW3V
pVdsbAx0SafB3rEZJkqs5WNSTOctlwSVCChpR3xmsNx6CbFAGNM2T9T1rWERAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUGMvaUtArQ4WNZfKTHLI/E8Zqm1cwHwYDVR0j
BBgwFoAUsXJUj6PEYOJstRnuUkNhvKbHEy4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTY1NzNlODgtZGFiYS00YWM3LWEyZWQtMzIxYzgyNzdk
MjVlLzAvQjE3MjU0OEZBM0M0NjBFMjZDQjUxOUVFNTI0MzYxQkNBNkM3MTMyRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NYSlVqNlBFWU9Kc3RSbnVVa05odkti
SEV5NC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTY1NzNlODgt
ZGFiYS00YWM3LWEyZWQtMzIxYzgyNzdkMjVlLzAvMzkzMzJlMzkzNTJlMzEzMTM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzMDM2MzUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABdX3Iw
DQYJKoZIhvcNAQELBQADggEBAAzF4p17f3YopG4NHmwGl+0T+uSQ/5n7kygLMiBX
QvXEqlmHCg6uekggiFBwqe68+JAveUxG0jhTeNlTgNn0bv6qp78kqZdM+QD9cW7G
l/R4FbOENzKYmqHf3qOblJS6DXl41KNKt6C/9EL+Ut9HiiKyQShApAVnmSncdHyF
uUSBAottWZNzWgor0y5U+QjEIHGR6CVcbF7t3cCC9Cr66h/8crpyrNDPAvfg+hUy
3InCt9zCP9O+NPQduwRsL9kBVJ1BWDLZIl6Eya7UE2d/Bqs0bR8ZcJn6NwvIFlFl
UAwwmPr7CdnCH0JK0oiqI480mt51XWiNSYQQZ5BzpIt2hBU=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:36:59 2025 by rpki-client