Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136312e302f32342d3234203d3e203331313033.roa
File: 39352e3136392e3136312e302f32342d3234203d3e203331313033.roa (raw, json)
Hash identifier: rRQabZUtw+9d+Hzia7uZvMYxU4nKdcUZLHQ401GlyDU=
Subject key identifier: D1:FD:6C:6A:E6:3F:61:99:82:A0:2B:FF:21:0E:F3:27:C6:5F:0A:7F
Certificate issuer: /CN=9e576996388e94b8c7ab20effb23bd11becb4108
Certificate serial: 16B78D4307FD1F37E709384D21BE2D4D94BA7D36
Authority key identifier: 9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136312e302f32342d3234203d3e203331313033.roa
Signing time: Fri 02 May 2025 09:54:04 +0000
ROA not before: Fri 02 May 2025 09:49:04 +0000
ROA not after: Fri 01 May 2026 09:54:04 +0000
asID: 31103
IP address blocks: 95.169.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.mft
rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 22:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:b7:8d:43:07:fd:1f:37:e7:09:38:4d:21:be:2d:4d:94:ba:7d:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e576996388e94b8c7ab20effb23bd11becb4108
Validity
Not Before: May 2 09:49:04 2025 GMT
Not After : May 1 09:54:04 2026 GMT
Subject: CN=D1FD6C6AE63F619982A02BFF210EF327C65F0A7F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:95:54:d9:1c:e9:ac:56:07:15:ed:bd:04:fd:
25:90:d6:33:87:0a:a4:cd:59:61:60:7a:23:4c:df:
62:08:3f:ce:fa:43:54:f8:8f:0c:f3:d0:fc:b0:36:
10:e3:83:6b:b7:9c:29:59:de:7c:76:2f:c5:89:24:
ca:22:cd:0a:1e:0d:da:03:8d:fd:ef:db:d9:8a:4d:
1d:d7:f1:57:3e:7d:fb:e8:9d:64:f1:51:f0:3b:bd:
34:45:de:66:03:82:10:05:97:56:41:39:30:10:e4:
8d:80:52:e7:dd:c4:74:21:82:4c:dc:c1:bc:3d:47:
2d:df:18:e0:f1:1b:ea:83:95:e3:85:a2:aa:da:0f:
24:e3:4d:b8:30:78:ff:98:ce:e6:06:c9:ec:ca:b4:
fe:1e:57:84:5d:c6:b9:9c:f9:ca:f0:ff:80:26:a7:
bf:fe:41:9e:eb:e0:00:a1:05:66:d9:2c:39:a8:b2:
cc:37:63:7c:64:3c:92:72:80:26:65:b0:eb:30:85:
c5:d1:32:ab:75:a6:40:7e:35:52:e8:fd:53:f3:98:
c1:89:5d:01:3d:02:ef:67:e3:68:7c:a8:02:0c:49:
1a:bf:52:84:bb:6f:ec:5e:a6:c5:31:ad:fc:cc:bb:
87:fd:eb:de:d8:dd:50:9d:8a:d0:de:55:65:cd:a2:
32:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:FD:6C:6A:E6:3F:61:99:82:A0:2B:FF:21:0E:F3:27:C6:5F:0A:7F
X509v3 Authority Key Identifier:
keyid:9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136312e302f32342d3234203d3e203331313033.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.169.161.0/24
Signature Algorithm: sha256WithRSAEncryption
67:06:d9:73:5f:1c:cd:37:7e:de:d4:89:3f:fa:75:5c:e6:1b:
2d:44:38:c1:62:e3:2f:32:56:bc:dc:ce:4d:fd:31:a1:33:04:
94:82:83:f4:f4:54:87:48:6b:8a:b2:3b:d3:3e:e6:3b:68:4f:
85:51:ef:6a:31:39:84:78:19:16:2e:ef:bd:ae:b9:48:bd:30:
0c:7b:18:d7:ed:6e:29:74:3d:99:5f:00:66:5a:53:89:e1:86:
91:f4:f9:fa:1b:4f:d0:c7:cf:e1:c5:60:a7:3a:2b:38:91:9d:
07:ed:a1:a9:d5:c9:38:2b:d5:b5:10:b4:6a:38:a2:81:cd:a5:
54:9f:19:6e:0b:1d:53:fb:7a:b3:af:2b:65:20:d4:61:1d:f5:
42:f0:2d:50:ec:b4:1c:16:f9:79:b6:f9:94:34:15:20:39:b0:
76:c1:a0:da:1d:5e:c5:2e:ea:84:5c:54:68:0f:a3:46:8c:0d:
fb:28:95:58:c9:19:0e:49:5f:a6:c2:bd:bd:d8:c2:2b:5a:dd:
89:de:65:7d:b6:83:9c:04:86:23:d1:ce:97:71:20:32:67:13:
e4:78:dd:20:64:f6:14:34:29:d5:2c:99:ec:80:09:ea:db:58:
45:a3:5a:97:65:4d:b4:50:43:77:29:64:85:95:c0:63:a7:c8:
e0:97:2f:80
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUFreNQwf9HzfnCThNIb4tTZS6fTYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWU1NzY5OTYzODhlOTRiOGM3YWIyMGVmZmIyM2JkMTFi
ZWNiNDEwODAeFw0yNTA1MDIwOTQ5MDRaFw0yNjA1MDEwOTU0MDRaMDMxMTAvBgNV
BAMTKEQxRkQ2QzZBRTYzRjYxOTk4MkEwMkJGRjIxMEVGMzI3QzY1RjBBN0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrlVTZHOmsVgcV7b0E/SWQ1jOH
CqTNWWFgeiNM32IIP876Q1T4jwzz0PywNhDjg2u3nClZ3nx2L8WJJMoizQoeDdoD
jf3v29mKTR3X8Vc+ffvonWTxUfA7vTRF3mYDghAFl1ZBOTAQ5I2AUufdxHQhgkzc
wbw9Ry3fGODxG+qDleOFoqraDyTjTbgweP+YzuYGyezKtP4eV4Rdxrmc+crw/4Am
p7/+QZ7r4AChBWbZLDmossw3Y3xkPJJygCZlsOswhcXRMqt1pkB+NVLo/VPzmMGJ
XQE9Au9n42h8qAIMSRq/UoS7b+xepsUxrfzMu4f9697Y3VCditDeVWXNojKpAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU0f1sauY/YZmCoCv/IQ7zJ8ZfCn8wHwYDVR0j
BBgwFoAUnldpljiOlLjHqyDv+yO9Eb7LQQgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAtMmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2
MTIzLzAvOUU1NzY5OTYzODhFOTRCOEM3QUIyMEVGRkIyM0JEMTFCRUNCNDEwOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25sZHBsamlPbExqSHF5RHYteU85RWI3
TFFRZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAt
MmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2MTIzLzAvMzkzNTJlMzEzNjM5MmUzMTM2
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzMxMzEzMDMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
X6mhMA0GCSqGSIb3DQEBCwUAA4IBAQBnBtlzXxzNN37e1Ik/+nVc5hstRDjBYuMv
Mla83M5N/TGhMwSUgoP09FSHSGuKsjvTPuY7aE+FUe9qMTmEeBkWLu+9rrlIvTAM
exjX7W4pdD2ZXwBmWlOJ4YaR9Pn6G0/Qx8/hxWCnOis4kZ0H7aGp1ck4K9W1ELRq
OKKBzaVUnxluCx1T+3qzrytlINRhHfVC8C1Q7LQcFvl5tvmUNBUgObB2waDaHV7F
LuqEXFRoD6NGjA37KJVYyRkOSV+mwr292MIrWt2J3mV9toOcBIYj0c6XcSAyZxPk
eN0gZPYUNCnVLJnsgAnq21hFo1qXZU20UEN3KWSFlcBjp8jgly+A
-----END CERTIFICATE-----
Generated at Sat Jun 7 07:50:53 2025 by rpki-client