Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3230302e3231302e302f32342d3234203d3e20323034313730.roa
File: 3139352e3230302e3231302e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: IgEdENrPmZNnMESqYtRFO+cCn9XEmhSMB7EC8YefCsY=
Subject key identifier: 3A:57:92:5D:11:84:CF:6D:8A:3E:B1:F9:20:F6:24:D6:39:A6:E4:EA
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 228594DC36D304444F8BD140C0D8BB7E05863C1D
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3230302e3231302e302f32342d3234203d3e20323034313730.roa
Signing time: Tue 27 May 2025 22:46:29 +0000
ROA not before: Tue 27 May 2025 22:41:29 +0000
ROA not after: Tue 26 May 2026 22:46:29 +0000
asID: 204170
IP address blocks: 195.200.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 12:43:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:85:94:dc:36:d3:04:44:4f:8b:d1:40:c0:d8:bb:7e:05:86:3c:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 27 22:41:29 2025 GMT
Not After : May 26 22:46:29 2026 GMT
Subject: CN=3A57925D1184CF6D8A3EB1F920F624D639A6E4EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a1:3e:9c:4b:c1:91:f5:a1:41:d7:e5:f7:cb:
f5:f2:71:70:f9:d9:e8:d4:45:e5:ab:c7:cf:b0:45:
aa:d6:30:d0:f5:6f:5b:5e:ef:cc:56:2e:fa:6b:9c:
be:9e:35:69:15:87:79:0b:88:a2:44:88:36:ca:6b:
ee:b7:f9:ae:93:d6:1f:ae:fd:b7:a5:2d:28:0a:76:
bd:40:02:24:f9:a5:4a:a5:f6:9d:c0:0c:0d:57:b2:
a7:41:e1:45:f9:02:72:24:72:10:e5:ce:4e:14:04:
0d:58:70:b2:ee:7d:8b:92:45:6b:78:03:30:4a:9e:
45:cf:d7:c5:ed:9d:6e:4c:a3:4c:a6:52:4c:51:79:
b9:a2:97:55:f8:dd:96:ee:22:3d:11:41:7e:70:84:
ca:90:97:ff:97:bf:10:91:be:35:17:6c:3d:ac:4d:
b0:3c:31:a2:3a:f5:cc:ce:fb:0a:e3:1f:02:d7:c2:
26:10:2f:57:cd:73:28:76:01:6d:fb:be:a3:bd:c3:
2e:f8:4c:60:ca:c6:da:97:1c:f5:8c:ef:6b:e5:0e:
37:7e:99:cf:61:3c:5f:b5:5f:b3:76:d4:80:22:86:
9f:21:6e:71:b4:19:75:9a:e5:81:cf:4e:99:b4:e6:
10:9f:b8:37:e2:11:85:84:d2:ec:fa:93:31:23:69:
b9:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:57:92:5D:11:84:CF:6D:8A:3E:B1:F9:20:F6:24:D6:39:A6:E4:EA
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3230302e3231302e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.200.210.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:a1:6e:06:6d:4b:db:1c:0d:ba:11:29:5c:da:da:f6:d5:9c:
23:be:f0:d2:fe:92:16:07:59:72:05:18:82:8d:90:09:d6:5d:
41:46:9b:6f:50:a8:7e:ad:77:d9:1c:d6:d2:a9:c7:5c:3c:77:
4f:2d:55:ec:47:9c:65:05:b4:ca:7e:44:ee:91:d4:6c:f7:10:
a4:4b:5b:c5:c9:66:08:7d:78:c3:a2:7c:db:d4:47:a9:cd:e8:
e1:de:0e:70:d0:31:03:35:54:c7:5d:f1:c7:a1:38:23:90:50:
3c:cd:b1:58:12:35:a0:6a:c4:97:50:9e:24:fd:70:d2:46:a6:
b4:2c:29:b1:d8:3f:d5:9e:ae:b5:e8:34:cc:02:e8:9f:35:d5:
74:0f:b8:ba:5a:d1:12:fe:a7:86:0f:96:be:3e:25:a1:c6:25:
6f:42:13:fa:e3:33:cb:95:96:a7:8d:9a:bf:a3:0d:86:39:bc:
95:2b:e4:20:2b:c5:15:a3:29:56:60:a8:7c:08:a4:2d:48:56:
5d:68:d5:fb:e7:d6:5f:5a:41:a7:02:02:0c:20:ec:29:23:38:
7b:ea:e0:76:cf:44:59:36:24:6f:83:f4:11:14:41:a8:17:f9:
17:e5:b0:30:3c:b8:1a:99:27:01:0e:45:e1:8c:e6:29:ea:39:
97:13:e0:37
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUIoWU3DbTBERPi9FAwNi7fgWGPB0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA1MjcyMjQxMjlaFw0yNjA1MjYyMjQ2MjlaMDMxMTAvBgNV
BAMTKDNBNTc5MjVEMTE4NENGNkQ4QTNFQjFGOTIwRjYyNEQ2MzlBNkU0RUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsoT6cS8GR9aFB1+X3y/XycXD5
2ejUReWrx8+wRarWMND1b1te78xWLvprnL6eNWkVh3kLiKJEiDbKa+63+a6T1h+u
/belLSgKdr1AAiT5pUql9p3ADA1XsqdB4UX5AnIkchDlzk4UBA1YcLLufYuSRWt4
AzBKnkXP18XtnW5Mo0ymUkxRebmil1X43ZbuIj0RQX5whMqQl/+XvxCRvjUXbD2s
TbA8MaI69czO+wrjHwLXwiYQL1fNcyh2AW37vqO9wy74TGDKxtqXHPWM72vlDjd+
mc9hPF+1X7N21IAihp8hbnG0GXWa5YHPTpm05hCfuDfiEYWE0uz6kzEjabkJAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUOleSXRGEz22KPrH5IPYk1jmm5OowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM1MmUzMjMwMzAyZTMy
MzEzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNDMxMzczMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMPI0jANBgkqhkiG9w0BAQsFAAOCAQEAHKFuBm1L2xwNuhEpXNra9tWcI77w
0v6SFgdZcgUYgo2QCdZdQUabb1Cofq132RzW0qnHXDx3Ty1V7EecZQW0yn5E7pHU
bPcQpEtbxclmCH14w6J829RHqc3o4d4OcNAxAzVUx13xx6E4I5BQPM2xWBI1oGrE
l1CeJP1w0kamtCwpsdg/1Z6uteg0zALonzXVdA+4ulrREv6nhg+Wvj4locYlb0IT
+uMzy5WWp42av6MNhjm8lSvkICvFFaMpVmCofAikLUhWXWjV++fWX1pBpwICDCDs
KSM4e+rgds9EWTYkb4P0ERRBqBf5F+WwMDy4GpknAQ5F4YzmKeo5lxPgNw==
-----END CERTIFICATE-----
Generated at Fri Jun 6 19:46:17 2025 by rpki-client