Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3230302e3232312e302f32342d3234203d3e20323034313730.roa
File: 3139352e3230302e3232312e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: GsQ5hZTITzS6Mvg3u3HpWozWHq9aErzvNfRdcStQwQI=
Subject key identifier: C9:C2:23:BC:71:89:58:0E:7F:4B:AB:63:D2:B3:15:2B:6F:0F:CF:B3
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7484BB74C9FF72C2BA569486BDF7DD523F2708BC
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3230302e3232312e302f32342d3234203d3e20323034313730.roa
Signing time: Tue 27 May 2025 22:46:30 +0000
ROA not before: Tue 27 May 2025 22:41:30 +0000
ROA not after: Tue 26 May 2026 22:46:30 +0000
asID: 204170
IP address blocks: 195.200.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 12:43:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:84:bb:74:c9:ff:72:c2:ba:56:94:86:bd:f7:dd:52:3f:27:08:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 27 22:41:30 2025 GMT
Not After : May 26 22:46:30 2026 GMT
Subject: CN=C9C223BC7189580E7F4BAB63D2B3152B6F0FCFB3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:41:09:c1:a8:d2:65:83:de:6e:8b:27:29:00:
a5:3b:24:78:1e:c5:27:ae:39:ad:b8:43:e7:f5:2e:
92:35:00:d5:52:85:1e:25:f7:50:7a:a3:32:4a:6d:
3b:46:02:37:7c:a1:58:b6:18:ec:70:98:c7:e3:14:
68:f2:29:de:86:ca:a2:b4:4b:8a:d5:dd:89:10:1c:
46:40:24:da:81:96:36:45:5f:79:2d:39:66:a5:eb:
3e:1b:13:1a:46:1d:1d:f8:c6:eb:37:80:cf:77:ca:
f1:6a:b4:e4:e2:95:66:8d:43:24:43:e1:a3:4c:4f:
d7:ba:2d:f2:f7:b0:cf:6c:bf:b2:f1:9b:b9:e6:87:
ff:9f:0f:18:05:55:da:ae:cc:21:fa:55:0a:2a:22:
6b:9a:08:73:fe:41:d7:90:1c:52:55:ab:3b:6d:d2:
73:4a:b1:2a:8e:d2:85:1f:7b:8a:ba:f0:0a:b4:25:
cf:11:fa:db:16:a0:3a:54:d2:51:e4:d6:9f:fc:04:
88:64:1a:3e:8d:6c:77:04:38:ef:f0:6a:1d:e4:b4:
7d:f4:eb:5a:23:ec:3d:50:a4:e2:63:ea:52:d3:9a:
f9:40:b7:13:e6:43:04:14:22:49:d0:7e:5c:4d:51:
ea:e5:27:d3:28:b7:58:a5:45:27:0e:a1:6f:04:f1:
1e:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:C2:23:BC:71:89:58:0E:7F:4B:AB:63:D2:B3:15:2B:6F:0F:CF:B3
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3230302e3232312e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.200.221.0/24
Signature Algorithm: sha256WithRSAEncryption
43:b1:c8:ab:35:5d:2e:bb:54:9f:63:a9:9b:c7:c8:b8:38:72:
19:f0:d9:ef:b5:ee:24:d4:76:d5:1f:b5:5d:de:14:65:c6:d2:
04:8f:98:7c:ae:68:15:87:6a:b7:4d:99:5f:31:8c:1c:fa:f2:
1e:31:25:11:13:99:5e:4a:88:57:e6:19:62:7c:87:d5:6d:06:
5f:e1:84:3b:24:d7:f0:0b:2d:4d:52:76:e4:1e:83:0e:68:e1:
b1:28:02:40:7f:98:11:bb:a8:d2:8e:a7:f9:c0:bc:be:a0:91:
14:a3:a9:70:65:46:c0:cf:4f:fa:68:fa:68:5b:f7:00:6b:15:
1b:2f:d6:f0:4e:7d:b0:4a:3d:2d:09:c7:ed:13:0e:3a:76:9b:
63:2e:a7:bb:0a:47:fc:c8:5d:e2:72:25:fd:36:d7:e4:00:4f:
de:06:32:7e:f4:f3:57:94:6a:17:5e:f7:3a:83:39:e7:60:ff:
8e:08:4d:e5:fd:d2:79:b7:b8:6c:11:be:b2:7a:f1:1b:bc:c0:
13:58:15:fc:82:04:a6:bf:c6:47:e4:bc:d6:a0:0b:bd:88:38:
2c:9f:03:9b:4a:30:3e:d9:72:f5:3a:48:60:77:b7:99:14:c0:
63:fe:89:3d:8d:9e:43:54:95:ad:27:57:c4:e2:09:dc:24:c9:
b6:39:e6:36
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUdIS7dMn/csK6VpSGvffdUj8nCLwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA1MjcyMjQxMzBaFw0yNjA1MjYyMjQ2MzBaMDMxMTAvBgNV
BAMTKEM5QzIyM0JDNzE4OTU4MEU3RjRCQUI2M0QyQjMxNTJCNkYwRkNGQjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUQQnBqNJlg95uiycpAKU7JHge
xSeuOa24Q+f1LpI1ANVShR4l91B6ozJKbTtGAjd8oVi2GOxwmMfjFGjyKd6GyqK0
S4rV3YkQHEZAJNqBljZFX3ktOWal6z4bExpGHR34xus3gM93yvFqtOTilWaNQyRD
4aNMT9e6LfL3sM9sv7Lxm7nmh/+fDxgFVdquzCH6VQoqImuaCHP+QdeQHFJVqztt
0nNKsSqO0oUfe4q68Aq0Jc8R+tsWoDpU0lHk1p/8BIhkGj6NbHcEOO/wah3ktH30
61oj7D1QpOJj6lLTmvlAtxPmQwQUIknQflxNUerlJ9Mot1ilRScOoW8E8R49AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUycIjvHGJWA5/S6tj0rMVK28Pz7MwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM1MmUzMjMwMzAyZTMy
MzIzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNDMxMzczMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMPI3TANBgkqhkiG9w0BAQsFAAOCAQEAQ7HIqzVdLrtUn2Opm8fIuDhyGfDZ
77XuJNR21R+1Xd4UZcbSBI+YfK5oFYdqt02ZXzGMHPryHjElEROZXkqIV+YZYnyH
1W0GX+GEOyTX8AstTVJ25B6DDmjhsSgCQH+YEbuo0o6n+cC8vqCRFKOpcGVGwM9P
+mj6aFv3AGsVGy/W8E59sEo9LQnH7RMOOnabYy6nuwpH/Mhd4nIl/TbX5ABP3gYy
fvTzV5RqF173OoM552D/jghN5f3Sebe4bBG+snrxG7zAE1gV/IIEpr/GR+S81qAL
vYg4LJ8Dm0owPtly9TpIYHe3mRTAY/6JPY2eQ1SVrSdXxOIJ3CTJtjnmNg==
-----END CERTIFICATE-----
Generated at Sat Jun 7 06:04:36 2025 by rpki-client