Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39322e3131382e35302e302f32342d3234203d3e20313336373837.roa
File: 39322e3131382e35302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: rzU2FDi0wL3drkdMeEt5craXNG7LLSbNTspkHkDfvUE=
Subject key identifier: 14:C3:0E:93:EF:C5:91:59:3B:D9:A8:9C:5D:22:0C:06:2E:70:12:8D
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2B33E738D3448B0B34FFF00971A934B50E854833
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39322e3131382e35302e302f32342d3234203d3e20313336373837.roa
Signing time: Sat 01 Feb 2025 22:45:37 +0000
ROA not before: Sat 01 Feb 2025 22:40:37 +0000
ROA not after: Sat 31 Jan 2026 22:45:37 +0000
asID: 136787
IP address blocks: 92.118.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:33:e7:38:d3:44:8b:0b:34:ff:f0:09:71:a9:34:b5:0e:85:48:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 1 22:40:37 2025 GMT
Not After : Jan 31 22:45:37 2026 GMT
Subject: CN=14C30E93EFC591593BD9A89C5D220C062E70128D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c5:45:34:cd:6c:e5:d8:2e:f3:15:c2:ff:e6:
e0:41:a4:66:b0:7e:a2:7e:ad:41:04:a6:00:2d:da:
01:4b:c8:20:5a:2b:75:31:78:75:71:67:74:07:eb:
67:8e:fb:72:aa:e2:b9:24:46:63:9e:71:4c:4c:a4:
b9:89:c5:c8:1a:82:ff:13:33:5e:0b:47:71:a5:fd:
d0:dd:77:3a:eb:41:64:1e:87:52:64:fa:7d:ec:54:
27:37:7d:f4:d5:43:23:cd:6a:07:1a:e0:65:a3:15:
47:c3:3c:3f:9c:18:05:54:04:15:c2:13:7c:3a:4f:
0c:6f:9f:01:ed:4d:e5:61:da:92:6a:a3:3b:db:23:
2a:bc:76:ce:f3:bf:14:dd:0c:c5:f8:c0:46:e9:4c:
d4:d2:77:e9:d9:f4:95:8b:4b:9b:fd:6d:b5:6f:cf:
2a:7d:1f:80:28:29:97:90:21:3f:64:ea:6e:64:51:
00:61:98:63:82:b0:41:e5:bd:65:06:cf:aa:fc:5e:
fe:d8:dc:af:9b:9b:84:f7:8e:a1:1e:99:c6:d6:24:
13:8d:13:46:92:42:a2:5a:4b:3f:6b:e1:2d:70:01:
47:22:f5:31:72:58:f9:9b:b9:0b:04:1b:b8:03:87:
69:6f:8a:67:b3:ea:41:5d:93:22:ad:eb:a4:c4:86:
25:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:C3:0E:93:EF:C5:91:59:3B:D9:A8:9C:5D:22:0C:06:2E:70:12:8D
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39322e3131382e35302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.50.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:67:23:6f:1e:e1:05:3b:53:c1:20:30:bf:68:dd:f3:fd:45:
5f:8c:cd:36:a7:22:4f:ea:fa:06:e2:95:9e:64:2b:d3:2c:51:
30:f2:54:25:00:f9:d8:d2:b1:fb:1f:6d:f4:57:a5:ef:28:fa:
39:8b:6f:4e:13:8c:b7:33:12:d4:fa:92:3d:88:17:d8:a4:a1:
cb:8b:3b:26:d5:cd:d0:04:c1:f9:f5:b0:17:63:a1:26:93:3a:
19:46:1b:33:2e:9a:7e:87:f0:b3:70:99:d8:96:b9:17:f8:8c:
91:2f:77:e6:e7:4c:56:ce:35:48:1b:04:49:8b:8c:5e:8f:a3:
4d:16:6a:6d:71:f6:34:55:74:94:1d:4b:fe:84:16:7e:bb:9e:
da:2e:69:13:e3:e8:e0:7f:36:f3:b3:a5:d6:a9:79:dd:5f:84:
76:21:81:45:ff:6f:c8:9f:69:6a:b7:fc:67:e6:7b:a7:39:0a:
7d:38:45:76:89:3c:8d:24:25:bf:b5:84:e1:07:a8:d1:69:49:
37:c8:14:bb:41:d4:75:79:91:c9:ec:c3:19:86:e7:fc:21:7e:
38:83:aa:05:30:fb:45:f0:5c:08:3b:77:f1:b6:56:d6:99:c9:
13:22:92:e6:c8:d4:96:a6:04:b7:e2:c7:bc:ef:fd:bd:43:52:
04:9b:50:5f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUKzPnONNEiws0//AJcak0tQ6FSDMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAyMDEyMjQwMzdaFw0yNjAxMzEyMjQ1MzdaMDMxMTAvBgNV
BAMTKDE0QzMwRTkzRUZDNTkxNTkzQkQ5QTg5QzVEMjIwQzA2MkU3MDEyOEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvxUU0zWzl2C7zFcL/5uBBpGaw
fqJ+rUEEpgAt2gFLyCBaK3UxeHVxZ3QH62eO+3Kq4rkkRmOecUxMpLmJxcgagv8T
M14LR3Gl/dDddzrrQWQeh1Jk+n3sVCc3ffTVQyPNagca4GWjFUfDPD+cGAVUBBXC
E3w6TwxvnwHtTeVh2pJqozvbIyq8ds7zvxTdDMX4wEbpTNTSd+nZ9JWLS5v9bbVv
zyp9H4AoKZeQIT9k6m5kUQBhmGOCsEHlvWUGz6r8Xv7Y3K+bm4T3jqEemcbWJBON
E0aSQqJaSz9r4S1wAUci9TFyWPmbuQsEG7gDh2lvimez6kFdkyKt66TEhiXBAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUFMMOk+/FkVk72aicXSIMBi5wEo0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzkzMjJlMzEzMTM4MmUzNTMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
XHYyMA0GCSqGSIb3DQEBCwUAA4IBAQB+ZyNvHuEFO1PBIDC/aN3z/UVfjM02pyJP
6voG4pWeZCvTLFEw8lQlAPnY0rH7H230V6XvKPo5i29OE4y3MxLU+pI9iBfYpKHL
izsm1c3QBMH59bAXY6EmkzoZRhszLpp+h/CzcJnYlrkX+IyRL3fm50xWzjVIGwRJ
i4xej6NNFmptcfY0VXSUHUv+hBZ+u57aLmkT4+jgfzbzs6XWqXndX4R2IYFF/2/I
n2lqt/xn5nunOQp9OEV2iTyNJCW/tYThB6jRaUk3yBS7QdR1eZHJ7MMZhuf8IX44
g6oFMPtF8FwIO3fxtlbWmckTIpLmyNSWpgS34se87/29Q1IEm1Bf
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:14:25 2025 by rpki-client