Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136352e302f32342d3234203d3e20323032363536.roa
File: 39352e3136392e3136352e302f32342d3234203d3e20323032363536.roa (raw, json)
Hash identifier: MwcWvE4WCmvGMd3cq5xCPLkZoVatjpgb3XxyMDoeg3E=
Subject key identifier: 08:C6:94:B3:D8:D3:8C:C0:FF:13:7B:14:86:86:4E:8A:22:41:41:CA
Certificate issuer: /CN=9e576996388e94b8c7ab20effb23bd11becb4108
Certificate serial: 15F4AE00A7FA0FF623170AC2BDF182E23C931B71
Authority key identifier: 9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136352e302f32342d3234203d3e20323032363536.roa
Signing time: Thu 28 Nov 2024 14:36:27 +0000
ROA not before: Thu 28 Nov 2024 14:31:27 +0000
ROA not after: Thu 27 Nov 2025 14:36:27 +0000
asID: 202656
IP address blocks: 95.169.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.mft
rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:f4:ae:00:a7:fa:0f:f6:23:17:0a:c2:bd:f1:82:e2:3c:93:1b:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e576996388e94b8c7ab20effb23bd11becb4108
Validity
Not Before: Nov 28 14:31:27 2024 GMT
Not After : Nov 27 14:36:27 2025 GMT
Subject: CN=08C694B3D8D38CC0FF137B1486864E8A224141CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e9:51:a6:92:23:e6:2b:d4:15:a3:5c:92:1a:
e1:0a:95:01:5a:6d:ad:20:6d:c6:53:a8:26:d6:86:
f2:74:bf:b9:87:2f:05:69:e6:a9:44:7a:c5:e4:31:
7a:18:79:16:d5:d6:d1:49:43:3d:d4:fe:cc:6d:9a:
dd:0e:af:ed:c0:7f:02:98:0e:e3:01:a0:72:a7:64:
d2:f1:9e:00:15:b2:30:ec:f9:09:6e:cb:71:0f:ba:
72:36:9e:8e:fe:1d:d7:46:25:e6:94:e7:44:07:cc:
9e:9b:1a:4a:02:11:00:28:ff:c3:32:82:2f:67:82:
fe:96:b3:14:9f:d3:71:f3:73:1c:8f:d7:3d:cc:f1:
35:17:f1:75:20:30:65:d5:56:36:70:75:ed:ca:3e:
df:f8:8e:51:46:c8:69:58:a3:48:5b:91:5b:b0:b9:
32:eb:b4:f6:91:09:06:66:81:38:ed:04:a6:2d:ff:
7d:1d:50:f8:b1:c3:df:c3:ae:b2:2f:39:f6:4c:d6:
03:30:94:98:19:35:86:73:9d:a6:13:6a:a7:d4:eb:
e9:ca:2e:5f:67:2d:b0:9d:83:58:47:f3:ac:15:b0:
50:06:2a:da:19:4f:ab:d4:ab:1d:c0:b3:78:7a:3b:
08:d1:a8:9a:32:33:a5:f1:0a:97:b4:eb:a9:6c:23:
06:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:C6:94:B3:D8:D3:8C:C0:FF:13:7B:14:86:86:4E:8A:22:41:41:CA
X509v3 Authority Key Identifier:
keyid:9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136352e302f32342d3234203d3e20323032363536.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.169.165.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:86:84:ba:07:9b:93:20:73:37:73:1a:fa:a2:c7:25:7a:ea:
82:a8:d0:88:3f:43:b7:6e:c5:28:66:c9:26:35:f4:b9:55:19:
46:05:a7:49:7e:a5:75:de:85:e7:16:3b:9d:15:2c:a2:78:bf:
98:93:e1:dd:58:27:c8:76:df:c5:46:2a:2a:da:28:0f:59:c7:
65:40:f6:ca:70:07:b8:c1:35:16:40:74:78:89:a5:a6:1e:bc:
0c:74:fb:e2:ca:1f:e6:b6:e9:4a:ac:37:75:99:a5:66:ec:b4:
50:07:f1:01:6c:3f:3b:d4:e2:2c:bc:d8:62:4b:20:86:53:bb:
f3:49:df:61:42:5a:db:03:70:54:0f:42:d3:e5:ef:1b:11:1d:
18:41:f4:86:18:78:10:f7:f8:dc:45:2a:b6:5e:63:96:ab:e5:
70:78:63:9f:bf:b6:92:0c:73:8e:ea:32:3e:fe:e5:92:dc:b1:
5a:db:6b:43:f0:99:d9:63:5e:23:8e:6f:7d:ff:d0:e8:1c:99:
d7:0a:8a:52:51:39:15:9c:e1:75:b5:3a:82:58:b2:37:5d:98:
46:7a:33:d3:af:79:ff:2d:b5:90:36:c2:43:1a:d8:bb:25:79:
df:aa:bb:99:37:78:03:a6:ca:ce:05:66:e1:05:4d:d3:1f:c2:
19:d5:e5:21
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUFfSuAKf6D/YjFwrCvfGC4jyTG3EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWU1NzY5OTYzODhlOTRiOGM3YWIyMGVmZmIyM2JkMTFi
ZWNiNDEwODAeFw0yNDExMjgxNDMxMjdaFw0yNTExMjcxNDM2MjdaMDMxMTAvBgNV
BAMTKDA4QzY5NEIzRDhEMzhDQzBGRjEzN0IxNDg2ODY0RThBMjI0MTQxQ0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC56VGmkiPmK9QVo1ySGuEKlQFa
ba0gbcZTqCbWhvJ0v7mHLwVp5qlEesXkMXoYeRbV1tFJQz3U/sxtmt0Or+3AfwKY
DuMBoHKnZNLxngAVsjDs+Qluy3EPunI2no7+HddGJeaU50QHzJ6bGkoCEQAo/8My
gi9ngv6WsxSf03HzcxyP1z3M8TUX8XUgMGXVVjZwde3KPt/4jlFGyGlYo0hbkVuw
uTLrtPaRCQZmgTjtBKYt/30dUPixw9/DrrIvOfZM1gMwlJgZNYZznaYTaqfU6+nK
Ll9nLbCdg1hH86wVsFAGKtoZT6vUqx3As3h6OwjRqJoyM6XxCpe066lsIwYrAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUCMaUs9jTjMD/E3sUhoZOiiJBQcowHwYDVR0j
BBgwFoAUnldpljiOlLjHqyDv+yO9Eb7LQQgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAtMmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2
MTIzLzAvOUU1NzY5OTYzODhFOTRCOEM3QUIyMEVGRkIyM0JEMTFCRUNCNDEwOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25sZHBsamlPbExqSHF5RHYteU85RWI3
TFFRZy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAt
MmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2MTIzLzAvMzkzNTJlMzEzNjM5MmUzMTM2
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzIzNjM1MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABfqaUwDQYJKoZIhvcNAQELBQADggEBAK2GhLoHm5MgczdzGvqixyV66oKo0Ig/
Q7duxShmySY19LlVGUYFp0l+pXXehecWO50VLKJ4v5iT4d1YJ8h238VGKiraKA9Z
x2VA9spwB7jBNRZAdHiJpaYevAx0++LKH+a26UqsN3WZpWbstFAH8QFsPzvU4iy8
2GJLIIZTu/NJ32FCWtsDcFQPQtPl7xsRHRhB9IYYeBD3+NxFKrZeY5ar5XB4Y5+/
tpIMc47qMj7+5ZLcsVrba0PwmdljXiOOb33/0OgcmdcKilJRORWc4XW1OoJYsjdd
mEZ6M9Ovef8ttZA2wkMa2Lsled+qu5k3eAOmys4FZuEFTdMfwhnV5SE=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:39:52 2025 by rpki-client