Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e34322e302f32332d3233203d3e203135343139.roa
File: 38392e3131362e34322e302f32332d3233203d3e203135343139.roa (raw, json)
Hash identifier: dqiC7sfkexEdY4bNAfWo7TkIe5GTWHX5uIAGfupS9Ro=
Subject key identifier: CA:01:B2:C4:19:1C:10:72:F6:32:4E:EB:91:02:80:C0:6A:EB:5D:1B
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 7FE2F3C60C593FD8803348F94B71610F084012AB
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e34322e302f32332d3233203d3e203135343139.roa
Signing time: Fri 09 May 2025 09:37:57 +0000
ROA not before: Fri 09 May 2025 09:32:57 +0000
ROA not after: Fri 08 May 2026 09:37:57 +0000
asID: 15419
IP address blocks: 89.116.42.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 20:38:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:e2:f3:c6:0c:59:3f:d8:80:33:48:f9:4b:71:61:0f:08:40:12:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: May 9 09:32:57 2025 GMT
Not After : May 8 09:37:57 2026 GMT
Subject: CN=CA01B2C4191C1072F6324EEB910280C06AEB5D1B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:01:c2:ac:8a:96:47:72:33:c2:89:e2:29:7c:
9a:f6:8a:81:5f:c3:2d:ab:43:84:63:b5:54:1d:ba:
26:bd:35:57:1a:fd:61:34:53:ec:89:33:6e:33:79:
d6:db:b1:43:fa:38:b2:ee:0f:33:b2:4d:4c:de:72:
24:4f:35:e3:66:f9:c3:40:f7:ab:f1:7a:30:5f:ec:
69:74:b5:08:29:0a:ae:73:0e:af:cb:d4:ac:d2:1e:
ee:9e:61:e6:84:db:e9:cb:d8:57:52:39:06:96:d6:
1d:84:b3:42:d9:40:19:ce:06:a5:aa:d7:26:8e:eb:
1f:59:51:e9:84:98:8c:dd:dc:ed:5a:d6:82:a8:2f:
67:3d:56:ae:0f:98:e4:9b:a4:dc:2c:4e:3c:95:3a:
3e:51:2d:0d:7a:91:75:dc:db:8f:4b:dc:ef:8c:54:
2b:48:ca:e2:40:51:dc:cb:e4:fa:79:6e:7c:8c:53:
22:7b:cb:61:39:a6:4d:92:b9:26:ab:de:3f:a0:a7:
69:83:b7:5e:06:e8:8e:b3:ef:b6:af:ac:7a:35:22:
3c:ca:d6:a1:1e:19:c6:55:53:e3:d2:25:12:22:8a:
21:22:ff:aa:b8:61:c0:ee:5b:f3:07:42:57:09:47:
02:0b:54:dc:34:5e:41:7f:7f:5e:86:73:5c:d6:ad:
8c:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:01:B2:C4:19:1C:10:72:F6:32:4E:EB:91:02:80:C0:6A:EB:5D:1B
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e34322e302f32332d3233203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.116.42.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:b2:9b:97:ed:ae:ad:26:8f:6f:5b:36:c7:3a:6a:81:52:f5:
a3:d3:16:82:43:f7:21:58:48:e7:b3:3c:b8:bd:4d:54:4b:db:
e9:28:b1:f5:33:dd:f5:6d:86:14:a3:91:28:68:3c:7c:e3:47:
41:df:eb:e6:a4:ed:6e:9c:22:4a:c0:fa:3a:41:b1:2f:b3:4e:
0b:24:ea:67:e7:c3:85:06:7f:2b:f1:4e:cf:67:33:93:1d:d5:
f5:bd:f2:80:ac:78:02:85:8b:92:1b:b5:47:dd:ab:85:66:73:
9a:1a:0f:a1:6c:80:5b:71:28:f2:78:92:64:bd:10:8f:f6:c0:
6e:36:97:00:c9:59:1e:8e:d3:5b:f4:05:9a:3c:10:fa:b0:5f:
5c:26:31:fc:e9:ba:18:77:81:82:76:55:98:d8:15:ea:7d:49:
8c:5f:ca:5e:1e:a6:59:bc:9a:ce:4e:9e:12:1c:e3:8e:71:5f:
db:c2:f8:8d:52:89:08:cd:39:72:5e:30:7b:c6:0c:c5:ce:5e:
34:33:bf:90:1f:54:6d:04:0a:dd:ef:68:26:ab:de:fd:0b:bc:
55:40:93:bf:c8:6b:fd:de:16:5b:ef:70:f8:59:5e:42:3e:e2:
99:d1:e4:69:f0:85:b2:48:82:b9:66:69:eb:18:ea:65:c7:54:
35:2b:e4:99
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUf+LzxgxZP9iAM0j5S3FhDwhAEqswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNTA1MDkwOTMyNTdaFw0yNjA1MDgwOTM3NTdaMDMxMTAvBgNV
BAMTKENBMDFCMkM0MTkxQzEwNzJGNjMyNEVFQjkxMDI4MEMwNkFFQjVEMUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1AcKsipZHcjPCieIpfJr2ioFf
wy2rQ4RjtVQduia9NVca/WE0U+yJM24zedbbsUP6OLLuDzOyTUzeciRPNeNm+cNA
96vxejBf7Gl0tQgpCq5zDq/L1KzSHu6eYeaE2+nL2FdSOQaW1h2Es0LZQBnOBqWq
1yaO6x9ZUemEmIzd3O1a1oKoL2c9Vq4PmOSbpNwsTjyVOj5RLQ16kXXc249L3O+M
VCtIyuJAUdzL5Pp5bnyMUyJ7y2E5pk2SuSar3j+gp2mDt14G6I6z77avrHo1IjzK
1qEeGcZVU+PSJRIiiiEi/6q4YcDuW/MHQlcJRwILVNw0XkF/f16Gc1zWrYz/AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUygGyxBkcEHL2Mk7rkQKAwGrrXRswHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzgzOTJlMzEzMTM2MmUzNDMy
MmUzMDJmMzIzMzJkMzIzMzIwM2QzZTIwMzEzNTM0MzEzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVl0
KjANBgkqhkiG9w0BAQsFAAOCAQEAmrKbl+2urSaPb1s2xzpqgVL1o9MWgkP3IVhI
57M8uL1NVEvb6Six9TPd9W2GFKORKGg8fONHQd/r5qTtbpwiSsD6OkGxL7NOCyTq
Z+fDhQZ/K/FOz2czkx3V9b3ygKx4AoWLkhu1R92rhWZzmhoPoWyAW3Eo8niSZL0Q
j/bAbjaXAMlZHo7TW/QFmjwQ+rBfXCYx/Om6GHeBgnZVmNgV6n1JjF/KXh6mWbya
zk6eEhzjjnFf28L4jVKJCM05cl4we8YMxc5eNDO/kB9UbQQK3e9oJqve/Qu8VUCT
v8hr/d4WW+9w+FleQj7imdHkafCFskiCuWZp6xjqZcdUNSvkmQ==
-----END CERTIFICATE-----
Generated at Mon May 12 11:18:21 2025 by rpki-client