Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3137382e302f32342d3234203d3e203239383032.roa
File: 39352e3136392e3137382e302f32342d3234203d3e203239383032.roa (raw, json)
Hash identifier: M1zdBr3dkuSPfBlr5N8fCga3HKwLGAVwQfjNqW+G7yU=
Subject key identifier: F3:C3:B9:1B:96:71:8B:43:28:65:AE:4F:2C:94:8F:70:6E:79:72:89
Certificate issuer: /CN=9e576996388e94b8c7ab20effb23bd11becb4108
Certificate serial: 3C9CF0490CFE2A4AB6A36A89D32A739E9A86E91D
Authority key identifier: 9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3137382e302f32342d3234203d3e203239383032.roa
Signing time: Mon 12 May 2025 14:03:58 +0000
ROA not before: Mon 12 May 2025 13:58:58 +0000
ROA not after: Mon 11 May 2026 14:03:58 +0000
asID: 29802
IP address blocks: 95.169.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.mft
rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 22:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:9c:f0:49:0c:fe:2a:4a:b6:a3:6a:89:d3:2a:73:9e:9a:86:e9:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e576996388e94b8c7ab20effb23bd11becb4108
Validity
Not Before: May 12 13:58:58 2025 GMT
Not After : May 11 14:03:58 2026 GMT
Subject: CN=F3C3B91B96718B432865AE4F2C948F706E797289
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e3:07:53:81:2c:37:88:97:a0:7f:0b:fd:27:
a3:44:48:3c:83:02:aa:d8:78:4f:61:13:25:ab:b2:
b4:6f:e7:a6:c5:67:39:2a:e2:58:1b:0d:78:b7:a0:
b1:f8:4e:be:e0:cc:1d:64:f5:89:8c:60:62:d2:1c:
19:8b:f4:b8:e0:22:7b:a8:7a:19:74:6e:c4:24:42:
8b:02:42:13:4b:19:13:b7:64:59:63:3c:be:9d:d1:
df:da:0c:58:c5:1a:80:a4:31:30:51:7d:37:9b:dd:
f0:c3:46:c1:6b:45:6c:6d:d0:9f:c9:d1:43:03:d7:
e1:10:ca:14:2d:07:d3:d4:fe:54:b8:f5:ce:7f:de:
5c:c6:9d:67:d1:a8:2a:a4:d6:22:96:c2:1b:7d:7c:
c5:ff:43:57:9d:1f:08:2d:3f:9e:79:04:c5:7d:64:
75:4d:6a:d7:25:d1:8b:41:99:9a:df:ae:c8:f0:d7:
0c:35:7a:d6:8c:e2:54:3e:d0:9c:05:ad:a3:a2:99:
20:b9:b9:61:e5:88:d0:1a:d8:9b:d5:94:0f:a5:d1:
16:e3:b0:49:33:c4:a7:2d:5a:0e:9a:f1:9e:19:82:
fe:50:79:f1:58:16:15:80:a8:2b:64:ad:bb:c4:c4:
e9:81:9c:73:e6:8f:17:72:a9:0c:ed:52:63:b2:80:
d1:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:C3:B9:1B:96:71:8B:43:28:65:AE:4F:2C:94:8F:70:6E:79:72:89
X509v3 Authority Key Identifier:
keyid:9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3137382e302f32342d3234203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.169.178.0/24
Signature Algorithm: sha256WithRSAEncryption
46:6d:75:f7:e7:64:18:5b:a0:d8:c3:dd:38:fc:ed:8e:c1:ee:
be:f2:39:8e:d6:73:5b:9c:f0:fe:59:2f:53:fa:8b:fd:c8:b8:
13:bc:9e:e7:4a:cd:20:9f:42:6c:79:57:fa:f8:99:c3:7d:75:
77:7b:a5:3c:e4:84:13:17:1a:7b:be:22:bb:cf:b1:70:77:e3:
70:aa:70:ee:e6:e6:9c:9f:37:a7:e2:f0:bb:51:ac:f0:7e:09:
22:e6:3b:5a:cf:dc:71:fa:3d:06:61:18:2c:45:16:d8:06:99:
b7:dd:f2:b6:54:2d:31:f3:0d:2e:a7:67:d2:33:ba:e9:6a:8a:
dd:ef:77:74:24:6b:67:1c:7c:bf:9f:a6:7e:b6:d5:ec:c1:6c:
5d:69:fa:5a:f7:e2:8c:aa:52:93:57:5f:f5:74:be:da:86:2a:
66:a6:72:2a:30:bb:ee:6a:03:d2:b9:9d:d1:f9:10:72:58:6a:
5c:88:09:0a:95:92:eb:d6:05:dd:fc:f6:cf:8a:19:9f:cc:e4:
3c:d7:38:92:23:ba:0c:7d:75:95:1e:38:4e:03:49:9e:8c:01:
90:8f:88:e2:e5:89:20:5f:3c:12:0c:3d:37:fc:23:a6:ac:91:
9f:45:c1:3a:4f:a4:c7:95:af:84:be:eb:81:f0:0f:08:ce:14:
1d:0e:16:4c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUPJzwSQz+Kkq2o2qJ0ypznpqG6R0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWU1NzY5OTYzODhlOTRiOGM3YWIyMGVmZmIyM2JkMTFi
ZWNiNDEwODAeFw0yNTA1MTIxMzU4NThaFw0yNjA1MTExNDAzNThaMDMxMTAvBgNV
BAMTKEYzQzNCOTFCOTY3MThCNDMyODY1QUU0RjJDOTQ4RjcwNkU3OTcyODkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCW4wdTgSw3iJegfwv9J6NESDyD
AqrYeE9hEyWrsrRv56bFZzkq4lgbDXi3oLH4Tr7gzB1k9YmMYGLSHBmL9LjgInuo
ehl0bsQkQosCQhNLGRO3ZFljPL6d0d/aDFjFGoCkMTBRfTeb3fDDRsFrRWxt0J/J
0UMD1+EQyhQtB9PU/lS49c5/3lzGnWfRqCqk1iKWwht9fMX/Q1edHwgtP555BMV9
ZHVNatcl0YtBmZrfrsjw1ww1etaM4lQ+0JwFraOimSC5uWHliNAa2JvVlA+l0Rbj
sEkzxKctWg6a8Z4Zgv5QefFYFhWAqCtkrbvExOmBnHPmjxdyqQztUmOygNH/AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU88O5G5Zxi0MoZa5PLJSPcG55cokwHwYDVR0j
BBgwFoAUnldpljiOlLjHqyDv+yO9Eb7LQQgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAtMmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2
MTIzLzAvOUU1NzY5OTYzODhFOTRCOEM3QUIyMEVGRkIyM0JEMTFCRUNCNDEwOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25sZHBsamlPbExqSHF5RHYteU85RWI3
TFFRZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAt
MmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2MTIzLzAvMzkzNTJlMzEzNjM5MmUzMTM3
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM5MzgzMDMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
X6myMA0GCSqGSIb3DQEBCwUAA4IBAQBGbXX352QYW6DYw904/O2Owe6+8jmO1nNb
nPD+WS9T+ov9yLgTvJ7nSs0gn0JseVf6+JnDfXV3e6U85IQTFxp7viK7z7Fwd+Nw
qnDu5uacnzen4vC7Uazwfgki5jtaz9xx+j0GYRgsRRbYBpm33fK2VC0x8w0up2fS
M7rpaord73d0JGtnHHy/n6Z+ttXswWxdafpa9+KMqlKTV1/1dL7ahipmpnIqMLvu
agPSuZ3R+RByWGpciAkKlZLr1gXd/PbPihmfzOQ81ziSI7oMfXWVHjhOA0mejAGQ
j4ji5YkgXzwSDD03/COmrJGfRcE6T6THla+EvuuB8A8IzhQdDhZM
-----END CERTIFICATE-----
Generated at Sat Jun 7 08:10:14 2025 by rpki-client