Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3139352e38352e302f32342d3332203d3e203531313637.roa
File: 3139342e3139352e38352e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: kJPbvQLGaa0C+ig3wEid/HyUzhMICBNKYUDmTkO2nfg=
Subject key identifier: 9A:6F:4F:1F:B0:7A:F5:DC:E2:D1:53:7B:8F:3A:D2:2C:20:88:BC:1E
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4380AC85498518D61B2F7C30EC3438B4A9703053
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3139352e38352e302f32342d3332203d3e203531313637.roa
Signing time: Mon 27 Jan 2025 09:45:11 +0000
ROA not before: Mon 27 Jan 2025 09:40:11 +0000
ROA not after: Mon 26 Jan 2026 09:45:11 +0000
asID: 51167
IP address blocks: 194.195.85.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 15:34:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:80:ac:85:49:85:18:d6:1b:2f:7c:30:ec:34:38:b4:a9:70:30:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:11 2025 GMT
Not After : Jan 26 09:45:11 2026 GMT
Subject: CN=9A6F4F1FB07AF5DCE2D1537B8F3AD22C2088BC1E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:46:76:96:41:a2:7d:bd:09:98:81:53:ea:94:
0f:4d:97:57:60:09:48:da:26:be:be:51:1f:ec:e0:
cb:b0:5c:27:3a:27:72:d3:6d:86:c2:fe:9c:dd:5d:
38:81:29:8b:e2:34:38:c6:60:96:e9:b4:ac:aa:49:
78:3e:d4:4e:06:45:19:d8:46:fe:d2:6c:f7:2b:27:
78:33:e6:7d:9d:af:fa:87:f1:eb:9c:96:af:c8:ac:
7e:0d:3a:47:93:7c:62:0f:74:ae:38:c3:d0:06:99:
40:10:11:ba:eb:98:33:f5:91:0f:85:3e:4c:73:ec:
4c:bd:c8:bf:6b:b4:46:ae:78:73:74:41:03:56:87:
32:f3:80:5a:98:5d:cb:b2:e1:be:bb:27:3c:24:c6:
dc:dc:33:c8:8b:2e:ce:f4:40:14:6c:91:23:0a:55:
e9:d6:57:a7:80:9d:3b:c0:36:8f:46:5e:c4:48:04:
aa:7b:95:83:b4:cc:62:1b:1a:7b:f9:04:74:ae:a1:
69:ec:2c:c7:75:f7:71:1f:32:93:27:c5:bc:88:c0:
b8:11:1e:7f:bf:e8:ea:9b:d9:05:9d:a8:c2:b7:59:
ec:ec:e7:f9:df:fc:c9:25:54:5c:09:ad:5c:f2:b2:
14:9e:b9:94:7c:85:68:35:7c:c8:0a:08:d3:7f:47:
55:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:6F:4F:1F:B0:7A:F5:DC:E2:D1:53:7B:8F:3A:D2:2C:20:88:BC:1E
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3139352e38352e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.195.85.0/24
Signature Algorithm: sha256WithRSAEncryption
90:d9:ba:0e:8d:ec:14:c4:38:24:6c:ae:b8:40:44:37:0c:f9:
23:5c:65:21:82:92:0d:9e:37:a2:6b:1d:b1:89:81:93:26:85:
dd:d1:35:b7:77:f5:79:2f:30:2a:fd:a1:03:cc:a2:ed:95:63:
20:3f:d9:f2:c5:c3:4d:5f:be:50:fd:67:76:6b:40:ed:7e:cb:
07:e6:9d:c8:f1:81:e6:29:d8:ea:ff:da:b7:d3:d9:d4:25:68:
84:c9:e1:c0:70:59:96:f5:e5:7b:84:14:53:32:3f:40:c6:e3:
0f:4b:f5:65:48:84:33:25:f2:69:f6:88:c6:cf:b2:0a:7a:47:
bd:29:31:85:3c:44:2d:bc:e6:1f:a9:ca:4f:dd:bf:fc:dc:3c:
85:46:21:14:aa:4b:d1:7d:41:f1:fe:0e:95:a5:ce:78:57:b6:
87:0d:dc:fa:1a:27:2c:12:3c:16:9a:b0:f8:6c:e0:33:dd:70:
33:1f:d5:44:52:dc:b8:c4:38:af:75:64:ef:54:49:4f:3d:fc:
72:95:b0:52:b7:24:0d:e8:33:ed:be:b9:83:d8:62:7e:9c:8d:
cc:d7:33:64:79:ce:09:43:9f:df:95:72:9f:5f:a1:d2:a9:ac:
d4:bd:0f:96:16:68:3c:26:5f:74:d3:8b:b0:08:2e:75:21:78:
7a:0e:11:93
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUQ4CshUmFGNYbL3ww7DQ4tKlwMFMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMTFaFw0yNjAxMjYwOTQ1MTFaMDMxMTAvBgNV
BAMTKDlBNkY0RjFGQjA3QUY1RENFMkQxNTM3QjhGM0FEMjJDMjA4OEJDMUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD6RnaWQaJ9vQmYgVPqlA9Nl1dg
CUjaJr6+UR/s4MuwXCc6J3LTbYbC/pzdXTiBKYviNDjGYJbptKyqSXg+1E4GRRnY
Rv7SbPcrJ3gz5n2dr/qH8euclq/IrH4NOkeTfGIPdK44w9AGmUAQEbrrmDP1kQ+F
Pkxz7Ey9yL9rtEaueHN0QQNWhzLzgFqYXcuy4b67JzwkxtzcM8iLLs70QBRskSMK
VenWV6eAnTvANo9GXsRIBKp7lYO0zGIbGnv5BHSuoWnsLMd193EfMpMnxbyIwLgR
Hn+/6Oqb2QWdqMK3Wezs5/nf/MklVFwJrVzyshSeuZR8hWg1fMgKCNN/R1UtAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUmm9PH7B69dzi0VN7jzrSLCCIvB4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM0MmUzMTM5MzUyZTM4
MzUyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wsNVMA0GCSqGSIb3DQEBCwUAA4IBAQCQ2boOjewUxDgkbK64QEQ3DPkjXGUhgpIN
njeiax2xiYGTJoXd0TW3d/V5LzAq/aEDzKLtlWMgP9nyxcNNX75Q/Wd2a0DtfssH
5p3I8YHmKdjq/9q309nUJWiEyeHAcFmW9eV7hBRTMj9AxuMPS/VlSIQzJfJp9ojG
z7IKeke9KTGFPEQtvOYfqcpP3b/83DyFRiEUqkvRfUHx/g6Vpc54V7aHDdz6Gics
EjwWmrD4bOAz3XAzH9VEUty4xDivdWTvVElPPfxylbBStyQN6DPtvrmD2GJ+nI3M
1zNkec4JQ5/flXKfX6HSqazUvQ+WFmg8Jl9004uwCC51IXh6DhGT
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:14:45 2025 by rpki-client