Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e31392e302f32342d3234203d3e203135343139.roa
File: 38392e3131362e31392e302f32342d3234203d3e203135343139.roa (raw, json)
Hash identifier: 4JL3Gtu7UsX3IaHs3LaQwmdxUfCfFV6YWJerzJoc+wE=
Subject key identifier: C1:CC:21:3E:B1:3B:33:80:C8:CA:60:46:C4:A8:D6:6D:2B:12:58:CE
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 79DD1C99CD81AF9D488C682301F63E0693033A7A
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e31392e302f32342d3234203d3e203135343139.roa
Signing time: Fri 09 May 2025 09:37:55 +0000
ROA not before: Fri 09 May 2025 09:32:55 +0000
ROA not after: Fri 08 May 2026 09:37:55 +0000
asID: 15419
IP address blocks: 89.116.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 20:38:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:dd:1c:99:cd:81:af:9d:48:8c:68:23:01:f6:3e:06:93:03:3a:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: May 9 09:32:55 2025 GMT
Not After : May 8 09:37:55 2026 GMT
Subject: CN=C1CC213EB13B3380C8CA6046C4A8D66D2B1258CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a1:7d:86:1d:d5:51:6c:08:cf:47:49:1e:4e:
b6:21:19:bc:20:af:0f:d1:98:1d:07:b2:1c:fd:f7:
3f:bf:36:45:4f:b0:23:fd:70:5e:7d:eb:13:10:41:
d8:17:b4:a6:4a:9c:2c:38:62:d3:3f:f6:ea:4c:4f:
cc:e4:73:b4:1d:1d:71:be:d4:6c:21:b2:d9:ee:75:
6f:24:fb:da:27:32:d2:59:7d:19:b1:4d:ea:f1:5f:
fd:e9:fc:fa:1c:e1:12:22:4d:22:fe:8a:03:8f:ff:
49:08:75:47:10:fe:69:c2:20:25:21:02:fe:dc:4f:
53:b8:bf:23:e1:10:89:41:2f:c8:0f:9f:86:14:4b:
38:58:11:87:08:20:73:58:fa:b7:00:c5:e2:4e:ff:
82:fe:94:c1:3c:52:f6:b6:d1:39:56:1e:1c:b3:45:
4b:1a:6e:fd:c0:08:72:fb:b2:b0:f4:6a:d3:a7:3d:
0b:f5:71:5d:9f:bf:89:8e:07:1d:f3:4e:33:43:0c:
b3:49:31:eb:92:8c:ba:71:04:e6:c9:82:ab:b5:86:
56:88:a8:01:e6:b8:5a:c9:2e:f6:17:e7:ee:c2:27:
69:23:c7:cf:9d:ad:ad:4a:32:2f:75:01:b3:19:57:
97:08:5f:98:0c:10:79:ab:c3:b7:f7:b9:83:08:ab:
b3:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:CC:21:3E:B1:3B:33:80:C8:CA:60:46:C4:A8:D6:6D:2B:12:58:CE
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e31392e302f32342d3234203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.116.19.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:e1:71:48:18:8b:ef:0b:29:c2:77:90:a8:26:49:86:bc:c9:
e5:88:60:cb:7e:9e:fa:93:1e:28:68:fe:00:ee:4d:bb:e8:40:
93:d6:fd:7f:2a:43:e8:9b:82:3d:fc:c5:a0:a2:c3:1e:95:10:
f0:c0:da:10:31:d0:26:43:16:41:6b:62:8d:d3:e8:e5:e7:33:
a9:df:bd:e1:03:97:fc:1a:ac:da:4b:1f:db:fb:7c:6e:cf:01:
42:33:0f:26:92:63:f2:a4:f3:a8:00:df:d0:22:fd:3f:bb:75:
23:06:09:ba:21:8f:cd:2b:b7:19:69:80:bf:e4:12:69:76:da:
5b:56:f3:2f:f0:27:22:af:93:64:4e:98:b6:59:b1:7c:62:ad:
22:e4:71:f8:09:3f:bf:d7:7f:da:21:72:3a:c5:5e:8e:db:68:
8d:ae:2c:2c:8a:d1:c9:d1:7e:0a:ad:74:fd:7d:37:8c:15:a2:
82:87:91:43:66:91:ec:03:14:e9:b5:b0:eb:8f:96:1e:55:c7:
53:4b:fc:91:88:f1:38:79:35:14:18:f6:53:4b:2a:61:a9:1d:
64:e2:f9:23:12:e8:27:bd:59:42:65:c9:d5:d0:03:79:4d:ed:
7e:7c:fc:68:97:a2:2c:da:c6:e5:7b:ff:dc:4c:90:05:c9:23:
7e:32:e0:a4
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUed0cmc2Br51IjGgjAfY+BpMDOnowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNTA1MDkwOTMyNTVaFw0yNjA1MDgwOTM3NTVaMDMxMTAvBgNV
BAMTKEMxQ0MyMTNFQjEzQjMzODBDOENBNjA0NkM0QThENjZEMkIxMjU4Q0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFoX2GHdVRbAjPR0keTrYhGbwg
rw/RmB0Hshz99z+/NkVPsCP9cF596xMQQdgXtKZKnCw4YtM/9upMT8zkc7QdHXG+
1GwhstnudW8k+9onMtJZfRmxTerxX/3p/Poc4RIiTSL+igOP/0kIdUcQ/mnCICUh
Av7cT1O4vyPhEIlBL8gPn4YUSzhYEYcIIHNY+rcAxeJO/4L+lME8Uva20TlWHhyz
RUsabv3ACHL7srD0atOnPQv1cV2fv4mOBx3zTjNDDLNJMeuSjLpxBObJgqu1hlaI
qAHmuFrJLvYX5+7CJ2kjx8+dra1KMi91AbMZV5cIX5gMEHmrw7f3uYMIq7MLAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUwcwhPrE7M4DIymBGxKjWbSsSWM4wHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzgzOTJlMzEzMTM2MmUzMTM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNTM0MzEzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFl0
EzANBgkqhkiG9w0BAQsFAAOCAQEAPeFxSBiL7wspwneQqCZJhrzJ5Yhgy36e+pMe
KGj+AO5Nu+hAk9b9fypD6JuCPfzFoKLDHpUQ8MDaEDHQJkMWQWtijdPo5eczqd+9
4QOX/Bqs2ksf2/t8bs8BQjMPJpJj8qTzqADf0CL9P7t1IwYJuiGPzSu3GWmAv+QS
aXbaW1bzL/AnIq+TZE6YtlmxfGKtIuRx+Ak/v9d/2iFyOsVejttoja4sLIrRydF+
Cq10/X03jBWigoeRQ2aR7AMU6bWw64+WHlXHU0v8kYjxOHk1FBj2U0sqYakdZOL5
IxLoJ71ZQmXJ1dADeU3tfnz8aJeiLNrG5Xv/3EyQBckjfjLgpA==
-----END CERTIFICATE-----
Generated at Mon May 12 11:27:22 2025 by rpki-client