Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3138312e302f32342d3234203d3e203331313033.roa
File: 39352e3136392e3138312e302f32342d3234203d3e203331313033.roa (raw, json)
Hash identifier: vHIdBAX8vax4LMkHyZBnhxzL225O0XLYlxEPXB9FDh8=
Subject key identifier: 3E:B8:62:4C:DC:B8:57:DA:60:6C:82:FF:BD:41:00:90:36:DE:9D:12
Certificate issuer: /CN=9e576996388e94b8c7ab20effb23bd11becb4108
Certificate serial: 4C2DE841850CAAC5E44C4FE088D03E99C778C844
Authority key identifier: 9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3138312e302f32342d3234203d3e203331313033.roa
Signing time: Fri 02 May 2025 09:54:05 +0000
ROA not before: Fri 02 May 2025 09:49:05 +0000
ROA not after: Fri 01 May 2026 09:54:05 +0000
asID: 31103
IP address blocks: 95.169.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.mft
rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 22:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:2d:e8:41:85:0c:aa:c5:e4:4c:4f:e0:88:d0:3e:99:c7:78:c8:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e576996388e94b8c7ab20effb23bd11becb4108
Validity
Not Before: May 2 09:49:05 2025 GMT
Not After : May 1 09:54:05 2026 GMT
Subject: CN=3EB8624CDCB857DA606C82FFBD41009036DE9D12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d6:f4:3e:60:e0:86:ee:a8:be:26:ad:2a:c5:
ae:ed:9c:65:c5:2f:ff:2a:65:f6:87:5c:b8:57:a4:
04:9b:11:a9:6a:40:07:15:83:33:1f:80:a2:ac:db:
d3:be:b5:c1:1f:bf:9c:ad:2c:57:e7:47:e2:eb:41:
2a:c7:ac:b7:32:8b:68:55:6c:86:db:84:00:fc:e2:
0a:4d:52:1a:14:58:2c:25:d6:e8:45:da:89:da:32:
57:11:6b:c3:40:70:74:e5:75:4b:5c:91:1a:ff:ad:
bc:d5:91:f5:3e:5b:c9:62:87:71:6e:6e:1e:7b:8e:
00:53:83:f8:f6:d6:6d:41:52:84:13:dd:f2:64:7b:
e2:ef:2c:53:0e:e7:48:25:18:7a:46:44:d2:53:5c:
60:de:8b:f5:55:52:38:55:5b:41:33:61:1f:7d:5f:
3e:3f:58:57:bb:7c:e9:cb:29:80:ed:35:16:bf:50:
27:72:9b:e4:54:d1:d8:ba:36:7f:bb:2a:f4:dd:4d:
58:35:97:e7:87:d5:61:3e:6a:e3:a1:94:ff:88:32:
a7:ed:42:1d:b8:5e:b1:82:25:91:f7:d1:32:ec:2a:
ab:ee:10:8b:ce:3c:4c:aa:42:69:cc:0f:e5:d7:b8:
1c:67:f5:25:04:47:85:1d:36:76:e0:a1:9c:99:e0:
1e:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:B8:62:4C:DC:B8:57:DA:60:6C:82:FF:BD:41:00:90:36:DE:9D:12
X509v3 Authority Key Identifier:
keyid:9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3138312e302f32342d3234203d3e203331313033.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.169.181.0/24
Signature Algorithm: sha256WithRSAEncryption
96:b7:96:b6:e0:b1:de:59:c8:40:da:9c:69:a5:63:87:24:b9:
81:b2:4b:59:38:55:8c:2e:5a:5d:30:05:b8:92:47:2a:f1:f4:
09:13:b9:3d:82:94:04:8f:df:56:18:f3:c2:10:cc:18:96:5f:
2d:75:27:13:78:0f:83:b3:65:69:fb:8f:b8:e7:f6:7d:f4:13:
43:24:0d:a4:9d:a8:be:ab:3c:59:de:d5:a6:84:8a:38:a8:5c:
bb:9c:f6:b7:e9:f8:0d:7a:e4:f2:6c:36:60:9c:7a:19:b6:f3:
d3:1d:37:8d:13:fd:da:2a:b5:4e:c8:59:5d:99:c8:2b:d4:9e:
41:ab:aa:75:2c:cb:e4:e0:03:b9:90:a0:79:ea:f5:04:62:5d:
b8:f4:97:15:8b:95:a2:79:0b:a0:f6:a2:b0:58:e8:93:a8:bb:
38:50:6d:10:5a:44:41:cf:49:ae:73:b1:87:0b:ed:0d:84:da:
08:64:97:d8:56:cb:c1:82:bc:e1:93:c5:e9:8d:48:33:3c:57:
9e:20:03:f3:25:4a:a2:d8:f9:0e:13:56:d5:c8:ff:1e:f0:03:
08:f7:6a:77:02:17:28:94:5c:62:ea:ab:7e:31:a8:58:4a:80:
58:93:3e:63:f0:28:82:d3:e0:c5:3a:a0:14:cc:36:27:ec:aa:
9c:9b:d7:58
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUTC3oQYUMqsXkTE/giNA+mcd4yEQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWU1NzY5OTYzODhlOTRiOGM3YWIyMGVmZmIyM2JkMTFi
ZWNiNDEwODAeFw0yNTA1MDIwOTQ5MDVaFw0yNjA1MDEwOTU0MDVaMDMxMTAvBgNV
BAMTKDNFQjg2MjRDRENCODU3REE2MDZDODJGRkJENDEwMDkwMzZERTlEMTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCM1vQ+YOCG7qi+Jq0qxa7tnGXF
L/8qZfaHXLhXpASbEalqQAcVgzMfgKKs29O+tcEfv5ytLFfnR+LrQSrHrLcyi2hV
bIbbhAD84gpNUhoUWCwl1uhF2onaMlcRa8NAcHTldUtckRr/rbzVkfU+W8lih3Fu
bh57jgBTg/j21m1BUoQT3fJke+LvLFMO50glGHpGRNJTXGDei/VVUjhVW0EzYR99
Xz4/WFe7fOnLKYDtNRa/UCdym+RU0di6Nn+7KvTdTVg1l+eH1WE+auOhlP+IMqft
Qh24XrGCJZH30TLsKqvuEIvOPEyqQmnMD+XXuBxn9SUER4UdNnbgoZyZ4B6DAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUPrhiTNy4V9pgbIL/vUEAkDbenRIwHwYDVR0j
BBgwFoAUnldpljiOlLjHqyDv+yO9Eb7LQQgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAtMmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2
MTIzLzAvOUU1NzY5OTYzODhFOTRCOEM3QUIyMEVGRkIyM0JEMTFCRUNCNDEwOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25sZHBsamlPbExqSHF5RHYteU85RWI3
TFFRZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAt
MmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2MTIzLzAvMzkzNTJlMzEzNjM5MmUzMTM4
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzMxMzEzMDMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
X6m1MA0GCSqGSIb3DQEBCwUAA4IBAQCWt5a24LHeWchA2pxppWOHJLmBsktZOFWM
LlpdMAW4kkcq8fQJE7k9gpQEj99WGPPCEMwYll8tdScTeA+Ds2Vp+4+45/Z99BND
JA2knai+qzxZ3tWmhIo4qFy7nPa36fgNeuTybDZgnHoZtvPTHTeNE/3aKrVOyFld
mcgr1J5Bq6p1LMvk4AO5kKB56vUEYl249JcVi5WieQug9qKwWOiTqLs4UG0QWkRB
z0muc7GHC+0NhNoIZJfYVsvBgrzhk8XpjUgzPFeeIAPzJUqi2PkOE1bVyP8e8AMI
92p3AhcolFxi6qt+MahYSoBYkz5j8CiC0+DFOqAUzDYn7Kqcm9dY
-----END CERTIFICATE-----
Generated at Sat Jun 7 07:45:00 2025 by rpki-client