Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135332e39322e3139312e302f32342d3234203d3e20323031333431.roa
File: 3135332e39322e3139312e302f32342d3234203d3e20323031333431.roa (raw, json)
Hash identifier: 716OXnLsK+5rxiG1WB972WVU++Yl6ldvh1t0ehiZlPE=
Subject key identifier: 94:3B:C2:3F:C3:74:0D:62:59:23:5A:C8:04:C8:C6:13:5C:75:9E:C7
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0D589F780E181CB5FEBB326371D06B2ECD06C571
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135332e39322e3139312e302f32342d3234203d3e20323031333431.roa
Signing time: Mon 27 Jan 2025 09:44:56 +0000
ROA not before: Mon 27 Jan 2025 09:39:56 +0000
ROA not after: Mon 26 Jan 2026 09:44:56 +0000
asID: 201341
IP address blocks: 153.92.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:58:9f:78:0e:18:1c:b5:fe:bb:32:63:71:d0:6b:2e:cd:06:c5:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:39:56 2025 GMT
Not After : Jan 26 09:44:56 2026 GMT
Subject: CN=943BC23FC3740D6259235AC804C8C6135C759EC7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:86:66:87:3e:5a:63:f5:cb:fd:21:d6:d3:40:
f9:f6:c0:73:4e:3e:21:8c:84:4e:df:a2:e0:49:aa:
3a:46:e7:c5:c0:e7:25:86:80:b8:02:da:14:82:04:
8d:29:0e:bf:95:f0:5c:eb:02:67:c2:b4:f0:ed:d5:
64:de:dc:1a:03:37:6e:00:b1:58:89:ec:3d:44:13:
10:d2:a5:ce:b0:d4:24:10:2d:5e:a3:ff:33:af:85:
63:9c:40:23:ed:35:c8:46:88:24:9e:32:b5:67:df:
48:71:49:cf:a2:83:20:01:5c:f6:f7:86:04:76:9c:
43:11:90:c4:8c:d1:ac:6d:0f:c9:75:68:c8:e2:14:
29:92:bf:cb:54:fe:e3:d0:d7:55:1a:04:6e:af:b6:
11:e5:95:55:ca:85:ad:05:8c:d9:0a:47:16:c4:b4:
b0:1d:4d:7c:1c:a7:47:18:cc:a9:0d:38:ef:a5:e8:
94:83:e1:31:b0:2c:20:fd:74:65:b1:8f:3b:89:d2:
f7:21:5e:12:a3:28:80:a2:e0:25:bd:bb:b2:60:9b:
2f:00:fb:b4:f5:bf:8c:d0:10:f6:ff:b4:74:0d:d5:
29:c0:94:ee:df:ef:bf:80:d9:88:2a:37:95:6f:c6:
aa:ac:76:f2:6a:64:a4:cf:33:76:1b:f3:64:c0:51:
49:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:3B:C2:3F:C3:74:0D:62:59:23:5A:C8:04:C8:C6:13:5C:75:9E:C7
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135332e39322e3139312e302f32342d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.92.191.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:36:20:32:cb:29:ec:4c:09:af:fb:a5:a0:4e:26:7a:56:ef:
9c:62:42:dd:57:53:87:3f:bb:ab:0c:2d:43:3b:43:a9:42:6a:
5d:e2:10:e5:53:83:ab:5b:53:38:a2:f5:99:0d:3a:99:6d:08:
65:37:56:22:5b:7c:fc:46:3f:51:85:ad:58:8a:ee:9b:c4:18:
63:c9:9f:14:d8:f7:c7:70:cf:46:62:bf:c4:1b:db:1f:db:b1:
2b:f0:06:d5:a5:b7:7e:dd:66:7d:52:d3:0d:af:a7:03:63:f3:
33:64:0d:bb:6c:9f:50:86:69:db:cd:9a:74:c3:96:79:32:ff:
6e:3b:34:85:6b:65:60:80:fc:3c:b1:0e:71:23:0a:a7:05:10:
db:f0:0f:af:94:c4:85:d5:ee:0d:b8:97:78:5b:cb:5e:ce:05:
a5:54:9a:21:49:57:cf:43:b2:8a:5a:60:99:2d:8b:6b:b3:79:
ba:f4:77:63:e0:7f:a7:89:a8:cc:38:e2:f3:14:9f:50:f7:a1:
11:b9:c5:ef:a0:d8:5e:e5:e0:dc:33:06:71:54:50:50:46:40:
f4:2f:f1:d5:a6:e5:3f:82:ee:cb:e0:ad:7a:5a:63:44:05:9a:
af:95:fe:7a:bf:c5:a9:c2:cd:87:57:aa:8b:3c:76:1e:af:21:
56:db:86:89
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUDVifeA4YHLX+uzJjcdBrLs0GxXEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTM5NTZaFw0yNjAxMjYwOTQ0NTZaMDMxMTAvBgNV
BAMTKDk0M0JDMjNGQzM3NDBENjI1OTIzNUFDODA0QzhDNjEzNUM3NTlFQzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmhmaHPlpj9cv9IdbTQPn2wHNO
PiGMhE7fouBJqjpG58XA5yWGgLgC2hSCBI0pDr+V8FzrAmfCtPDt1WTe3BoDN24A
sViJ7D1EExDSpc6w1CQQLV6j/zOvhWOcQCPtNchGiCSeMrVn30hxSc+igyABXPb3
hgR2nEMRkMSM0axtD8l1aMjiFCmSv8tU/uPQ11UaBG6vthHllVXKha0FjNkKRxbE
tLAdTXwcp0cYzKkNOO+l6JSD4TGwLCD9dGWxjzuJ0vchXhKjKICi4CW9u7Jgmy8A
+7T1v4zQEPb/tHQN1SnAlO7f77+A2YgqN5VvxqqsdvJqZKTPM3Yb82TAUUlbAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUlDvCP8N0DWJZI1rIBMjGE1x1nscwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTMzMmUzOTMyMmUzMTM5
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzEzMzM0MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACZXL8wDQYJKoZIhvcNAQELBQADggEBAFw2IDLLKexMCa/7paBOJnpW75xiQt1X
U4c/u6sMLUM7Q6lCal3iEOVTg6tbUzii9ZkNOpltCGU3ViJbfPxGP1GFrViK7pvE
GGPJnxTY98dwz0Ziv8Qb2x/bsSvwBtWlt37dZn1S0w2vpwNj8zNkDbtsn1CGadvN
mnTDlnky/247NIVrZWCA/DyxDnEjCqcFENvwD6+UxIXV7g24l3hby17OBaVUmiFJ
V89DsopaYJkti2uzebr0d2Pgf6eJqMw44vMUn1D3oRG5xe+g2F7l4NwzBnFUUFBG
QPQv8dWm5T+C7svgrXpaY0QFmq+V/nq/xanCzYdXqos8dh6vIVbbhok=
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:14:17 2025 by rpki-client