Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/39312e3230392e34302e302f32342d3234203d3e2034353135.roa
File: 39312e3230392e34302e302f32342d3234203d3e2034353135.roa (raw, json)
Hash identifier: CC7fp5nOaibQP3hFHxX7FW2H/9NjDOElJ2PAdK2zC6Y=
Subject key identifier: B1:DF:85:93:24:26:72:BE:54:55:46:F9:8F:24:5C:48:F6:99:33:F0
Certificate issuer: /CN=e205ebf065fc4929f1802662ae62d7f9762600e6
Certificate serial: 64B67F54E40DF22447C88090E894235C309016B7
Authority key identifier: E2:05:EB:F0:65:FC:49:29:F1:80:26:62:AE:62:D7:F9:76:26:00:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/39312e3230392e34302e302f32342d3234203d3e2034353135.roa
Signing time: Fri 07 Mar 2025 09:39:45 +0000
ROA not before: Fri 07 Mar 2025 09:34:45 +0000
ROA not after: Fri 06 Mar 2026 09:39:45 +0000
asID: 4515
IP address blocks: 91.209.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.crl
rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.mft
rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:b6:7f:54:e4:0d:f2:24:47:c8:80:90:e8:94:23:5c:30:90:16:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e205ebf065fc4929f1802662ae62d7f9762600e6
Validity
Not Before: Mar 7 09:34:45 2025 GMT
Not After : Mar 6 09:39:45 2026 GMT
Subject: CN=B1DF8593242672BE545546F98F245C48F69933F0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a0:16:fe:60:6c:25:f4:f0:bb:d0:ff:a1:b3:
75:b4:f9:67:be:04:4d:67:51:bb:49:1a:dc:56:fa:
de:54:0c:23:81:82:15:07:73:1e:68:5a:33:8b:c7:
f5:97:45:71:b2:b6:07:44:c1:a4:2e:ab:d3:4a:76:
19:53:06:28:23:4b:4e:a3:51:85:af:be:a1:e4:96:
d6:2d:56:d7:01:51:92:87:ac:a4:16:76:98:e9:5b:
01:88:13:51:e1:cb:47:d9:10:7c:bf:16:6f:1b:d5:
01:98:60:64:1a:4e:b7:0d:67:1b:82:f0:9b:d3:5f:
4a:28:19:67:c9:61:b9:99:c3:8d:9a:88:8f:6b:fe:
ed:85:cc:8c:68:d9:6d:77:33:81:55:76:1a:f3:ac:
7a:16:2c:b1:c7:fc:52:0d:01:fa:c3:2e:83:0b:03:
25:b3:ba:80:e1:5a:f9:db:2c:e4:28:af:8f:12:5c:
37:25:59:56:59:02:55:49:f7:16:74:3d:b7:5b:56:
91:8f:42:a6:69:16:06:b6:ee:29:33:e5:fc:a1:58:
71:45:46:99:6f:cc:ca:da:b0:bd:05:86:2f:e7:b5:
9f:69:3b:b0:1c:45:6d:29:be:d5:f9:a7:55:1b:1c:
58:55:76:90:cc:eb:d6:cd:12:9c:59:65:0b:d7:4f:
ff:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:DF:85:93:24:26:72:BE:54:55:46:F9:8F:24:5C:48:F6:99:33:F0
X509v3 Authority Key Identifier:
keyid:E2:05:EB:F0:65:FC:49:29:F1:80:26:62:AE:62:D7:F9:76:26:00:E6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/E205EBF065FC4929F1802662AE62D7F9762600E6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4gXr8GX8SSnxgCZirmLX-XYmAOY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf0be3e1-854e-4662-92e8-028950ff57fe/0/39312e3230392e34302e302f32342d3234203d3e2034353135.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.40.0/24
Signature Algorithm: sha256WithRSAEncryption
06:69:f2:71:e1:22:e9:0e:21:58:67:4b:a8:63:7a:90:2f:5f:
bb:04:f1:6c:49:cf:fa:ef:2f:ae:58:34:b5:c6:05:51:ca:bb:
a9:79:17:56:d9:28:0d:36:87:41:d4:1e:b1:92:18:c4:5a:4a:
c9:14:0a:65:20:f1:06:2f:79:e8:c0:64:0f:70:7a:3e:3b:82:
b5:d9:d9:ac:52:f6:3f:53:02:60:70:ff:da:09:9b:25:13:97:
93:65:bb:77:2b:16:3e:dd:39:0f:1a:3c:67:2b:31:4d:10:45:
5b:4e:41:53:78:15:6c:f8:aa:69:43:9a:16:9b:d7:5a:f1:7c:
0d:63:45:1f:94:97:59:43:fd:1f:d0:85:d3:3a:e6:fc:cb:c4:
76:36:67:47:9c:02:e7:c4:83:ff:07:54:fe:1c:25:0b:4f:57:
08:0b:cd:ad:65:6f:87:7c:ef:22:8f:8e:f5:48:41:ab:62:39:
d8:07:17:ca:34:aa:14:40:8e:4c:45:53:4c:46:53:81:6d:9c:
18:80:11:ef:eb:e1:f9:ed:74:06:82:1e:0e:e8:47:a7:67:39:
bc:ee:b3:22:0d:15:3c:23:f5:3b:de:1d:85:5a:88:76:ad:d8:
55:40:20:12:b3:db:11:23:23:1e:0f:91:f8:2d:1a:46:b5:a6:
07:ea:ed:43
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUZLZ/VOQN8iRHyICQ6JQjXDCQFrcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTIwNWViZjA2NWZjNDkyOWYxODAyNjYyYWU2MmQ3Zjk3
NjI2MDBlNjAeFw0yNTAzMDcwOTM0NDVaFw0yNjAzMDYwOTM5NDVaMDMxMTAvBgNV
BAMTKEIxREY4NTkzMjQyNjcyQkU1NDU1NDZGOThGMjQ1QzQ4RjY5OTMzRjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQoBb+YGwl9PC70P+hs3W0+We+
BE1nUbtJGtxW+t5UDCOBghUHcx5oWjOLx/WXRXGytgdEwaQuq9NKdhlTBigjS06j
UYWvvqHkltYtVtcBUZKHrKQWdpjpWwGIE1Hhy0fZEHy/Fm8b1QGYYGQaTrcNZxuC
8JvTX0ooGWfJYbmZw42aiI9r/u2FzIxo2W13M4FVdhrzrHoWLLHH/FINAfrDLoML
AyWzuoDhWvnbLOQor48SXDclWVZZAlVJ9xZ0PbdbVpGPQqZpFga27ikz5fyhWHFF
RplvzMrasL0Fhi/ntZ9pO7AcRW0pvtX5p1UbHFhVdpDM69bNEpxZZQvXT/+TAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUsd+FkyQmcr5UVUb5jyRcSPaZM/AwHwYDVR0j
BBgwFoAU4gXr8GX8SSnxgCZirmLX+XYmAOYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmYwYmUzZTEtODU0ZS00NjYyLTkyZTgtMDI4OTUwZmY1
N2ZlLzAvRTIwNUVCRjA2NUZDNDkyOUYxODAyNjYyQUU2MkQ3Rjk3NjI2MDBFNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRnWHI4R1g4U1NueGdDWmlybUxYLVhZ
bUFPWS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmYwYmUzZTEt
ODU0ZS00NjYyLTkyZTgtMDI4OTUwZmY1N2ZlLzAvMzkzMTJlMzIzMDM5MmUzNDMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzNTMxMzUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABb0Sgw
DQYJKoZIhvcNAQELBQADggEBAAZp8nHhIukOIVhnS6hjepAvX7sE8WxJz/rvL65Y
NLXGBVHKu6l5F1bZKA02h0HUHrGSGMRaSskUCmUg8QYveejAZA9wej47grXZ2axS
9j9TAmBw/9oJmyUTl5Nlu3crFj7dOQ8aPGcrMU0QRVtOQVN4FWz4qmlDmhab11rx
fA1jRR+Ul1lD/R/QhdM65vzLxHY2Z0ecAufEg/8HVP4cJQtPVwgLza1lb4d87yKP
jvVIQatiOdgHF8o0qhRAjkxFU0xGU4FtnBiAEe/r4fntdAaCHg7oR6dnObzusyIN
FTwj9TveHYVaiHat2FVAIBKz2xEjIx4PkfgtGka1pgfq7UM=
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:59:45 2025 by rpki-client