Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3134302e31312e302f32342d3332203d3e20313336373837.roa
File: 39342e3134302e31312e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: dWmwuUkK/ScnKEMGwcW2XDzG1KIBM2TvBFl39UUY7wE=
Subject key identifier: 69:A8:6E:7F:36:AF:AC:63:F5:15:BD:46:B4:13:2B:6B:6C:41:05:F7
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 45DCEE4B3BC855C4FC23CF75CD47E66B1A17A412
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3134302e31312e302f32342d3332203d3e20313336373837.roa
Signing time: Mon 27 Jan 2025 09:45:15 +0000
ROA not before: Mon 27 Jan 2025 09:40:15 +0000
ROA not after: Mon 26 Jan 2026 09:45:15 +0000
asID: 136787
IP address blocks: 94.140.11.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 15:04:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:dc:ee:4b:3b:c8:55:c4:fc:23:cf:75:cd:47:e6:6b:1a:17:a4:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:15 2025 GMT
Not After : Jan 26 09:45:15 2026 GMT
Subject: CN=69A86E7F36AFAC63F515BD46B4132B6B6C4105F7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:68:08:00:72:f6:f1:bc:3a:ff:34:d3:af:f5:
02:d9:3b:cd:8c:2e:86:d6:73:b2:1c:94:0b:e0:fe:
c7:1e:35:f4:85:e5:57:cb:a9:6a:3a:a9:31:7c:e6:
7b:d8:19:5c:99:56:c0:4c:d0:3e:58:f7:76:26:a2:
1b:90:65:54:6f:f0:ce:2e:eb:ec:bc:4f:d9:6e:12:
a1:a8:72:63:02:6c:d5:15:c1:3a:78:01:25:2f:55:
f3:b0:c9:e9:89:2e:1b:2f:0e:d7:48:e8:cc:cf:e1:
ad:d9:17:b2:59:35:97:cb:10:82:18:aa:eb:e8:45:
63:34:2b:eb:fa:fc:31:95:ac:2a:d0:22:54:20:38:
a4:58:17:2d:e5:19:89:6c:eb:7a:1e:ef:0c:ca:a5:
a4:25:57:3a:4f:4a:aa:ab:00:05:03:04:80:08:1b:
0d:78:0d:47:5a:2f:80:90:c4:4c:77:ac:8b:be:c9:
43:5a:a8:ef:2b:d1:fc:41:c4:f8:be:97:6b:1b:fe:
30:09:e3:e0:c1:11:ee:37:c4:df:8a:06:e8:ac:21:
1e:94:fd:15:f0:6e:40:ba:96:99:69:af:0a:e2:3b:
06:79:f7:0b:6e:f5:2e:37:e5:e8:53:79:e3:56:e0:
a4:52:7b:f1:3f:b8:94:00:b5:df:fc:32:a2:0a:64:
08:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:A8:6E:7F:36:AF:AC:63:F5:15:BD:46:B4:13:2B:6B:6C:41:05:F7
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3134302e31312e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.140.11.0/24
Signature Algorithm: sha256WithRSAEncryption
89:11:a5:3b:e5:8e:94:40:9b:74:5b:18:e3:ea:d5:97:a9:6e:
31:6a:1d:24:88:aa:7f:f0:f0:cc:0b:ea:f9:a1:47:76:cb:bc:
bd:2d:44:ee:92:3f:9b:73:5d:e4:b1:5e:82:ae:b7:26:b7:7a:
4f:41:c3:47:3d:70:05:59:90:31:82:14:a6:67:13:e4:7b:2d:
3c:ab:bb:be:73:34:f5:a0:e3:86:49:01:b6:7c:04:ae:48:35:
2b:e2:26:9e:c9:8a:c2:65:71:bd:b6:42:15:88:cb:06:1c:ba:
e7:f0:3f:62:b9:43:fa:2c:eb:00:93:cc:28:e8:44:cd:8f:22:
88:fe:d4:ab:e9:60:44:69:cb:a4:50:d9:c6:d7:a8:b2:34:fb:
bd:bd:e1:64:3c:da:63:46:d7:1e:33:a4:1d:e5:3a:4c:fd:bb:
9a:b3:42:d1:3a:34:8c:17:ad:cf:2e:85:fb:25:25:55:e9:dc:
19:a6:91:57:46:32:d1:db:cc:58:12:ec:c5:fe:a6:72:ae:0f:
27:45:75:33:05:79:cf:7e:d9:1a:19:e3:2e:5b:ed:a4:9a:a3:
82:18:82:84:12:9f:94:fc:77:40:b7:46:6c:6a:9d:fe:ce:5f:
7b:f6:8b:f8:54:d8:aa:b3:7b:fb:0d:bb:a5:f3:e9:52:2a:22:
e4:f7:90:fc
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIURdzuSzvIVcT8I891zUfmaxoXpBIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMTVaFw0yNjAxMjYwOTQ1MTVaMDMxMTAvBgNV
BAMTKDY5QTg2RTdGMzZBRkFDNjNGNTE1QkQ0NkI0MTMyQjZCNkM0MTA1RjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+aAgAcvbxvDr/NNOv9QLZO82M
LobWc7IclAvg/sceNfSF5VfLqWo6qTF85nvYGVyZVsBM0D5Y93YmohuQZVRv8M4u
6+y8T9luEqGocmMCbNUVwTp4ASUvVfOwyemJLhsvDtdI6MzP4a3ZF7JZNZfLEIIY
quvoRWM0K+v6/DGVrCrQIlQgOKRYFy3lGYls63oe7wzKpaQlVzpPSqqrAAUDBIAI
Gw14DUdaL4CQxEx3rIu+yUNaqO8r0fxBxPi+l2sb/jAJ4+DBEe43xN+KBuisIR6U
/RXwbkC6lplprwriOwZ59wtu9S435ehTeeNW4KRSe/E/uJQAtd/8MqIKZAilAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUaahufzavrGP1Fb1GtBMra2xBBfcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzkzNDJlMzEzNDMwMmUzMTMx
MmUzMDJmMzIzNDJkMzMzMjIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
XowLMA0GCSqGSIb3DQEBCwUAA4IBAQCJEaU75Y6UQJt0Wxjj6tWXqW4xah0kiKp/
8PDMC+r5oUd2y7y9LUTukj+bc13ksV6Crrcmt3pPQcNHPXAFWZAxghSmZxPkey08
q7u+czT1oOOGSQG2fASuSDUr4iaeyYrCZXG9tkIViMsGHLrn8D9iuUP6LOsAk8wo
6ETNjyKI/tSr6WBEacukUNnG16iyNPu9veFkPNpjRtceM6Qd5TpM/buas0LROjSM
F63PLoX7JSVV6dwZppFXRjLR28xYEuzF/qZyrg8nRXUzBXnPftkaGeMuW+2kmqOC
GIKEEp+U/HdAt0Zsap3+zl979ov4VNiqs3v7Dbul8+lSKiLk95D8
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:39:30 2025 by rpki-client