Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e34322e3133372e302f32342d3234203d3e203437353833.roa
File: 3139332e34322e3133372e302f32342d3234203d3e203437353833.roa (raw, json)
Hash identifier: WwXIHhWzerfLV1o0WVt8eutgEfCCy4ntCOUJY6fLqXU=
Subject key identifier: 32:21:E9:7F:2D:95:D1:58:CD:A3:86:AA:E7:06:2E:BC:60:54:01:2A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3017F400A825EEE060A0BD07635AB035F96DE7EB
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e34322e3133372e302f32342d3234203d3e203437353833.roa
Signing time: Mon 27 Jan 2025 09:45:04 +0000
ROA not before: Mon 27 Jan 2025 09:40:04 +0000
ROA not after: Mon 26 Jan 2026 09:45:04 +0000
asID: 47583
IP address blocks: 193.42.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:17:f4:00:a8:25:ee:e0:60:a0:bd:07:63:5a:b0:35:f9:6d:e7:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:04 2025 GMT
Not After : Jan 26 09:45:04 2026 GMT
Subject: CN=3221E97F2D95D158CDA386AAE7062EBC6054012A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:8a:5a:81:25:58:c3:79:09:89:7d:a2:2f:f2:
7d:93:a3:90:40:44:1b:1a:70:22:8b:f8:98:a7:5e:
a9:18:99:5b:ab:ed:82:87:74:17:43:57:66:9f:8b:
0c:33:7d:64:70:74:65:15:49:90:c7:11:e5:88:7d:
69:29:44:91:0c:dc:7c:dc:d1:7c:77:42:1c:83:8c:
39:9e:bd:45:b0:ed:e3:34:b7:b2:f7:db:f7:af:be:
8f:1c:ad:c3:58:b9:9b:32:73:28:96:69:a1:3d:11:
ad:e7:a9:7c:c6:c9:86:91:33:0b:03:dd:cc:a4:7b:
77:e6:80:82:25:62:ae:9f:8d:41:26:dc:05:b9:61:
7a:90:5b:8a:5a:a5:72:bf:99:1e:9f:63:de:b5:e3:
01:98:12:8b:64:e9:44:c9:8c:55:e7:79:40:9b:a6:
85:31:67:0d:26:1a:96:c3:54:c9:4e:cf:0c:d8:e4:
4a:f8:9a:37:52:37:4a:0f:f5:45:32:eb:0a:34:d3:
e1:1f:3b:0c:32:3c:45:ed:db:a4:93:d1:2e:a5:fb:
ea:6a:30:56:ef:e4:ae:6f:1e:55:55:06:09:59:34:
c6:71:b5:0d:cc:68:c4:0a:33:a5:45:dc:63:2f:2a:
0e:29:57:8d:20:96:86:0d:67:5f:db:c8:3f:3f:11:
f3:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:21:E9:7F:2D:95:D1:58:CD:A3:86:AA:E7:06:2E:BC:60:54:01:2A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e34322e3133372e302f32342d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.42.137.0/24
Signature Algorithm: sha256WithRSAEncryption
27:1c:79:4b:43:4e:2d:57:26:da:ec:2e:a1:6a:01:f8:da:61:
4a:11:25:2a:f9:e9:21:1a:b5:c8:e0:55:17:fe:bc:c2:6b:6a:
41:16:e4:a7:a4:6b:fa:59:01:89:73:6c:4d:5c:18:54:f9:f8:
e2:9a:19:a2:5e:0d:d3:cb:10:6e:0f:64:70:3d:f3:db:0b:16:
d0:14:1b:7d:96:a1:83:72:69:3a:09:60:22:5a:5c:6f:81:2a:
f8:48:8f:e9:c2:2a:81:c0:7d:20:c8:ce:c6:d8:90:20:29:b4:
3e:a9:20:b4:7a:85:6a:22:06:fe:e4:4a:71:3c:eb:37:a4:9b:
b2:13:9b:28:c6:8c:4e:6f:62:b0:c7:4e:0d:9e:db:d5:1c:c4:
ca:c9:c2:be:89:0b:19:85:b7:69:ab:5a:7f:fc:16:ff:2d:9f:
71:43:85:fa:b3:4e:2d:3e:4b:18:75:c8:3a:8c:6f:87:6a:a6:
e9:b4:aa:f8:44:db:d6:97:f1:3f:a5:ad:db:14:98:8d:2a:a6:
50:ae:95:7e:7b:b8:3f:de:a8:5a:c7:00:a9:52:45:b0:2e:1d:
bb:6c:f8:6e:29:8f:66:01:de:f8:b8:76:24:15:6e:dd:16:83:
30:28:3d:a3:00:aa:14:2c:26:73:e9:a3:9e:72:30:2e:e1:1c:
f8:1b:ec:ca
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUMBf0AKgl7uBgoL0HY1qwNflt5+swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMDRaFw0yNjAxMjYwOTQ1MDRaMDMxMTAvBgNV
BAMTKDMyMjFFOTdGMkQ5NUQxNThDREEzODZBQUU3MDYyRUJDNjA1NDAxMkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0ilqBJVjDeQmJfaIv8n2To5BA
RBsacCKL+JinXqkYmVur7YKHdBdDV2afiwwzfWRwdGUVSZDHEeWIfWkpRJEM3Hzc
0Xx3QhyDjDmevUWw7eM0t7L32/evvo8crcNYuZsycyiWaaE9Ea3nqXzGyYaRMwsD
3cyke3fmgIIlYq6fjUEm3AW5YXqQW4papXK/mR6fY9614wGYEotk6UTJjFXneUCb
poUxZw0mGpbDVMlOzwzY5Er4mjdSN0oP9UUy6wo00+EfOwwyPEXt26ST0S6l++pq
MFbv5K5vHlVVBglZNMZxtQ3MaMQKM6VF3GMvKg4pV40gloYNZ1/byD8/EfNxAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUMiHpfy2V0VjNo4aq5wYuvGBUASowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTMzMmUzNDMyMmUzMTMz
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wSqJMA0GCSqGSIb3DQEBCwUAA4IBAQAnHHlLQ04tVyba7C6hagH42mFKESUq+ekh
GrXI4FUX/rzCa2pBFuSnpGv6WQGJc2xNXBhU+fjimhmiXg3TyxBuD2RwPfPbCxbQ
FBt9lqGDcmk6CWAiWlxvgSr4SI/pwiqBwH0gyM7G2JAgKbQ+qSC0eoVqIgb+5Epx
POs3pJuyE5soxoxOb2Kwx04NntvVHMTKycK+iQsZhbdpq1p//Bb/LZ9xQ4X6s04t
PksYdcg6jG+HaqbptKr4RNvWl/E/pa3bFJiNKqZQrpV+e7g/3qhaxwCpUkWwLh27
bPhuKY9mAd74uHYkFW7dFoMwKD2jAKoULCZz6aOecjAu4Rz4G+zK
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:07:05 2025 by rpki-client