Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3139352e39322e302f32342d3234203d3e203437353833.roa
File: 3139342e3139352e39322e302f32342d3234203d3e203437353833.roa (raw, json)
Hash identifier: FQIEEQOew2YlIst4dSO6WA4WItYiwkHH4+3pfT2EZMo=
Subject key identifier: B1:B7:69:15:E4:17:5F:81:7C:83:8B:57:18:67:A9:33:86:11:9C:C3
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5C8E76DECA45C3E0FC0FE84E4CF816A9827D0472
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3139352e39322e302f32342d3234203d3e203437353833.roa
Signing time: Mon 27 Jan 2025 09:45:10 +0000
ROA not before: Mon 27 Jan 2025 09:40:10 +0000
ROA not after: Mon 26 Jan 2026 09:45:10 +0000
asID: 47583
IP address blocks: 194.195.92.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:8e:76:de:ca:45:c3:e0:fc:0f:e8:4e:4c:f8:16:a9:82:7d:04:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:10 2025 GMT
Not After : Jan 26 09:45:10 2026 GMT
Subject: CN=B1B76915E4175F817C838B571867A93386119CC3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:4e:ab:8c:5e:08:a7:fa:0f:3b:9d:b5:70:c7:
ee:55:37:95:f7:0d:cb:20:11:9a:a4:d1:17:0e:20:
ab:2f:e3:82:52:de:52:51:51:16:66:19:f0:54:68:
d9:8f:96:f6:30:57:33:23:e9:08:8d:05:b3:12:db:
ce:ea:73:a7:af:29:74:d4:35:a0:2d:5f:a3:ad:2a:
e0:eb:b1:53:61:79:92:ed:c1:29:a3:eb:99:13:99:
9d:0d:64:83:dc:9a:98:61:72:49:d6:fd:56:f1:82:
03:63:28:5f:44:95:ad:54:3d:a6:36:3f:c0:4f:3b:
a5:38:bc:ac:46:8b:00:bb:9f:73:82:13:0a:79:1e:
9a:3f:db:1d:de:d9:cf:eb:45:0c:11:24:59:5b:36:
c6:13:2d:52:ff:fe:19:83:05:69:e3:a0:fd:6b:33:
d5:3c:20:eb:b0:3d:5a:13:52:bb:79:d4:72:5d:53:
0c:e5:ad:c5:16:a9:25:60:cb:c1:4f:a6:c8:60:ef:
0e:48:ed:68:d1:0a:66:d6:a3:28:2c:f5:e9:c8:6a:
9b:6c:d7:f3:70:9e:eb:7e:52:30:5c:81:1a:57:0b:
eb:7e:4f:6f:ff:71:9e:9f:e5:f7:da:6e:d9:4a:50:
b1:0c:28:5b:f6:0d:f2:60:61:5d:c6:83:06:bc:fc:
91:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:B7:69:15:E4:17:5F:81:7C:83:8B:57:18:67:A9:33:86:11:9C:C3
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3139352e39322e302f32342d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.195.92.0/24
Signature Algorithm: sha256WithRSAEncryption
90:d4:eb:cf:8b:82:a7:77:00:73:3e:5d:75:12:87:2f:ae:34:
7f:96:e9:e2:95:69:df:f6:c7:2a:c4:be:cd:4e:1a:a7:b3:94:
e2:3a:68:c8:ff:6d:71:e8:ba:d6:ea:a3:17:37:ad:82:e7:f6:
43:26:0c:f8:9e:fd:0d:12:84:a8:5c:64:3d:85:7c:7c:60:79:
a5:0e:67:3a:dc:3a:5b:bb:90:68:be:5d:3c:bf:30:1f:23:a4:
c1:36:b5:c0:1c:96:77:d6:9d:12:96:47:21:80:04:c3:13:59:
de:31:2d:91:1e:8d:31:4d:1a:87:bc:66:42:33:22:9b:a5:dc:
f0:b5:1e:b9:67:19:91:2f:52:71:c6:a7:05:0e:94:37:22:67:
ee:04:f3:08:d0:4a:79:bf:eb:c1:70:d3:5e:55:20:c4:38:de:
dd:b6:f9:90:59:08:e2:a6:7e:4e:ce:8d:13:f7:60:fa:53:ed:
67:ab:33:91:ad:d6:03:3a:50:58:5c:0d:6c:fb:2e:5a:f8:4d:
b4:fa:5d:15:39:cf:a5:aa:8f:ba:48:11:3d:27:67:f2:e6:90:
46:56:38:3e:ee:ce:23:d0:c4:da:89:52:b2:9d:cb:20:b1:7f:
2c:c9:98:64:cd:66:b5:9a:82:92:e3:7c:5d:b6:30:0a:87:e4:
12:32:0e:f1
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUXI523spFw+D8D+hOTPgWqYJ9BHIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMTBaFw0yNjAxMjYwOTQ1MTBaMDMxMTAvBgNV
BAMTKEIxQjc2OTE1RTQxNzVGODE3QzgzOEI1NzE4NjdBOTMzODYxMTlDQzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMTquMXgin+g87nbVwx+5VN5X3
DcsgEZqk0RcOIKsv44JS3lJRURZmGfBUaNmPlvYwVzMj6QiNBbMS287qc6evKXTU
NaAtX6OtKuDrsVNheZLtwSmj65kTmZ0NZIPcmphhcknW/VbxggNjKF9Ela1UPaY2
P8BPO6U4vKxGiwC7n3OCEwp5Hpo/2x3e2c/rRQwRJFlbNsYTLVL//hmDBWnjoP1r
M9U8IOuwPVoTUrt51HJdUwzlrcUWqSVgy8FPpshg7w5I7WjRCmbWoygs9enIapts
1/Nwnut+UjBcgRpXC+t+T2//cZ6f5ffabtlKULEMKFv2DfJgYV3Ggwa8/JETAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUsbdpFeQXX4F8g4tXGGepM4YRnMMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM0MmUzMTM5MzUyZTM5
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wsNcMA0GCSqGSIb3DQEBCwUAA4IBAQCQ1OvPi4KndwBzPl11EocvrjR/lunilWnf
9scqxL7NThqns5TiOmjI/21x6LrW6qMXN62C5/ZDJgz4nv0NEoSoXGQ9hXx8YHml
Dmc63Dpbu5Bovl08vzAfI6TBNrXAHJZ31p0SlkchgATDE1neMS2RHo0xTRqHvGZC
MyKbpdzwtR65ZxmRL1JxxqcFDpQ3ImfuBPMI0Ep5v+vBcNNeVSDEON7dtvmQWQji
pn5Ozo0T92D6U+1nqzORrdYDOlBYXA1s+y5a+E20+l0VOc+lqo+6SBE9J2fy5pBG
Vjg+7s4j0MTaiVKyncsgsX8syZhkzWa1moKS43xdtjAKh+QSMg7x
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:06:56 2025 by rpki-client