Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3137392e3139342e302f32332d3233203d3e20323031333431.roa
File: 3139352e3137392e3139342e302f32332d3233203d3e20323031333431.roa (raw, json)
Hash identifier: DQybu0BzUQQ6THHEhQHFImt8bVVH5KY0Cgm0fPXRT/g=
Subject key identifier: 6F:B9:31:16:A9:19:CA:08:07:9D:DF:64:83:C6:96:29:98:C9:94:C8
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1DDA76C4E36EFC5178C40E4BC3666390F09334EB
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3137392e3139342e302f32332d3233203d3e20323031333431.roa
Signing time: Mon 27 Jan 2025 09:45:27 +0000
ROA not before: Mon 27 Jan 2025 09:40:27 +0000
ROA not after: Mon 26 Jan 2026 09:45:27 +0000
asID: 201341
IP address blocks: 195.179.194.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:da:76:c4:e3:6e:fc:51:78:c4:0e:4b:c3:66:63:90:f0:93:34:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:27 2025 GMT
Not After : Jan 26 09:45:27 2026 GMT
Subject: CN=6FB93116A919CA08079DDF6483C6962998C994C8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:52:a6:36:49:55:ed:29:b7:73:94:7f:e0:4f:
c5:6a:fd:a6:10:32:cf:f3:57:f8:bb:5d:cb:db:f9:
63:2f:d7:c7:8a:34:f4:94:2d:63:fc:d4:8a:b4:53:
ba:59:8f:ce:3d:0d:7f:e6:ea:bb:8b:07:22:89:28:
0d:ab:9b:b3:cc:44:de:7e:9d:5a:eb:14:71:1a:24:
40:bf:42:e1:a6:22:f4:53:47:ff:31:34:09:d0:59:
1a:74:2e:a2:22:cc:ab:01:dd:4c:f6:c1:fd:5f:ff:
95:72:08:59:e6:d1:07:0c:fe:44:1e:54:a9:85:d0:
72:f4:ed:a3:23:48:79:4c:5f:57:b7:be:09:db:e2:
c0:0a:6a:24:f4:58:62:15:e8:e8:bd:f8:d9:dc:0c:
73:01:74:38:17:e3:4a:02:01:f9:e8:1d:59:2d:a7:
f7:6b:f6:10:a6:3d:1d:85:65:35:79:9c:22:37:48:
6d:7a:29:68:93:77:d1:a9:48:60:3d:e3:57:4e:92:
e1:13:05:54:4f:1c:b2:58:ed:73:66:db:27:85:e7:
3a:86:9f:6d:2b:f4:97:8a:27:81:42:ce:7e:b4:1e:
1b:d0:4c:01:df:9e:22:66:51:d7:26:15:ca:f4:b6:
45:7d:a7:42:00:be:7e:75:b7:61:0f:b2:e3:76:3a:
50:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:B9:31:16:A9:19:CA:08:07:9D:DF:64:83:C6:96:29:98:C9:94:C8
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3137392e3139342e302f32332d3233203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.179.194.0/23
Signature Algorithm: sha256WithRSAEncryption
26:a6:5c:92:a7:b2:69:12:d4:13:79:cf:c7:8f:7f:ff:6e:43:
97:66:1e:9e:9f:6c:e2:b2:25:e9:93:2f:d4:cf:5d:5e:23:08:
91:05:57:49:5f:6e:67:f6:12:7d:cc:06:83:66:4e:be:75:4d:
ab:c2:15:79:06:4c:02:a5:59:56:f5:a4:91:26:1c:95:c7:8b:
83:dd:42:22:74:f2:f8:1f:97:38:26:6c:09:af:10:92:c3:81:
82:e9:57:3a:82:58:65:fb:b4:1a:d3:4a:86:b4:45:7b:1c:b3:
33:cf:c9:e8:c1:e5:7c:76:a7:47:5c:d8:1b:57:d8:4b:56:93:
a9:5e:7b:25:67:82:ca:63:26:1d:a5:34:00:5d:2d:2c:b6:9f:
fd:11:94:cb:5d:25:a8:d5:5d:0e:dc:73:91:be:35:ae:e1:ca:
e8:c8:c4:10:cb:37:90:67:c6:4c:da:17:28:db:5d:10:df:7d:
a4:1b:4a:e4:e9:4e:a2:1a:02:43:c5:75:69:1f:50:3f:c1:87:
e4:9e:f1:ee:bb:b8:ab:25:82:dd:ac:b2:c8:f4:63:cc:6d:26:
88:8d:57:42:f7:16:e0:e6:c1:06:19:75:9c:73:72:da:68:d6:
9e:c0:0d:05:ae:1b:cd:02:f0:cb:29:92:32:2f:1c:a9:af:57:
ae:17:c0:66
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUHdp2xONu/FF4xA5Lw2ZjkPCTNOswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMjdaFw0yNjAxMjYwOTQ1MjdaMDMxMTAvBgNV
BAMTKDZGQjkzMTE2QTkxOUNBMDgwNzlEREY2NDgzQzY5NjI5OThDOTk0QzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5UqY2SVXtKbdzlH/gT8Vq/aYQ
Ms/zV/i7Xcvb+WMv18eKNPSULWP81Iq0U7pZj849DX/m6ruLByKJKA2rm7PMRN5+
nVrrFHEaJEC/QuGmIvRTR/8xNAnQWRp0LqIizKsB3Uz2wf1f/5VyCFnm0QcM/kQe
VKmF0HL07aMjSHlMX1e3vgnb4sAKaiT0WGIV6Oi9+NncDHMBdDgX40oCAfnoHVkt
p/dr9hCmPR2FZTV5nCI3SG16KWiTd9GpSGA941dOkuETBVRPHLJY7XNm2yeF5zqG
n20r9JeKJ4FCzn60HhvQTAHfniJmUdcmFcr0tkV9p0IAvn51t2EPsuN2OlCHAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUb7kxFqkZyggHnd9kg8aWKZjJlMgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM1MmUzMTM3MzkyZTMx
MzkzNDJlMzAyZjMyMzMyZDMyMzMyMDNkM2UyMDMyMzAzMTMzMzQzMS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAcOzwjANBgkqhkiG9w0BAQsFAAOCAQEAJqZckqeyaRLUE3nPx49//25Dl2Ye
np9s4rIl6ZMv1M9dXiMIkQVXSV9uZ/YSfcwGg2ZOvnVNq8IVeQZMAqVZVvWkkSYc
lceLg91CInTy+B+XOCZsCa8QksOBgulXOoJYZfu0GtNKhrRFexyzM8/J6MHlfHan
R1zYG1fYS1aTqV57JWeCymMmHaU0AF0tLLaf/RGUy10lqNVdDtxzkb41ruHK6MjE
EMs3kGfGTNoXKNtdEN99pBtK5OlOohoCQ8V1aR9QP8GH5J7x7ru4qyWC3ayyyPRj
zG0miI1XQvcW4ObBBhl1nHNy2mjWnsANBa4bzQLwyymSMi8cqa9XrhfAZg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:12:16 2025 by rpki-client