Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3230302e3231352e302f32342d3234203d3e20323034313730.roa
File: 3139352e3230302e3231352e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: rumwcsaDxU/npEtKFZURW5MJ3kzZ+nq2iRlWV4l6SsU=
Subject key identifier: 9D:E1:5C:C5:C7:0F:C0:16:67:84:28:B5:2C:39:0B:BB:DC:4D:DA:CD
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0F4ED25BB814416D648CF3F2B8A86DFC698A3385
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3230302e3231352e302f32342d3234203d3e20323034313730.roa
Signing time: Tue 27 May 2025 22:46:29 +0000
ROA not before: Tue 27 May 2025 22:41:29 +0000
ROA not after: Tue 26 May 2026 22:46:29 +0000
asID: 204170
IP address blocks: 195.200.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 12:43:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:4e:d2:5b:b8:14:41:6d:64:8c:f3:f2:b8:a8:6d:fc:69:8a:33:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 27 22:41:29 2025 GMT
Not After : May 26 22:46:29 2026 GMT
Subject: CN=9DE15CC5C70FC016678428B52C390BBBDC4DDACD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:e1:0b:45:6c:92:18:24:a7:28:da:04:7f:9e:
f6:bb:ff:a6:33:e4:40:15:5d:9f:03:d2:b3:3c:96:
3f:3f:d1:63:1d:4b:bf:83:2f:04:bf:f0:56:df:22:
1e:f1:ed:ae:46:03:1d:4c:50:72:8b:36:54:5c:0f:
a3:8a:29:df:51:cf:14:22:e2:d0:39:d6:f7:98:99:
5c:36:82:32:da:c3:c0:69:25:01:8e:c5:33:35:9e:
70:c6:61:e2:d1:38:86:c1:80:de:be:00:6a:90:1a:
0d:39:42:ac:ec:56:f3:4b:95:5b:24:bc:d9:15:4d:
f5:41:93:36:4d:c2:9e:99:1e:0a:b0:3c:cf:db:c9:
53:35:2a:e7:01:73:11:8e:e1:b5:d2:2d:19:ef:63:
ff:5c:08:7b:94:f7:75:ba:d4:9e:2d:2a:b6:a8:ca:
c6:42:1a:72:d1:98:03:ba:5b:d8:e7:6f:ea:19:55:
f0:c4:e0:0c:84:cd:bf:6d:ea:52:ae:ea:74:7e:7e:
d8:5f:e9:a1:33:fe:94:dc:b4:7f:f4:ff:5b:32:7c:
26:de:09:d5:e4:37:10:1a:4c:12:e7:24:a7:24:5f:
d7:80:aa:c2:73:6a:98:cd:96:21:84:57:8d:52:b7:
10:fe:71:9f:63:2a:f9:e5:3f:75:37:35:74:e9:66:
5e:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:E1:5C:C5:C7:0F:C0:16:67:84:28:B5:2C:39:0B:BB:DC:4D:DA:CD
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3230302e3231352e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.200.215.0/24
Signature Algorithm: sha256WithRSAEncryption
90:eb:48:94:d4:39:a2:3b:3c:a4:9f:8d:f1:94:9b:ab:b8:61:
9c:78:6b:02:1f:e6:76:70:07:a3:5d:ef:36:4d:25:af:07:5e:
83:f9:d9:0c:2a:db:45:50:25:64:84:e0:d1:86:11:b2:48:82:
a5:9e:1b:e1:4f:ed:5f:20:d6:75:95:65:a3:45:2f:3c:3c:e2:
26:dc:27:a4:e4:59:b8:98:e4:43:d1:b6:d8:91:2d:ca:df:f2:
19:c2:d7:8f:41:8d:78:2f:0b:f7:85:31:ee:20:93:69:cc:00:
3d:2a:7d:5c:b9:dd:ca:31:90:00:75:42:75:56:04:37:fd:9f:
11:0f:a1:13:55:42:11:a8:7a:0a:00:88:1c:d7:53:e5:33:dd:
f9:2e:90:34:f2:bf:4a:cb:79:2b:0d:e5:33:32:b7:54:81:02:
9e:d7:43:08:99:77:ed:f6:87:00:e5:4c:7b:f9:62:32:6e:1a:
c8:89:9e:77:d1:e9:f2:28:b7:99:05:b8:b3:94:e2:5a:2b:9d:
68:18:8b:00:00:0a:fb:12:b9:c9:08:67:0d:89:3b:a3:36:11:
91:02:62:c8:5b:ec:56:56:4c:8f:d5:4b:82:87:b0:ea:74:89:
25:ec:66:89:76:bd:56:42:7a:45:06:67:97:c2:c6:25:85:74:
ec:b5:eb:27
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUD07SW7gUQW1kjPPyuKht/GmKM4UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA1MjcyMjQxMjlaFw0yNjA1MjYyMjQ2MjlaMDMxMTAvBgNV
BAMTKDlERTE1Q0M1QzcwRkMwMTY2Nzg0MjhCNTJDMzkwQkJCREM0RERBQ0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDe4QtFbJIYJKco2gR/nva7/6Yz
5EAVXZ8D0rM8lj8/0WMdS7+DLwS/8FbfIh7x7a5GAx1MUHKLNlRcD6OKKd9RzxQi
4tA51veYmVw2gjLaw8BpJQGOxTM1nnDGYeLROIbBgN6+AGqQGg05QqzsVvNLlVsk
vNkVTfVBkzZNwp6ZHgqwPM/byVM1KucBcxGO4bXSLRnvY/9cCHuU93W61J4tKrao
ysZCGnLRmAO6W9jnb+oZVfDE4AyEzb9t6lKu6nR+fthf6aEz/pTctH/0/1syfCbe
CdXkNxAaTBLnJKckX9eAqsJzapjNliGEV41StxD+cZ9jKvnlP3U3NXTpZl7BAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUneFcxccPwBZnhCi1LDkLu9xN2s0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM1MmUzMjMwMzAyZTMy
MzEzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNDMxMzczMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMPI1zANBgkqhkiG9w0BAQsFAAOCAQEAkOtIlNQ5ojs8pJ+N8ZSbq7hhnHhr
Ah/mdnAHo13vNk0lrwdeg/nZDCrbRVAlZITg0YYRskiCpZ4b4U/tXyDWdZVlo0Uv
PDziJtwnpORZuJjkQ9G22JEtyt/yGcLXj0GNeC8L94Ux7iCTacwAPSp9XLndyjGQ
AHVCdVYEN/2fEQ+hE1VCEah6CgCIHNdT5TPd+S6QNPK/Sst5Kw3lMzK3VIECntdD
CJl37faHAOVMe/liMm4ayImed9Hp8ii3mQW4s5TiWiudaBiLAAAK+xK5yQhnDYk7
ozYRkQJiyFvsVlZMj9VLgoew6nSJJexmiXa9VkJ6RQZnl8LGJYV07LXrJw==
-----END CERTIFICATE-----
Generated at Fri Jun 6 19:46:10 2025 by rpki-client