Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3139352e39312e302f32342d3234203d3e20323036303932.roa
File: 3139342e3139352e39312e302f32342d3234203d3e20323036303932.roa (raw, json)
Hash identifier: R/eeGYEkaFv+iR4TNisqJvCJXs/nEhKdRaAxBDIx2Do=
Subject key identifier: A7:78:2B:44:60:D5:84:FA:B0:A6:D4:01:A8:95:4A:42:34:B5:9D:5C
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6AC0442CE192052991635FD024E5904159FB94E7
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3139352e39312e302f32342d3234203d3e20323036303932.roa
Signing time: Mon 27 Jan 2025 09:45:27 +0000
ROA not before: Mon 27 Jan 2025 09:40:27 +0000
ROA not after: Mon 26 Jan 2026 09:45:27 +0000
asID: 206092
IP address blocks: 194.195.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:c0:44:2c:e1:92:05:29:91:63:5f:d0:24:e5:90:41:59:fb:94:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:27 2025 GMT
Not After : Jan 26 09:45:27 2026 GMT
Subject: CN=A7782B4460D584FAB0A6D401A8954A4234B59D5C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:aa:fb:52:b7:27:73:7e:12:bd:a0:6a:f0:ea:
d5:2a:db:3b:9b:76:39:5a:fe:b5:af:35:be:78:b8:
24:24:00:bb:bb:e7:f2:f8:a8:8a:9f:72:c6:62:e3:
7f:0d:6c:7b:93:8f:64:66:e0:34:49:50:51:60:47:
c9:2e:f7:c5:e7:0b:c1:b5:d6:a9:42:30:a6:ee:54:
67:4f:41:63:08:f9:55:79:b5:56:63:76:b5:9e:af:
b9:f7:0b:7a:5f:8e:92:6d:dc:5b:12:16:6e:f3:05:
e8:21:00:8f:05:53:60:0a:69:92:30:62:8c:49:62:
84:16:68:a9:f9:5b:8f:9c:9c:03:ae:f9:10:cd:41:
ca:c2:74:96:33:72:b8:ac:87:d5:e2:d4:33:34:d3:
c1:71:36:5d:99:93:03:2f:57:3c:7f:32:d4:bc:e5:
90:8b:2c:4c:e7:5b:60:95:e4:fa:09:c6:5d:2a:41:
70:65:12:65:2b:61:4a:f1:10:4b:92:66:73:a8:d5:
49:f5:3d:67:8c:78:8f:68:36:bc:61:c8:f4:4f:aa:
b1:91:7a:c5:8f:60:14:f2:92:e3:8c:1f:b3:04:71:
03:fc:6f:7b:c8:ce:d5:68:00:5a:35:1b:1e:0d:bd:
b0:d5:53:0f:7b:d6:96:17:d4:f0:c4:3b:a6:38:15:
0a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:78:2B:44:60:D5:84:FA:B0:A6:D4:01:A8:95:4A:42:34:B5:9D:5C
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3139352e39312e302f32342d3234203d3e20323036303932.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.195.91.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:4e:75:c8:f4:7e:b0:48:e3:76:7b:f3:27:44:77:6d:bd:ff:
47:52:db:51:c6:cc:41:32:c2:39:c5:16:3c:6b:5a:26:da:a0:
a1:6c:ac:b1:37:d0:07:65:17:65:e3:5e:f9:d3:b0:24:91:20:
b3:ed:fa:1d:d9:b0:50:22:30:2c:bc:f1:cb:a4:69:e8:95:26:
45:3c:bc:e9:b1:54:50:87:b1:69:00:cb:84:88:e7:20:e9:29:
a6:ae:64:c2:9d:f1:d1:27:a6:cb:75:5e:6f:37:b4:fa:51:d6:
16:22:25:7d:4f:21:04:d9:be:59:61:95:3d:85:28:07:71:73:
1c:2a:27:07:ca:e3:54:d7:d2:d7:67:c5:13:32:10:36:b7:44:
69:50:30:8e:15:8f:90:f9:4e:2b:e4:9c:84:8a:4e:3e:cf:aa:
b4:06:ba:2f:4a:a0:d3:57:f8:d6:2b:c4:aa:1b:3a:47:27:e8:
1d:86:28:c6:cc:63:ad:20:f9:53:7d:3e:ec:c4:aa:37:1c:b3:
0f:38:ce:41:92:ec:5e:21:41:8d:a0:be:e5:f1:d0:59:2d:c7:
c5:99:a1:7e:56:d7:07:19:a2:c9:72:20:62:e3:a3:e7:90:bf:
9c:c4:d0:18:28:61:41:d5:a3:ea:3e:f9:4a:79:00:c9:5c:32:
f6:16:d7:c3
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUasBELOGSBSmRY1/QJOWQQVn7lOcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMjdaFw0yNjAxMjYwOTQ1MjdaMDMxMTAvBgNV
BAMTKEE3NzgyQjQ0NjBENTg0RkFCMEE2RDQwMUE4OTU0QTQyMzRCNTlENUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWqvtStydzfhK9oGrw6tUq2zub
djla/rWvNb54uCQkALu75/L4qIqfcsZi438NbHuTj2Rm4DRJUFFgR8ku98XnC8G1
1qlCMKbuVGdPQWMI+VV5tVZjdrWer7n3C3pfjpJt3FsSFm7zBeghAI8FU2AKaZIw
YoxJYoQWaKn5W4+cnAOu+RDNQcrCdJYzcrish9Xi1DM008FxNl2ZkwMvVzx/MtS8
5ZCLLEznW2CV5PoJxl0qQXBlEmUrYUrxEEuSZnOo1Un1PWeMeI9oNrxhyPRPqrGR
esWPYBTykuOMH7MEcQP8b3vIztVoAFo1Gx4NvbDVUw971pYX1PDEO6Y4FQo9AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUp3grRGDVhPqwptQBqJVKQjS1nVwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM0MmUzMTM5MzUyZTM5
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzYzMDM5MzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCw1swDQYJKoZIhvcNAQELBQADggEBAI1Odcj0frBI43Z78ydEd229/0dS21HG
zEEywjnFFjxrWibaoKFsrLE30AdlF2XjXvnTsCSRILPt+h3ZsFAiMCy88cukaeiV
JkU8vOmxVFCHsWkAy4SI5yDpKaauZMKd8dEnpst1Xm83tPpR1hYiJX1PIQTZvllh
lT2FKAdxcxwqJwfK41TX0tdnxRMyEDa3RGlQMI4Vj5D5TivknISKTj7PqrQGui9K
oNNX+NYrxKobOkcn6B2GKMbMY60g+VN9PuzEqjccsw84zkGS7F4hQY2gvuXx0Fkt
x8WZoX5W1wcZoslyIGLjo+eQv5zE0BgoYUHVo+o++Up5AMlcMvYW18M=
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:08:52 2025 by rpki-client