Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3231302e35392e302f32342d3234203d3e20313336373837.roa
File: 3139352e3231302e35392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: vV8NsTe2RhyXfT5/0kNNvIwTGz7NkVTpV/+57Qe0r6g=
Subject key identifier: 06:B6:9F:40:6B:EF:38:FF:56:16:81:0D:AC:84:8A:6A:53:6E:BE:7A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 531D3D554721AE6EDD58EE6350D93BD2B14032B4
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3231302e35392e302f32342d3234203d3e20313336373837.roa
Signing time: Sat 01 Feb 2025 22:45:36 +0000
ROA not before: Sat 01 Feb 2025 22:40:36 +0000
ROA not after: Sat 31 Jan 2026 22:45:36 +0000
asID: 136787
IP address blocks: 195.210.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:1d:3d:55:47:21:ae:6e:dd:58:ee:63:50:d9:3b:d2:b1:40:32:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 1 22:40:36 2025 GMT
Not After : Jan 31 22:45:36 2026 GMT
Subject: CN=06B69F406BEF38FF5616810DAC848A6A536EBE7A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b9:c2:af:89:a4:f2:ad:40:ca:a6:a6:eb:64:
8a:8b:c4:91:03:36:eb:6f:a2:50:b9:90:b2:0b:9e:
d1:a0:83:e4:2b:10:fd:f9:1c:d5:b4:54:e5:07:a4:
09:7b:e3:89:26:94:dd:6c:7e:0d:56:6a:c4:7d:81:
05:f8:5a:a4:f2:8c:c6:2d:96:c5:6a:15:c3:3b:9c:
81:09:50:bb:b5:30:bc:ed:b8:d5:cf:31:44:79:ad:
fc:2d:84:74:22:42:ae:d8:6c:e2:d6:eb:4f:6a:9d:
e6:9c:bd:fc:8c:4e:95:a2:0f:06:dd:34:8b:7c:3f:
88:5b:2d:90:c6:eb:f3:1e:a3:f7:c6:c8:5b:bc:64:
62:09:29:61:75:b6:6d:b7:54:13:43:29:f6:71:77:
87:e5:ab:e8:76:74:11:f8:6e:e0:f4:89:e7:61:38:
3b:71:f3:9e:e2:9d:17:2c:1f:f1:3a:29:2f:d9:c3:
66:e5:e9:4c:b0:ed:6e:f6:1e:8b:6e:05:70:a3:49:
bf:f2:18:76:ca:7a:4b:f8:e0:78:33:25:90:77:e9:
08:fd:1e:e1:1e:51:55:1e:92:89:8d:5e:38:3c:19:
ef:71:01:65:9c:05:88:92:c6:2d:c9:cd:2e:8d:2c:
ca:d9:94:b2:b4:8e:a7:b9:f2:6f:e3:ba:b1:c5:e7:
32:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:B6:9F:40:6B:EF:38:FF:56:16:81:0D:AC:84:8A:6A:53:6E:BE:7A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3231302e35392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.210.59.0/24
Signature Algorithm: sha256WithRSAEncryption
20:4b:52:15:06:77:e8:43:13:3e:1d:d8:e8:38:de:a6:c2:87:
ee:dc:dd:5a:6f:36:b4:9b:59:58:a4:d0:d1:b2:96:0f:79:11:
0f:f4:02:3e:77:b9:fc:10:f8:90:01:b3:ca:8c:3a:2c:80:af:
28:b0:92:80:3d:be:d1:13:ca:9a:23:96:e2:b6:4c:3e:52:69:
28:e8:c4:79:4f:79:20:8f:97:58:39:bc:8b:e6:d2:60:98:2e:
9a:13:ef:8a:34:30:97:59:74:fd:27:6d:07:49:81:97:f9:44:
3f:cb:22:41:a1:0c:f6:82:4e:58:d5:64:10:c7:39:0c:a9:a6:
a2:40:1f:dc:3e:a5:21:88:11:d9:e4:93:17:61:f5:4d:f8:41:
4b:91:4d:36:f4:f1:d0:9e:46:fa:e1:2a:e9:b6:56:07:b3:cf:
2f:5c:a2:c8:c9:b8:9d:9a:fb:c3:11:e1:fa:74:e4:14:f1:7e:
01:e7:38:04:bf:ad:91:15:b0:f1:a9:02:3c:34:b2:c2:88:0b:
dd:05:af:cc:e7:df:6e:67:f6:d7:d0:16:f1:12:29:dc:2d:f5:
ae:db:31:a0:8e:d1:07:34:4b:79:02:ae:91:a0:1f:45:a5:1a:
89:e3:7f:3b:17:32:83:cc:86:95:69:35:b2:55:7e:3e:70:8c:
35:46:6f:60
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUUx09VUchrm7dWO5jUNk70rFAMrQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAyMDEyMjQwMzZaFw0yNjAxMzEyMjQ1MzZaMDMxMTAvBgNV
BAMTKDA2QjY5RjQwNkJFRjM4RkY1NjE2ODEwREFDODQ4QTZBNTM2RUJFN0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0ucKviaTyrUDKpqbrZIqLxJED
NutvolC5kLILntGgg+QrEP35HNW0VOUHpAl744kmlN1sfg1WasR9gQX4WqTyjMYt
lsVqFcM7nIEJULu1MLztuNXPMUR5rfwthHQiQq7YbOLW609qneacvfyMTpWiDwbd
NIt8P4hbLZDG6/Meo/fGyFu8ZGIJKWF1tm23VBNDKfZxd4flq+h2dBH4buD0iedh
ODtx857inRcsH/E6KS/Zw2bl6Uyw7W72HotuBXCjSb/yGHbKekv44HgzJZB36Qj9
HuEeUVUekomNXjg8Ge9xAWWcBYiSxi3JzS6NLMrZlLK0jqe58m/jurHF5zJdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUBrafQGvvOP9WFoENrISKalNuvnowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM1MmUzMjMxMzAyZTM1
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADD0jswDQYJKoZIhvcNAQELBQADggEBACBLUhUGd+hDEz4d2Og43qbCh+7c3Vpv
NrSbWVik0NGylg95EQ/0Aj53ufwQ+JABs8qMOiyAryiwkoA9vtETypojluK2TD5S
aSjoxHlPeSCPl1g5vIvm0mCYLpoT74o0MJdZdP0nbQdJgZf5RD/LIkGhDPaCTljV
ZBDHOQyppqJAH9w+pSGIEdnkkxdh9U34QUuRTTb08dCeRvrhKum2Vgezzy9cosjJ
uJ2a+8MR4fp05BTxfgHnOAS/rZEVsPGpAjw0ssKIC90Fr8zn325n9tfQFvESKdwt
9a7bMaCO0Qc0S3kCrpGgH0WlGonjfzsXMoPMhpVpNbJVfj5wjDVGb2A=
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:18:31 2025 by rpki-client