Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3233332e3130312e302f32342d3234203d3e20313337343039.roa
File: 3139342e3233332e3130312e302f32342d3234203d3e20313337343039.roa (raw, json)
Hash identifier: VXzP38xcQbmV/ZFeN23VeNyhSsW4Oiy3V6y1WQbC9QI=
Subject key identifier: 57:D3:7F:D9:A2:B6:3D:39:BC:14:DD:EA:45:A6:67:E7:D9:D2:35:A8
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6531E407CFA0EB44EB66551C38365061B3C7F135
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3233332e3130312e302f32342d3234203d3e20313337343039.roa
Signing time: Thu 30 Jan 2025 18:57:09 +0000
ROA not before: Thu 30 Jan 2025 18:52:09 +0000
ROA not after: Thu 29 Jan 2026 18:57:09 +0000
asID: 137409
IP address blocks: 194.233.101.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:31:e4:07:cf:a0:eb:44:eb:66:55:1c:38:36:50:61:b3:c7:f1:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 30 18:52:09 2025 GMT
Not After : Jan 29 18:57:09 2026 GMT
Subject: CN=57D37FD9A2B63D39BC14DDEA45A667E7D9D235A8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:1b:66:ba:fe:9b:9d:96:83:96:5a:91:df:b6:
0b:a5:fd:23:91:ea:a4:a6:94:c0:3e:90:7a:c1:11:
7f:05:f8:94:f6:47:a9:af:c1:e3:d7:d6:44:87:50:
50:46:23:fe:96:bb:00:39:e1:11:89:3a:43:de:f3:
43:53:fd:31:a6:15:9b:8a:91:50:21:a5:5d:83:6b:
15:88:c6:b7:35:da:69:f3:b1:33:be:7d:08:15:0a:
47:d8:6e:d9:41:38:0a:47:41:e6:6d:c2:0b:fb:88:
e0:38:08:ad:5c:90:ab:39:33:ca:5e:3f:f1:35:63:
73:5e:13:4b:3b:35:13:26:4c:e8:4b:45:b7:57:41:
0d:2c:ac:a0:b5:07:34:dc:2c:fb:20:43:c7:a3:8e:
a0:0a:8a:02:2d:08:74:3c:93:4f:b2:f2:ba:19:1c:
9a:c1:1c:04:86:75:35:23:36:0d:cb:86:3a:bd:50:
74:99:2c:d7:d5:fb:8b:06:d5:a2:64:34:75:04:28:
d2:02:a3:b2:0a:94:f3:21:09:e2:da:d7:de:65:71:
a3:35:5d:4c:04:5e:5e:a9:49:4d:7d:ae:00:1f:1e:
47:66:78:dc:83:fc:9b:a6:09:bf:f7:86:bd:e6:7f:
10:a6:66:f6:08:7d:20:f3:6f:5f:b8:5f:db:45:e4:
58:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:D3:7F:D9:A2:B6:3D:39:BC:14:DD:EA:45:A6:67:E7:D9:D2:35:A8
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3233332e3130312e302f32342d3234203d3e20313337343039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.233.101.0/24
Signature Algorithm: sha256WithRSAEncryption
16:0f:50:e5:58:cf:18:69:4b:b0:bf:ef:c9:25:74:f0:4e:b7:
6a:6f:90:7d:0a:03:00:b9:6c:22:6d:7b:40:8c:b4:79:4c:70:
0c:70:7e:ba:80:9e:92:81:60:a9:15:f2:12:d7:13:49:d1:ad:
86:ad:72:a1:c2:78:aa:71:40:89:ab:95:14:dd:76:ca:30:b5:
09:a6:e4:fa:8f:a3:88:da:5b:dc:65:b9:92:aa:2c:6e:02:d7:
80:03:ba:0b:02:b2:20:75:d9:20:fa:43:1d:fe:34:7b:82:52:
54:a2:37:bf:61:06:10:a7:80:98:f0:a0:d6:5f:f4:73:ce:91:
a1:c4:1d:eb:fb:f1:38:a4:bf:d4:97:5b:c7:55:24:7b:c7:2a:
34:c1:52:33:f0:1e:67:d3:83:e1:b8:54:11:04:89:8d:09:c9:
8f:6e:a7:54:b4:3d:ef:e1:5e:d7:be:93:2d:90:11:bd:24:4c:
03:22:8a:69:9f:e6:42:51:8b:ff:a4:77:f1:31:c9:8e:b7:66:
0b:e4:4b:be:5b:da:9b:5d:86:69:68:24:a7:33:2c:a2:d7:2d:
80:d8:60:ae:0b:e6:03:8a:33:b1:5e:d2:d8:5d:4b:ea:60:9a:
98:5a:36:66:ea:c3:14:71:cc:ec:73:e7:29:a4:d1:d7:b9:2b:
c8:b5:69:e3
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUZTHkB8+g60TrZlUcODZQYbPH8TUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMzAxODUyMDlaFw0yNjAxMjkxODU3MDlaMDMxMTAvBgNV
BAMTKDU3RDM3RkQ5QTJCNjNEMzlCQzE0RERFQTQ1QTY2N0U3RDlEMjM1QTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGG2a6/pudloOWWpHftgul/SOR
6qSmlMA+kHrBEX8F+JT2R6mvwePX1kSHUFBGI/6WuwA54RGJOkPe80NT/TGmFZuK
kVAhpV2DaxWIxrc12mnzsTO+fQgVCkfYbtlBOApHQeZtwgv7iOA4CK1ckKs5M8pe
P/E1Y3NeE0s7NRMmTOhLRbdXQQ0srKC1BzTcLPsgQ8ejjqAKigItCHQ8k0+y8roZ
HJrBHASGdTUjNg3Lhjq9UHSZLNfV+4sG1aJkNHUEKNICo7IKlPMhCeLa195lcaM1
XUwEXl6pSU19rgAfHkdmeNyD/JumCb/3hr3mfxCmZvYIfSDzb1+4X9tF5FhhAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUV9N/2aK2PTm8FN3qRaZn59nSNagwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM0MmUzMjMzMzMyZTMx
MzAzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNzM0MzAzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMLpZTANBgkqhkiG9w0BAQsFAAOCAQEAFg9Q5VjPGGlLsL/vySV08E63am+Q
fQoDALlsIm17QIy0eUxwDHB+uoCekoFgqRXyEtcTSdGthq1yocJ4qnFAiauVFN12
yjC1Cabk+o+jiNpb3GW5kqosbgLXgAO6CwKyIHXZIPpDHf40e4JSVKI3v2EGEKeA
mPCg1l/0c86RocQd6/vxOKS/1Jdbx1Uke8cqNMFSM/AeZ9OD4bhUEQSJjQnJj26n
VLQ97+Fe176TLZARvSRMAyKKaZ/mQlGL/6R38THJjrdmC+RLvlvam12GaWgkpzMs
otctgNhgrgvmA4ozsV7S2F1L6mCamFo2ZurDFHHM7HPnKaTR17kryLVp4w==
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:13:26 2025 by rpki-client