Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e32362e3234302e302f32312d3332203d3e203430303231.roa
File: 3139352e32362e3234302e302f32312d3332203d3e203430303231.roa (raw, json)
Hash identifier: feAUUaBHLndblksUF84/IR5DI+S4DSu3i24TT2X5LWg=
Subject key identifier: 84:C4:B1:21:78:F9:83:F7:62:68:97:B4:45:97:B9:C4:6D:55:28:92
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 38E60890999FE87BA6E662C72BF1505B125B8BA5
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e32362e3234302e302f32312d3332203d3e203430303231.roa
Signing time: Wed 02 Apr 2025 08:45:56 +0000
ROA not before: Wed 02 Apr 2025 08:40:56 +0000
ROA not after: Wed 01 Apr 2026 08:45:56 +0000
asID: 40021
IP address blocks: 195.26.240.0/21 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:e6:08:90:99:9f:e8:7b:a6:e6:62:c7:2b:f1:50:5b:12:5b:8b:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 2 08:40:56 2025 GMT
Not After : Apr 1 08:45:56 2026 GMT
Subject: CN=84C4B12178F983F7626897B44597B9C46D552892
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:99:aa:bb:ae:bd:45:ee:04:b8:a3:b4:b1:f1:
2b:fa:c2:73:2f:80:a9:e5:8e:ef:f3:50:ab:e2:6a:
7c:c5:73:8f:48:9e:68:e9:5e:f3:4e:53:28:7e:65:
07:fa:fc:4c:b3:f1:3d:77:d9:0a:6f:96:d5:09:fb:
d0:b5:bf:14:9a:d4:c4:a1:16:b7:86:a6:49:ac:6f:
ca:8b:75:d4:b6:07:c9:a4:2a:af:5d:4c:a6:75:b1:
77:94:30:51:c6:e0:32:a8:1f:34:cb:a0:30:52:ec:
20:6e:73:b0:03:e0:09:4c:33:c0:1d:76:97:4d:64:
d9:69:04:5b:1a:e8:69:76:3a:52:99:c9:3d:af:93:
9e:6e:df:87:bd:4e:46:d8:15:ae:12:f9:a7:f2:9f:
4d:0d:4f:e4:77:53:3d:03:6b:f3:5c:52:ab:5e:dc:
ab:1b:fe:1f:68:33:71:2d:f5:5a:17:ed:a7:10:74:
dd:3f:04:84:5f:5e:a4:f7:70:cd:72:a3:f5:2b:e5:
93:f4:c4:ba:22:d2:e7:c2:63:1d:1f:f4:b6:cb:a8:
a6:56:06:d6:cb:2f:17:0e:37:ee:a7:03:b3:64:1f:
c6:8c:5b:3e:08:1d:75:c7:f2:6f:7a:4d:f2:84:76:
d8:1a:3e:a7:56:74:d6:5e:83:61:e1:dd:ef:35:7f:
e2:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:C4:B1:21:78:F9:83:F7:62:68:97:B4:45:97:B9:C4:6D:55:28:92
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e32362e3234302e302f32312d3332203d3e203430303231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.26.240.0/21
Signature Algorithm: sha256WithRSAEncryption
51:da:a3:9c:46:5b:3f:8f:a5:97:d4:d8:72:c3:ef:ce:d8:b9:
c0:99:ab:a1:0b:d7:bf:df:32:38:1b:6d:29:69:51:f8:da:ec:
7c:97:b9:cb:ee:13:f0:b0:36:5e:3a:9a:5d:cc:36:cc:3d:2a:
aa:a2:47:0d:e8:63:18:2f:f6:fa:00:d0:13:51:a2:67:c0:a5:
fe:e4:f0:d3:fa:a9:dd:20:e8:70:17:66:29:7e:de:a6:74:f3:
92:26:59:88:f9:d3:56:eb:11:78:eb:55:36:e1:73:d8:b5:a3:
15:b4:66:e3:e4:76:75:10:24:7b:b7:1b:ce:f3:fe:b3:0e:45:
3f:1b:96:74:ee:f0:6d:3f:56:ef:e7:36:63:80:fd:45:e1:dc:
0f:49:1f:b2:ee:17:16:d0:58:30:7d:90:3e:cb:3a:20:4d:84:
35:a4:54:5f:0e:f6:61:db:9f:75:e8:5b:cf:e5:0e:1f:aa:9c:
a6:85:4b:56:67:98:10:f9:55:7b:16:37:59:31:77:e8:af:7e:
81:3f:82:f3:e3:ca:79:54:91:8e:66:47:65:cd:d2:78:2e:42:
c6:a7:4c:c3:b8:dc:26:a3:f5:6e:64:45:22:f7:71:83:fe:72:
4f:e2:cf:64:e5:ec:76:a5:44:b6:47:d6:fb:2b:cc:26:63:6b:
c0:e2:62:26
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUOOYIkJmf6Hum5mLHK/FQWxJbi6UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA0MDIwODQwNTZaFw0yNjA0MDEwODQ1NTZaMDMxMTAvBgNV
BAMTKDg0QzRCMTIxNzhGOTgzRjc2MjY4OTdCNDQ1OTdCOUM0NkQ1NTI4OTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXmaq7rr1F7gS4o7Sx8Sv6wnMv
gKnlju/zUKvianzFc49InmjpXvNOUyh+ZQf6/Eyz8T132QpvltUJ+9C1vxSa1MSh
FreGpkmsb8qLddS2B8mkKq9dTKZ1sXeUMFHG4DKoHzTLoDBS7CBuc7AD4AlMM8Ad
dpdNZNlpBFsa6Gl2OlKZyT2vk55u34e9TkbYFa4S+afyn00NT+R3Uz0Da/NcUqte
3Ksb/h9oM3Et9VoX7acQdN0/BIRfXqT3cM1yo/Ur5ZP0xLoi0ufCYx0f9LbLqKZW
BtbLLxcON+6nA7NkH8aMWz4IHXXH8m96TfKEdtgaPqdWdNZeg2Hh3e81f+JJAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUhMSxIXj5g/diaJe0RZe5xG1VKJIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM1MmUzMjM2MmUzMjM0
MzAyZTMwMmYzMjMxMmQzMzMyMjAzZDNlMjAzNDMwMzAzMjMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
wxrwMA0GCSqGSIb3DQEBCwUAA4IBAQBR2qOcRls/j6WX1Nhyw+/O2LnAmauhC9e/
3zI4G20paVH42ux8l7nL7hPwsDZeOppdzDbMPSqqokcN6GMYL/b6ANATUaJnwKX+
5PDT+qndIOhwF2Ypft6mdPOSJlmI+dNW6xF461U24XPYtaMVtGbj5HZ1ECR7txvO
8/6zDkU/G5Z07vBtP1bv5zZjgP1F4dwPSR+y7hcW0FgwfZA+yzogTYQ1pFRfDvZh
25916FvP5Q4fqpymhUtWZ5gQ+VV7FjdZMXfor36BP4Lz48p5VJGOZkdlzdJ4LkLG
p0zDuNwmo/VuZEUi93GD/nJP4s9k5ex2pUS2R9b7K8wmY2vA4mIm
-----END CERTIFICATE-----
Generated at Fri Apr 4 15:59:43 2025 by rpki-client