Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/39312e3233322e39392e302f32342d3234203d3e20313937353337.roa
File: 39312e3233322e39392e302f32342d3234203d3e20313937353337.roa (raw, json)
Hash identifier: G+mgzv7tRhUfmSaRumVwyhbJ8nNvEA0s859L61Ejv18=
Subject key identifier: A5:93:E9:F0:50:78:09:D3:D7:5B:33:83:B1:F6:33:C0:18:26:A4:8C
Certificate issuer: /CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Certificate serial: 0B3EDF508C3CEE10E18A3B0403C1C1625C9D6822
Authority key identifier: E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/39312e3233322e39392e302f32342d3234203d3e20313937353337.roa
Signing time: Fri 23 May 2025 12:37:23 +0000
ROA not before: Fri 23 May 2025 12:32:23 +0000
ROA not after: Fri 22 May 2026 12:37:23 +0000
asID: 197537
IP address blocks: 91.232.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.mft
rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:3e:df:50:8c:3c:ee:10:e1:8a:3b:04:03:c1:c1:62:5c:9d:68:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Validity
Not Before: May 23 12:32:23 2025 GMT
Not After : May 22 12:37:23 2026 GMT
Subject: CN=A593E9F0507809D3D75B3383B1F633C01826A48C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:0c:8a:d7:f6:03:02:36:0f:8d:ed:3f:4b:fc:
ac:5a:8f:91:97:8c:ca:d6:05:c8:82:0e:ad:be:62:
90:ca:6a:19:00:44:88:32:49:87:2f:44:85:e1:52:
a8:35:17:1a:f3:37:da:68:17:4b:b6:33:fd:bf:c5:
2c:a6:29:0e:26:f1:e1:3f:42:de:91:99:07:fd:8e:
dc:2d:eb:bd:4f:b8:36:89:e2:5c:08:45:23:58:57:
fb:f3:d4:eb:d3:43:33:68:40:b2:ba:53:bb:db:e1:
f3:fa:24:ce:6a:2d:b4:80:1a:a9:d3:32:2c:37:55:
94:84:68:8f:2e:10:83:6c:ec:72:f1:2d:fb:f5:3d:
6f:b2:d2:cb:89:9d:96:5b:74:4a:a0:00:fa:22:bb:
17:e3:5c:44:49:95:3b:23:bf:fc:d6:04:75:67:55:
23:df:5f:a3:86:ff:57:20:97:4c:26:f3:44:ce:9c:
c4:7f:21:1d:3d:f6:6f:b2:4a:64:5b:34:ff:c6:48:
54:1d:13:3a:02:6e:28:0f:e3:97:2c:4b:b0:5b:d5:
a7:f5:6e:25:9e:10:a9:3d:92:f0:ca:da:23:03:27:
4b:9f:d4:80:eb:cf:10:06:68:2e:f7:27:29:4f:ee:
4d:c8:73:d9:a5:9a:17:d3:28:b9:9a:55:24:b7:c7:
55:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:93:E9:F0:50:78:09:D3:D7:5B:33:83:B1:F6:33:C0:18:26:A4:8C
X509v3 Authority Key Identifier:
keyid:E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/39312e3233322e39392e302f32342d3234203d3e20313937353337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.99.0/24
Signature Algorithm: sha256WithRSAEncryption
26:37:27:8a:bd:95:1e:05:b2:72:51:f4:20:67:c2:e5:29:01:
a1:fe:c8:f3:f6:05:ed:65:76:0a:74:00:ea:85:bb:00:a8:5e:
98:72:16:fe:8b:38:32:11:04:67:11:0e:b1:0a:53:8f:73:b6:
6b:f4:89:f1:94:35:d2:d0:20:de:35:bd:ec:ee:63:45:50:1c:
3c:77:51:4c:12:a5:33:fd:88:9e:51:ce:1f:9b:cf:78:53:ca:
79:3e:fd:a4:8f:5c:11:65:51:da:e4:b6:17:e6:a2:20:3e:26:
ac:23:dd:99:93:4c:83:fe:da:a7:eb:44:f6:c3:c8:02:bc:fc:
12:df:e8:ad:0a:02:88:e8:ef:9a:f2:a7:24:bf:03:86:85:f2:
9e:47:7d:e3:d0:45:38:65:47:68:fd:ab:50:a3:89:2b:f6:89:
d0:0e:87:7c:dc:d5:b9:b4:e1:57:31:fb:0b:c1:66:eb:6c:1b:
08:5f:70:b3:bf:31:66:dc:4e:15:3f:9a:be:e5:a1:de:d5:5b:
96:04:c1:91:7b:17:92:c4:00:b7:ad:0a:bd:58:e4:dc:63:6c:
35:b0:43:32:5c:4c:cf:ec:e7:7e:3f:17:10:bb:94:18:a0:a7:
63:23:d7:0a:79:85:eb:30:c0:ca:8f:f2:c8:d0:97:b2:c7:8f:
01:b1:b8:80
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUCz7fUIw87hDhijsEA8HBYlydaCIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTFmMzUxMmY1MWRjNDJiYjllYjEyYWJjMGJiNTI5NjY4
YjJlZGVlNDAeFw0yNTA1MjMxMjMyMjNaFw0yNjA1MjIxMjM3MjNaMDMxMTAvBgNV
BAMTKEE1OTNFOUYwNTA3ODA5RDNENzVCMzM4M0IxRjYzM0MwMTgyNkE0OEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMDIrX9gMCNg+N7T9L/Kxaj5GX
jMrWBciCDq2+YpDKahkARIgySYcvRIXhUqg1FxrzN9poF0u2M/2/xSymKQ4m8eE/
Qt6RmQf9jtwt671PuDaJ4lwIRSNYV/vz1OvTQzNoQLK6U7vb4fP6JM5qLbSAGqnT
Miw3VZSEaI8uEINs7HLxLfv1PW+y0suJnZZbdEqgAPoiuxfjXERJlTsjv/zWBHVn
VSPfX6OG/1cgl0wm80TOnMR/IR099m+ySmRbNP/GSFQdEzoCbigP45csS7Bb1af1
biWeEKk9kvDK2iMDJ0uf1IDrzxAGaC73JylP7k3Ic9mlmhfTKLmaVSS3x1UBAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUpZPp8FB4CdPXWzODsfYzwBgmpIwwHwYDVR0j
BBgwFoAU4fNRL1HcQruesSq8C7UpZosu3uQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgtZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3
OWE3LzAvRTFGMzUxMkY1MURDNDJCQjlFQjEyQUJDMEJCNTI5NjY4QjJFREVFNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRmTlJMMUhjUXJ1ZXNTcThDN1VwWm9z
dTN1US5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgt
ZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3OWE3LzAvMzkzMTJlMzIzMzMyMmUzOTM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzOTM3MzUzMzM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
W+hjMA0GCSqGSIb3DQEBCwUAA4IBAQAmNyeKvZUeBbJyUfQgZ8LlKQGh/sjz9gXt
ZXYKdADqhbsAqF6Ychb+izgyEQRnEQ6xClOPc7Zr9InxlDXS0CDeNb3s7mNFUBw8
d1FMEqUz/YieUc4fm894U8p5Pv2kj1wRZVHa5LYX5qIgPiasI92Zk0yD/tqn60T2
w8gCvPwS3+itCgKI6O+a8qckvwOGhfKeR33j0EU4ZUdo/atQo4kr9onQDod83NW5
tOFXMfsLwWbrbBsIX3CzvzFm3E4VP5q+5aHe1VuWBMGRexeSxAC3rQq9WOTcY2w1
sEMyXEzP7Od+PxcQu5QYoKdjI9cKeYXrMMDKj/LI0Jeyx48BsbiA
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:15:56 2025 by rpki-client