Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3137392e3139362e302f32322d3234203d3e20323034313730.roa
File: 3139352e3137392e3139362e302f32322d3234203d3e20323034313730.roa (raw, json)
Hash identifier: oamsvbH8e1q+xSNUDj2cPI18/KFXUZx6UMjtAngsUTE=
Subject key identifier: 84:0E:9D:5F:4B:E1:3C:07:E8:63:A4:5B:4C:66:3C:41:AA:13:AD:DF
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 51E496467D167C99C09AB0D6267994FB4B4E7FAC
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3137392e3139362e302f32322d3234203d3e20323034313730.roa
Signing time: Mon 27 Jan 2025 09:44:59 +0000
ROA not before: Mon 27 Jan 2025 09:39:59 +0000
ROA not after: Mon 26 Jan 2026 09:44:59 +0000
asID: 204170
IP address blocks: 195.179.196.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:e4:96:46:7d:16:7c:99:c0:9a:b0:d6:26:79:94:fb:4b:4e:7f:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:39:59 2025 GMT
Not After : Jan 26 09:44:59 2026 GMT
Subject: CN=840E9D5F4BE13C07E863A45B4C663C41AA13ADDF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:a5:35:68:38:4c:2a:d2:5b:01:3a:90:89:84:
0f:08:d8:e3:8c:76:95:46:79:38:0d:8d:b1:94:d5:
1c:d8:14:fa:2e:23:85:a0:1e:60:5b:2a:34:97:3b:
87:d1:13:56:55:91:aa:b0:7b:79:86:04:20:23:15:
88:b3:03:ec:41:7b:b1:a2:7b:72:a3:78:e4:33:17:
3b:c6:a1:fd:60:4e:6d:dc:85:58:2d:5c:72:0b:74:
a5:db:79:0d:95:be:86:f7:4d:89:cb:3d:35:6a:c6:
26:0d:d2:26:c2:ee:b4:8b:71:fc:7a:4c:20:75:48:
5b:60:75:01:52:70:cf:6e:7d:ae:50:e8:6e:47:bc:
2b:48:25:0a:12:6f:4c:9e:0f:fd:82:e8:26:c0:ec:
43:e4:c9:52:23:57:85:f8:ca:78:54:69:bd:b7:7f:
fc:91:44:5a:14:16:48:5c:aa:6c:40:82:d9:89:bb:
d1:7c:42:bc:fa:8b:6a:ae:28:c4:08:13:69:8e:24:
88:80:42:1d:38:67:bf:5e:47:ee:f3:3b:49:91:ad:
49:52:a9:ab:53:70:50:5b:01:42:15:5d:de:15:e6:
a3:26:5c:6b:10:16:4c:66:bf:a0:09:1f:9d:38:8c:
05:26:91:97:8e:58:ad:bb:80:d7:cd:1e:3b:2e:2f:
52:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:0E:9D:5F:4B:E1:3C:07:E8:63:A4:5B:4C:66:3C:41:AA:13:AD:DF
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3137392e3139362e302f32322d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.179.196.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:5b:7b:28:64:03:a3:81:dd:8d:4b:5e:53:e9:ec:4e:18:36:
38:45:dd:a4:43:6b:f0:72:bd:7b:92:6d:6f:96:77:f0:d2:92:
c4:17:2e:12:da:2e:0c:15:28:8e:82:95:1a:e5:8e:18:13:be:
30:09:2f:df:dc:42:67:e8:40:04:2b:af:0b:f1:6b:d6:8c:30:
90:dc:24:21:55:b8:43:ec:f5:ff:fd:c2:e0:ce:78:18:7c:46:
72:d9:45:41:15:20:38:5e:e6:ac:21:ab:03:84:d2:29:32:bd:
6c:2e:02:d5:74:f7:68:d2:b9:ba:9c:22:69:5e:b2:8a:f6:b2:
a7:1c:de:9e:a1:d4:4c:bb:54:44:8c:b1:69:08:85:8a:5f:40:
97:a3:9b:ed:79:e6:ca:c9:9f:ec:d5:08:4c:2f:64:4f:70:3c:
18:6e:5f:3c:18:dd:f0:2d:74:4f:70:cc:93:8c:51:25:66:d2:
1c:fa:31:7b:00:39:5a:36:94:b6:0d:b9:9c:e7:b5:06:8b:95:
21:f8:a6:40:7a:19:bc:4f:14:3f:6a:dd:ea:a1:65:ec:1e:0d:
80:12:ff:1b:ad:1c:25:7b:19:d9:0a:ff:7e:c3:9e:38:4a:e8:
cc:fb:0e:a9:6c:0f:b3:82:e4:c9:98:fe:35:da:98:c3:5c:de:
c7:2e:57:f2
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUUeSWRn0WfJnAmrDWJnmU+0tOf6wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTM5NTlaFw0yNjAxMjYwOTQ0NTlaMDMxMTAvBgNV
BAMTKDg0MEU5RDVGNEJFMTNDMDdFODYzQTQ1QjRDNjYzQzQxQUExM0FEREYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDopTVoOEwq0lsBOpCJhA8I2OOM
dpVGeTgNjbGU1RzYFPouI4WgHmBbKjSXO4fRE1ZVkaqwe3mGBCAjFYizA+xBe7Gi
e3KjeOQzFzvGof1gTm3chVgtXHILdKXbeQ2Vvob3TYnLPTVqxiYN0ibC7rSLcfx6
TCB1SFtgdQFScM9ufa5Q6G5HvCtIJQoSb0yeD/2C6CbA7EPkyVIjV4X4ynhUab23
f/yRRFoUFkhcqmxAgtmJu9F8Qrz6i2quKMQIE2mOJIiAQh04Z79eR+7zO0mRrUlS
qatTcFBbAUIVXd4V5qMmXGsQFkxmv6AJH504jAUmkZeOWK27gNfNHjsuL1J7AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUhA6dX0vhPAfoY6RbTGY8QaoTrd8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM1MmUzMTM3MzkyZTMx
MzkzNjJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzAzNDMxMzczMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAsOzxDANBgkqhkiG9w0BAQsFAAOCAQEAHFt7KGQDo4HdjUteU+nsThg2OEXd
pENr8HK9e5Jtb5Z38NKSxBcuEtouDBUojoKVGuWOGBO+MAkv39xCZ+hABCuvC/Fr
1owwkNwkIVW4Q+z1//3C4M54GHxGctlFQRUgOF7mrCGrA4TSKTK9bC4C1XT3aNK5
upwiaV6yivaypxzenqHUTLtURIyxaQiFil9Al6Ob7Xnmysmf7NUITC9kT3A8GG5f
PBjd8C10T3DMk4xRJWbSHPoxewA5WjaUtg25nOe1BouVIfimQHoZvE8UP2rd6qFl
7B4NgBL/G60cJXsZ2Qr/fsOeOErozPsOqWwPs4LkyZj+NdqYw1zexy5X8g==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:18:22 2025 by rpki-client