Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e38382e38362e302f32342d3234203d3e20313336373837.roa
File: 3139352e38382e38362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: GrHxwfZ7DhzcwtTDfZHPLD/RIT+Vr+9anrn+pqRhKVs=
Subject key identifier: 6F:83:CF:8D:7D:15:DB:2A:6C:7D:69:F9:D5:5F:32:E5:9E:AB:F0:59
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7E8F2EE152E774655237DAF0E1B0641178661E0E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e38382e38362e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 27 Jan 2025 09:45:12 +0000
ROA not before: Mon 27 Jan 2025 09:40:12 +0000
ROA not after: Mon 26 Jan 2026 09:45:12 +0000
asID: 136787
IP address blocks: 195.88.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:8f:2e:e1:52:e7:74:65:52:37:da:f0:e1:b0:64:11:78:66:1e:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:12 2025 GMT
Not After : Jan 26 09:45:12 2026 GMT
Subject: CN=6F83CF8D7D15DB2A6C7D69F9D55F32E59EABF059
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:fd:b4:bb:fe:93:57:ca:d3:b8:24:e5:6c:3e:
29:d8:82:d1:16:93:e2:fe:1b:95:54:63:bf:e1:79:
af:09:d4:ce:62:29:c5:ce:4b:96:e4:f7:e4:f6:c8:
ce:bc:b7:62:a3:be:19:1e:10:14:e1:4e:ab:b3:2d:
03:25:2f:7e:a0:25:7a:92:9b:ab:0a:14:4a:ea:e1:
4d:74:b4:92:e8:62:88:45:a0:9e:78:bf:e5:34:19:
fe:3b:0b:c5:b3:37:36:d7:c2:a1:95:11:88:9d:0c:
b4:89:3c:62:75:a1:15:cb:90:ef:0b:6a:7a:99:92:
9b:30:27:95:17:13:44:fa:d7:49:a0:bf:3b:3d:6f:
0c:9d:be:eb:55:e5:51:ef:7c:da:7e:aa:68:ef:be:
71:3c:84:cf:8b:64:d6:c2:e6:a1:7e:2f:b5:68:69:
c4:1f:d5:c1:2c:ef:b5:75:cb:0e:68:70:40:c5:ab:
da:22:36:ec:f5:6f:5d:d6:94:ca:b9:32:a0:fc:04:
95:7b:73:cf:52:7b:1f:b3:f7:c2:46:02:5e:3f:12:
d2:78:71:23:2c:1e:fb:13:7c:63:bf:d1:70:e9:ee:
ab:88:b8:4a:41:15:f6:4f:4f:97:97:b1:ba:55:e4:
db:cf:d2:8a:d9:be:69:f1:1a:60:d5:75:2f:b3:fd:
13:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:83:CF:8D:7D:15:DB:2A:6C:7D:69:F9:D5:5F:32:E5:9E:AB:F0:59
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e38382e38362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.88.86.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:1e:bc:3a:67:3b:ce:8f:4a:1c:ee:75:ba:97:25:9d:97:42:
d3:40:e9:99:5d:97:8f:83:46:64:2b:16:cd:42:5d:06:9d:45:
5e:85:82:f6:c3:97:be:b3:d7:d0:75:76:1f:69:a0:47:e4:10:
4c:98:37:72:e9:68:a1:d3:04:ad:10:ff:d7:6c:90:b9:9f:9c:
fa:d8:93:b2:0d:cc:4b:b1:11:22:da:11:84:da:40:75:29:9f:
db:e5:96:98:ad:42:0b:70:69:36:bd:c1:64:43:92:8a:f1:b6:
d3:ff:4d:9a:ab:3b:ca:d9:83:f9:22:07:f6:f5:7d:17:46:98:
4f:75:a0:08:7d:0b:53:13:26:02:56:7b:2c:b3:03:d5:14:c6:
86:6e:a7:cf:04:08:1d:55:7c:2e:77:10:a2:d9:81:eb:90:13:
aa:28:4c:e9:16:30:51:b0:e0:aa:d1:f0:ff:6a:92:b0:1f:dd:
56:aa:22:b3:f8:27:a9:7a:03:b2:3d:62:53:5c:8d:81:ea:44:
ff:07:54:e2:58:5b:fe:0a:5d:b9:82:30:d5:60:c2:5a:07:e7:
86:7e:16:92:e3:56:da:91:4c:ce:ef:a0:b0:46:f4:78:82:99:
42:45:14:2f:e2:dd:a5:f4:5e:dd:8d:71:9e:81:ee:6a:c1:0d:
e9:3e:8c:35
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUfo8u4VLndGVSN9rw4bBkEXhmHg4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMTJaFw0yNjAxMjYwOTQ1MTJaMDMxMTAvBgNV
BAMTKDZGODNDRjhEN0QxNURCMkE2QzdENjlGOUQ1NUYzMkU1OUVBQkYwNTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQ/bS7/pNXytO4JOVsPinYgtEW
k+L+G5VUY7/hea8J1M5iKcXOS5bk9+T2yM68t2KjvhkeEBThTquzLQMlL36gJXqS
m6sKFErq4U10tJLoYohFoJ54v+U0Gf47C8WzNzbXwqGVEYidDLSJPGJ1oRXLkO8L
anqZkpswJ5UXE0T610mgvzs9bwydvutV5VHvfNp+qmjvvnE8hM+LZNbC5qF+L7Vo
acQf1cEs77V1yw5ocEDFq9oiNuz1b13WlMq5MqD8BJV7c89Sex+z98JGAl4/EtJ4
cSMsHvsTfGO/0XDp7quIuEpBFfZPT5eXsbpV5NvP0orZvmnxGmDVdS+z/RO7AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUb4PPjX0V2ypsfWn51V8y5Z6r8FkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM1MmUzODM4MmUzODM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
w1hWMA0GCSqGSIb3DQEBCwUAA4IBAQBcHrw6ZzvOj0oc7nW6lyWdl0LTQOmZXZeP
g0ZkKxbNQl0GnUVehYL2w5e+s9fQdXYfaaBH5BBMmDdy6Wih0wStEP/XbJC5n5z6
2JOyDcxLsREi2hGE2kB1KZ/b5ZaYrUILcGk2vcFkQ5KK8bbT/02aqzvK2YP5Igf2
9X0XRphPdaAIfQtTEyYCVnssswPVFMaGbqfPBAgdVXwudxCi2YHrkBOqKEzpFjBR
sOCq0fD/apKwH91WqiKz+CepegOyPWJTXI2B6kT/B1TiWFv+Cl25gjDVYMJaB+eG
fhaS41bakUzO76CwRvR4gplCRRQv4t2l9F7djXGege5qwQ3pPow1
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:37:57 2025 by rpki-client