Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e32362e3234382e302f32312d3332203d3e203430303231.roa
File: 3139352e32362e3234382e302f32312d3332203d3e203430303231.roa (raw, json)
Hash identifier: Wqu8Kg82rJE9rjBNqvtUrKOiGp7cJGHujVRXlS9V04E=
Subject key identifier: 0B:E3:CC:F3:F8:5D:2F:2C:C8:DD:80:0E:5A:17:93:15:CF:36:DD:4C
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7774EBF3221D92EAECD6E13E7445CA1642990884
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e32362e3234382e302f32312d3332203d3e203430303231.roa
Signing time: Wed 02 Apr 2025 08:45:56 +0000
ROA not before: Wed 02 Apr 2025 08:40:56 +0000
ROA not after: Wed 01 Apr 2026 08:45:56 +0000
asID: 40021
IP address blocks: 195.26.248.0/21 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:74:eb:f3:22:1d:92:ea:ec:d6:e1:3e:74:45:ca:16:42:99:08:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 2 08:40:56 2025 GMT
Not After : Apr 1 08:45:56 2026 GMT
Subject: CN=0BE3CCF3F85D2F2CC8DD800E5A179315CF36DD4C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:55:57:29:49:b5:20:a1:a2:04:eb:99:92:47:
07:bf:7f:d6:69:94:34:ee:03:d5:a5:1d:70:36:d6:
f8:99:f1:33:2c:56:8f:40:a3:b0:ed:8f:2a:df:5f:
d3:7a:74:14:63:4a:74:b6:3b:05:a9:d3:92:dc:0a:
ba:69:d0:d7:f9:3e:fb:27:96:87:19:9b:b8:2b:3c:
a0:df:c2:30:7f:8c:df:fb:79:ac:c5:1d:fb:2c:c9:
66:81:52:88:0c:64:52:f7:ac:a0:ab:e2:45:e7:77:
ef:52:9e:db:4d:d1:7e:01:5a:44:1f:c4:8d:61:a8:
42:7e:d9:a7:12:a4:82:ea:15:2f:2e:b0:3f:1f:a6:
f0:e8:80:61:77:2d:50:0f:86:10:3d:a3:d0:8c:de:
05:56:a3:a1:a9:73:82:b9:00:f2:c2:75:f4:c8:aa:
21:60:42:65:54:94:dd:25:72:86:ad:37:44:92:b6:
43:65:ab:cd:49:02:0f:40:88:07:48:5e:64:03:e7:
bd:f1:63:62:bb:5b:32:bb:c0:91:54:69:66:02:ba:
34:9c:ed:bd:82:89:56:5a:de:b3:45:8e:9a:94:ec:
8f:8a:49:aa:05:d4:32:68:e4:fd:32:9b:70:c5:d2:
8d:c6:8d:77:7f:14:ea:db:a1:c3:ea:e1:f5:3d:4d:
3f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:E3:CC:F3:F8:5D:2F:2C:C8:DD:80:0E:5A:17:93:15:CF:36:DD:4C
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e32362e3234382e302f32312d3332203d3e203430303231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.26.248.0/21
Signature Algorithm: sha256WithRSAEncryption
7e:05:0d:81:03:e3:92:86:4f:93:af:30:0b:dd:24:d6:54:a5:
06:a6:0a:ab:75:26:3f:aa:c6:9f:6f:2e:01:5b:9d:97:f4:61:
78:41:6d:72:0a:0d:03:79:f2:50:8e:e1:6c:26:c6:eb:7d:a7:
85:de:ee:1d:01:27:b9:06:62:ff:47:e1:fb:18:d0:ef:fe:f2:
8e:f8:46:bf:dc:e8:b4:31:70:d0:d5:11:a8:29:e3:73:8b:ff:
26:cc:22:0b:7b:61:0d:18:3c:58:b1:73:91:e9:5b:f8:ce:0c:
74:0a:85:76:02:22:cf:68:fb:5e:83:35:c0:4e:aa:9a:c7:31:
17:10:11:bf:2f:04:91:67:7e:91:9d:bf:88:24:f3:9a:d4:ea:
3c:6f:52:1c:da:09:b3:c0:5f:0e:79:fd:e9:ea:6f:e8:bc:14:
1d:fe:ac:02:53:1d:85:72:32:ac:78:2b:04:c4:d1:a0:26:57:
53:64:9c:0f:c0:66:e4:08:2c:aa:09:20:cf:cc:28:c4:3d:90:
16:62:48:2c:9a:6d:69:6c:a2:83:83:ee:79:62:86:ea:0f:3b:
a7:74:2b:b4:ca:3d:3b:61:40:7a:75:4b:16:5f:a4:c5:8c:df:
24:c0:54:bb:ad:b5:1e:c5:55:a1:bc:cc:5f:3e:bd:5a:3e:99:
de:42:44:0d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUd3Tr8yIdkurs1uE+dEXKFkKZCIQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA0MDIwODQwNTZaFw0yNjA0MDEwODQ1NTZaMDMxMTAvBgNV
BAMTKDBCRTNDQ0YzRjg1RDJGMkNDOEREODAwRTVBMTc5MzE1Q0YzNkRENEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwVVcpSbUgoaIE65mSRwe/f9Zp
lDTuA9WlHXA21viZ8TMsVo9Ao7DtjyrfX9N6dBRjSnS2OwWp05LcCrpp0Nf5Pvsn
locZm7grPKDfwjB/jN/7eazFHfssyWaBUogMZFL3rKCr4kXnd+9SnttN0X4BWkQf
xI1hqEJ+2acSpILqFS8usD8fpvDogGF3LVAPhhA9o9CM3gVWo6Gpc4K5APLCdfTI
qiFgQmVUlN0lcoatN0SStkNlq81JAg9AiAdIXmQD573xY2K7WzK7wJFUaWYCujSc
7b2CiVZa3rNFjpqU7I+KSaoF1DJo5P0ym3DF0o3GjXd/FOrbocPq4fU9TT8pAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUC+PM8/hdLyzI3YAOWheTFc823UwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM1MmUzMjM2MmUzMjM0
MzgyZTMwMmYzMjMxMmQzMzMyMjAzZDNlMjAzNDMwMzAzMjMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
wxr4MA0GCSqGSIb3DQEBCwUAA4IBAQB+BQ2BA+OShk+TrzAL3STWVKUGpgqrdSY/
qsafby4BW52X9GF4QW1yCg0DefJQjuFsJsbrfaeF3u4dASe5BmL/R+H7GNDv/vKO
+Ea/3Oi0MXDQ1RGoKeNzi/8mzCILe2ENGDxYsXOR6Vv4zgx0CoV2AiLPaPtegzXA
TqqaxzEXEBG/LwSRZ36Rnb+IJPOa1Oo8b1Ic2gmzwF8Oef3p6m/ovBQd/qwCUx2F
cjKseCsExNGgJldTZJwPwGbkCCyqCSDPzCjEPZAWYkgsmm1pbKKDg+55YobqDzun
dCu0yj07YUB6dUsWX6TFjN8kwFS7rbUexVWhvMxfPr1aPpneQkQN
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:58:15 2025 by rpki-client