Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/3139352e34322e3131332e302f32342d3234203d3e203438343335.roa
File: 3139352e34322e3131332e302f32342d3234203d3e203438343335.roa (raw, json)
Hash identifier: aYbyRGpjGAy7pzSZSZu9mIeZ8V/FjY5/eUQvPy2nJ/Y=
Subject key identifier: B0:47:BB:D8:D8:AB:C3:51:B2:5E:47:FE:D3:79:C3:F5:84:51:5F:9A
Certificate issuer: /CN=be0bb78869cdb2ad0c971a6a858a30213eaec47d
Certificate serial: 61D43575F6712486A1E2D6E65823428ADF3E457D
Authority key identifier: BE:0B:B7:88:69:CD:B2:AD:0C:97:1A:6A:85:8A:30:21:3E:AE:C4:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vgu3iGnNsq0MlxpqhYowIT6uxH0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/3139352e34322e3131332e302f32342d3234203d3e203438343335.roa
Signing time: Tue 18 Feb 2025 17:34:33 +0000
ROA not before: Tue 18 Feb 2025 17:29:33 +0000
ROA not after: Tue 17 Feb 2026 17:34:33 +0000
asID: 48435
IP address blocks: 195.42.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/BE0BB78869CDB2AD0C971A6A858A30213EAEC47D.crl
rsync://rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/BE0BB78869CDB2AD0C971A6A858A30213EAEC47D.mft
rsync://rpki.ripe.net/repository/DEFAULT/vgu3iGnNsq0MlxpqhYowIT6uxH0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:d4:35:75:f6:71:24:86:a1:e2:d6:e6:58:23:42:8a:df:3e:45:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be0bb78869cdb2ad0c971a6a858a30213eaec47d
Validity
Not Before: Feb 18 17:29:33 2025 GMT
Not After : Feb 17 17:34:33 2026 GMT
Subject: CN=B047BBD8D8ABC351B25E47FED379C3F584515F9A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:53:0a:1c:24:b4:5d:1f:2e:f6:14:c5:18:9f:
16:d7:c2:e8:2d:88:8b:52:31:07:69:f3:45:c5:9d:
52:4d:e4:35:df:9b:c1:68:d4:67:e9:88:37:2e:cd:
40:77:ba:33:9e:ac:63:48:77:83:40:2f:3d:1d:53:
b1:6c:81:20:ec:3b:6f:93:59:00:e5:46:42:f8:19:
2b:27:d2:3a:ee:26:c4:6c:8c:89:4f:b4:e1:a3:59:
65:06:c6:a1:01:d8:09:ed:5d:40:d2:1e:fe:95:4a:
45:1f:6b:2f:d7:70:cc:30:6f:04:cf:7a:b5:9d:d1:
3e:06:8d:0c:65:20:a0:46:36:ff:ef:38:f5:1d:b0:
10:cb:0d:6f:0d:a6:83:17:26:6e:56:12:37:8e:68:
be:4a:21:8a:cc:d1:b4:6c:31:1a:8d:ae:4b:cf:1e:
e1:ed:4d:67:7b:a2:26:ce:9a:f6:fb:1d:dc:8a:01:
8a:c3:89:4f:51:3e:03:2a:7c:1a:37:02:b4:40:51:
fe:7b:34:5c:e4:73:a7:e2:ae:6f:f5:63:ca:63:2b:
20:eb:2d:a2:3d:c9:8a:e5:78:a0:28:cd:b6:d5:3d:
15:c0:23:20:2c:84:1e:5a:52:9b:65:e3:29:f8:cf:
16:79:36:89:bd:85:45:4b:36:86:ab:61:63:8a:ef:
8f:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:47:BB:D8:D8:AB:C3:51:B2:5E:47:FE:D3:79:C3:F5:84:51:5F:9A
X509v3 Authority Key Identifier:
keyid:BE:0B:B7:88:69:CD:B2:AD:0C:97:1A:6A:85:8A:30:21:3E:AE:C4:7D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/BE0BB78869CDB2AD0C971A6A858A30213EAEC47D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vgu3iGnNsq0MlxpqhYowIT6uxH0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/3139352e34322e3131332e302f32342d3234203d3e203438343335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.42.113.0/24
Signature Algorithm: sha256WithRSAEncryption
87:00:c6:a5:dd:95:32:87:5a:60:e6:41:37:bb:37:0f:91:f6:
b1:ca:fa:10:5f:98:11:f9:1b:81:a8:9e:c4:09:d8:6a:06:8d:
f4:00:c9:dd:80:7f:ea:b9:4f:1d:72:fe:59:74:db:8e:86:a2:
21:a9:e1:21:59:91:5c:09:c6:6f:8e:cd:84:9e:cc:92:ad:4d:
9d:9d:a0:2f:6e:cd:66:36:66:d7:db:92:38:ac:f8:fe:72:e7:
f1:19:91:9c:97:99:09:f6:f4:e5:d4:5f:ff:f0:46:ac:9e:5c:
13:f5:28:a0:81:2f:9b:f9:92:47:98:c9:cd:ed:2a:2c:b0:b8:
83:df:66:88:14:53:9f:35:84:df:5f:d0:5a:f4:5e:61:8a:1e:
4d:bf:85:0c:d4:d3:1d:1c:88:07:bf:b9:46:c2:8f:25:f1:b9:
0e:12:01:ba:77:92:ac:ff:3b:6b:91:ab:40:d2:52:ff:a1:92:
18:b8:b9:b3:88:ee:7e:ce:6f:b0:c3:26:36:34:f8:b3:22:c1:
88:ac:34:d0:7a:23:97:4f:8a:cf:be:ec:25:90:8d:ea:70:f8:
d2:e3:4a:c1:5b:47:5f:e4:1a:09:97:45:69:fd:08:2d:54:23:
92:f1:e9:6d:6f:7f:cb:56:d1:93:9e:4b:2a:82:ef:fd:a1:6d:
a7:ce:bb:1c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUYdQ1dfZxJIah4tbmWCNCit8+RX0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYmUwYmI3ODg2OWNkYjJhZDBjOTcxYTZhODU4YTMwMjEz
ZWFlYzQ3ZDAeFw0yNTAyMTgxNzI5MzNaFw0yNjAyMTcxNzM0MzNaMDMxMTAvBgNV
BAMTKEIwNDdCQkQ4RDhBQkMzNTFCMjVFNDdGRUQzNzlDM0Y1ODQ1MTVGOUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCRUwocJLRdHy72FMUYnxbXwugt
iItSMQdp80XFnVJN5DXfm8Fo1GfpiDcuzUB3ujOerGNId4NALz0dU7FsgSDsO2+T
WQDlRkL4GSsn0jruJsRsjIlPtOGjWWUGxqEB2AntXUDSHv6VSkUfay/XcMwwbwTP
erWd0T4GjQxlIKBGNv/vOPUdsBDLDW8NpoMXJm5WEjeOaL5KIYrM0bRsMRqNrkvP
HuHtTWd7oibOmvb7HdyKAYrDiU9RPgMqfBo3ArRAUf57NFzkc6firm/1Y8pjKyDr
LaI9yYrleKAozbbVPRXAIyAshB5aUptl4yn4zxZ5Nom9hUVLNoarYWOK749XAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUsEe72Nirw1GyXkf+03nD9YRRX5owHwYDVR0j
BBgwFoAUvgu3iGnNsq0MlxpqhYowIT6uxH0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWMxNDMzODctZjAxMy00OTIyLTgzOGUtZTE4ODY0YmUx
ZTRhLzAvQkUwQkI3ODg2OUNEQjJBRDBDOTcxQTZBODU4QTMwMjEzRUFFQzQ3RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3ZndTNpR25Oc3EwTWx4cHFoWW93SVQ2
dXhIMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWMxNDMzODct
ZjAxMy00OTIyLTgzOGUtZTE4ODY0YmUxZTRhLzAvMzEzOTM1MmUzNDMyMmUzMTMx
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM4MzQzMzM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wypxMA0GCSqGSIb3DQEBCwUAA4IBAQCHAMal3ZUyh1pg5kE3uzcPkfaxyvoQX5gR
+RuBqJ7ECdhqBo30AMndgH/quU8dcv5ZdNuOhqIhqeEhWZFcCcZvjs2EnsySrU2d
naAvbs1mNmbX25I4rPj+cufxGZGcl5kJ9vTl1F//8EasnlwT9SiggS+b+ZJHmMnN
7SossLiD32aIFFOfNYTfX9Ba9F5hih5Nv4UM1NMdHIgHv7lGwo8l8bkOEgG6d5Ks
/ztrkatA0lL/oZIYuLmziO5+zm+wwyY2NPizIsGIrDTQeiOXT4rPvuwlkI3qcPjS
40rBW0df5BoJl0Vp/QgtVCOS8eltb3/LVtGTnksqgu/9oW2nzrsc
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:43:35 2025 by rpki-client