Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3136302e3131392e302f32342d3234203d3e203437353833.roa
File: 3139332e3136302e3131392e302f32342d3234203d3e203437353833.roa (raw, json)
Hash identifier: 76YUul8erGHQRYpGinW1inHdQErvMk/gSbfmgUbKWc0=
Subject key identifier: A4:FB:ED:FB:63:ED:ED:64:9D:15:ED:14:B3:23:20:78:F7:CE:55:E1
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2CB0166D0250EBB31585717F6A2610DA04E7AF6A
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3136302e3131392e302f32342d3234203d3e203437353833.roa
Signing time: Wed 02 Apr 2025 12:45:57 +0000
ROA not before: Wed 02 Apr 2025 12:40:57 +0000
ROA not after: Wed 01 Apr 2026 12:45:57 +0000
asID: 47583
IP address blocks: 193.160.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:b0:16:6d:02:50:eb:b3:15:85:71:7f:6a:26:10:da:04:e7:af:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 2 12:40:57 2025 GMT
Not After : Apr 1 12:45:57 2026 GMT
Subject: CN=A4FBEDFB63EDED649D15ED14B3232078F7CE55E1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:87:4d:3e:b4:bc:fe:61:76:d9:3e:52:ad:e5:
46:4c:7f:9f:20:b9:b4:6c:8e:0c:78:e8:c7:86:74:
86:fa:1e:e9:3a:36:b7:1c:cd:eb:87:6b:bd:6f:00:
bc:0e:97:91:8f:3d:ab:f4:04:ea:c7:cf:54:de:e0:
de:cb:f9:18:02:7b:86:d8:47:38:e4:c8:73:af:27:
61:20:e8:99:1c:72:f7:0e:45:ea:56:d2:40:f6:a5:
aa:ca:b3:1a:aa:62:62:b3:c1:d4:78:27:13:20:dc:
90:2b:34:17:26:87:e4:b1:e5:9e:5f:44:a8:6a:88:
53:68:88:b8:85:d5:3d:6d:4b:14:13:20:43:50:85:
b9:d4:60:6c:f1:9d:e0:bb:fb:a9:09:89:c8:8d:f8:
92:4b:a6:20:d2:a4:70:02:ae:e7:e2:b9:40:10:d9:
52:58:eb:6b:a2:84:db:d1:68:ee:19:9d:39:09:44:
d5:0b:b4:a0:9a:a1:b1:0a:c0:d3:c9:6b:69:26:e0:
63:1f:ba:ce:cb:4b:13:94:48:a4:e7:c3:66:8d:5a:
e8:49:fe:7b:e4:34:26:71:c2:b3:72:10:68:36:52:
90:c7:83:9b:89:c2:b6:9c:93:7f:1d:8f:4e:33:73:
cd:7e:64:7c:6f:fc:57:f7:d5:d9:5c:18:57:54:74:
6e:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:FB:ED:FB:63:ED:ED:64:9D:15:ED:14:B3:23:20:78:F7:CE:55:E1
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3136302e3131392e302f32342d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.160.119.0/24
Signature Algorithm: sha256WithRSAEncryption
59:6b:44:50:c5:ae:8c:c0:58:42:22:cb:40:cc:03:01:87:eb:
22:4c:df:11:35:78:4b:e4:f1:d5:ea:cd:95:b5:d3:52:67:b1:
f9:fc:ef:ad:fb:21:67:90:2f:42:23:0e:57:aa:d6:ab:73:60:
2d:3f:e3:79:4d:a4:bf:d3:33:54:b3:5e:7e:47:e6:a4:37:90:
b6:8e:65:91:a8:68:e5:41:e4:48:6c:37:bd:de:6f:f1:b8:17:
85:4c:4a:22:d2:02:22:52:50:93:c4:ba:9f:ad:54:1a:bc:e4:
28:c2:1d:b0:18:54:e2:58:29:36:b5:57:12:ff:34:f6:8b:38:
32:b9:9a:ca:b6:4a:c8:ff:4a:f0:4e:f7:be:79:24:56:06:e0:
c7:e1:a3:9d:7a:81:29:b7:40:bb:6c:68:1a:2d:1d:e1:b8:25:
be:82:a4:0d:6e:de:1d:5a:b2:1e:f7:f9:6e:aa:00:02:2e:30:
83:e1:1f:3d:64:46:80:2a:69:9f:91:4f:fb:d1:2b:33:b7:b2:
35:e0:7e:b1:1f:2b:47:69:bd:69:e1:19:ec:81:b1:f2:c3:dd:
66:25:8e:fc:6e:10:93:3c:52:b4:8c:be:7c:6e:17:f3:24:32:
f9:15:7d:63:9d:c9:9e:0d:b5:b7:34:5f:62:9d:19:f0:e3:3c:
d2:15:d7:5a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIULLAWbQJQ67MVhXF/aiYQ2gTnr2owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA0MDIxMjQwNTdaFw0yNjA0MDExMjQ1NTdaMDMxMTAvBgNV
BAMTKEE0RkJFREZCNjNFREVENjQ5RDE1RUQxNEIzMjMyMDc4RjdDRTU1RTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTh00+tLz+YXbZPlKt5UZMf58g
ubRsjgx46MeGdIb6Huk6NrcczeuHa71vALwOl5GPPav0BOrHz1Te4N7L+RgCe4bY
RzjkyHOvJ2Eg6JkccvcORepW0kD2parKsxqqYmKzwdR4JxMg3JArNBcmh+Sx5Z5f
RKhqiFNoiLiF1T1tSxQTIENQhbnUYGzxneC7+6kJiciN+JJLpiDSpHACrufiuUAQ
2VJY62uihNvRaO4ZnTkJRNULtKCaobEKwNPJa2km4GMfus7LSxOUSKTnw2aNWuhJ
/nvkNCZxwrNyEGg2UpDHg5uJwrack38dj04zc81+ZHxv/Ff31dlcGFdUdG4hAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUpPvt+2Pt7WSdFe0UsyMgePfOVeEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTMzMmUzMTM2MzAyZTMx
MzEzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADBoHcwDQYJKoZIhvcNAQELBQADggEBAFlrRFDFrozAWEIiy0DMAwGH6yJM3xE1
eEvk8dXqzZW101Jnsfn87637IWeQL0IjDleq1qtzYC0/43lNpL/TM1SzXn5H5qQ3
kLaOZZGoaOVB5EhsN73eb/G4F4VMSiLSAiJSUJPEup+tVBq85CjCHbAYVOJYKTa1
VxL/NPaLODK5msq2Ssj/SvBO9755JFYG4Mfho516gSm3QLtsaBotHeG4Jb6CpA1u
3h1ash73+W6qAAIuMIPhHz1kRoAqaZ+RT/vRKzO3sjXgfrEfK0dpvWnhGeyBsfLD
3WYljvxuEJM8UrSMvnxuF/MkMvkVfWOdyZ4Ntbc0X2KdGfDjPNIV11o=
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:00:42 2025 by rpki-client