Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139362e302f32342d3234203d3e20313939373337.roa
File: 3139342e33312e3139362e302f32342d3234203d3e20313939373337.roa (raw, json)
Hash identifier: kk3tkqt3pEQIayEC5akWsEQ7ftglPpO+Tt2YC9Lk7HM=
Subject key identifier: 56:77:AF:77:65:9F:16:83:A1:94:BB:CD:01:DB:23:84:9A:63:07:A9
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 15DFD9B8FC9C73F0F75C1E0DC34FE8ABDD912302
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139362e302f32342d3234203d3e20313939373337.roa
Signing time: Wed 30 Apr 2025 11:15:47 +0000
ROA not before: Wed 30 Apr 2025 11:10:47 +0000
ROA not after: Wed 29 Apr 2026 11:15:47 +0000
asID: 199737
IP address blocks: 194.31.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 09 May 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:df:d9:b8:fc:9c:73:f0:f7:5c:1e:0d:c3:4f:e8:ab:dd:91:23:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Apr 30 11:10:47 2025 GMT
Not After : Apr 29 11:15:47 2026 GMT
Subject: CN=5677AF77659F1683A194BBCD01DB23849A6307A9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:92:55:13:f4:83:00:eb:2e:a1:ca:27:4d:f4:
ec:65:34:6f:ae:59:25:77:48:6e:04:0d:9b:ba:5b:
2c:2b:5b:15:30:61:a6:e9:7c:5a:37:2e:38:1f:a0:
35:be:c1:65:cb:fb:52:92:36:a3:89:0a:84:d2:9f:
1f:a1:42:74:80:e3:34:9a:2b:b9:14:92:48:cf:a6:
43:ac:78:c6:d9:6c:1c:8e:bb:4f:33:e8:73:1b:aa:
1a:83:2b:fd:46:35:c2:66:00:b3:d7:b1:4d:8e:7e:
5c:18:70:7c:d6:bb:ed:40:49:b4:75:5a:f9:eb:04:
85:27:f1:4d:2f:65:f5:b6:75:ed:b1:89:48:c7:51:
3b:8b:12:52:91:68:66:0a:f5:56:23:bc:8b:d7:ae:
1f:e9:70:28:4f:3a:a8:35:c4:0e:d1:f9:ff:93:e0:
1f:c7:8d:1f:e6:f3:7e:17:00:37:ae:f6:0c:29:21:
27:02:f1:6b:4e:8e:6d:57:a7:30:81:7f:17:cb:a2:
8d:ca:56:9c:46:fa:6f:c8:49:63:fe:88:79:e9:a9:
38:10:27:9a:06:41:0b:ff:9e:06:99:f0:b7:5c:1a:
94:75:33:87:2f:1e:f6:cc:42:79:bf:68:04:0a:0e:
22:ac:87:67:7d:d0:11:2e:21:0b:89:06:0c:53:69:
7f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:77:AF:77:65:9F:16:83:A1:94:BB:CD:01:DB:23:84:9A:63:07:A9
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139362e302f32342d3234203d3e20313939373337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.196.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:2a:5f:a2:1f:0f:ca:1c:fc:7c:f4:2c:10:b0:8b:03:52:3f:
57:f4:1a:ff:2c:c8:27:e2:c3:5e:29:48:b9:e2:d0:3e:ed:64:
bc:de:87:8c:d6:a2:e8:0e:3a:3c:14:82:30:65:27:06:25:09:
b7:57:f8:ae:eb:79:7e:49:8f:43:6b:cd:7a:05:33:68:d0:da:
8e:b0:89:64:88:9f:8a:e8:8d:3b:1c:d8:5e:6e:8a:1e:7e:01:
1e:11:8f:cf:7c:75:4e:6a:73:2a:5d:0d:90:33:57:8f:49:ab:
ff:79:30:3e:8d:ad:e0:1e:d3:35:64:f1:3d:39:da:ab:e6:58:
0a:38:bc:99:95:e6:80:30:d4:79:af:f6:c8:fd:42:9d:21:85:
3f:7f:71:8c:36:18:26:a6:8a:7a:26:c3:24:75:9e:dc:a6:0a:
00:03:d8:15:ae:e2:1f:e0:1d:e0:98:82:99:b0:dd:3f:e6:c4:
72:6b:ca:94:34:46:c0:24:b6:94:00:f7:03:4c:b5:34:39:5f:
48:0d:61:b7:8b:f6:b5:f9:a4:ce:e9:05:6a:68:20:c6:4e:c0:
1e:fc:30:03:d2:2a:6e:22:83:26:cf:c4:9d:40:54:ff:e8:89:
4b:0b:7e:6b:f4:12:0f:47:a0:2f:f4:37:c6:a2:74:0d:77:cf:
5d:60:c2:4e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUFd/ZuPycc/D3XB4Nw0/oq92RIwIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNTA0MzAxMTEwNDdaFw0yNjA0MjkxMTE1NDdaMDMxMTAvBgNV
BAMTKDU2NzdBRjc3NjU5RjE2ODNBMTk0QkJDRDAxREIyMzg0OUE2MzA3QTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkklUT9IMA6y6hyidN9OxlNG+u
WSV3SG4EDZu6WywrWxUwYabpfFo3LjgfoDW+wWXL+1KSNqOJCoTSnx+hQnSA4zSa
K7kUkkjPpkOseMbZbByOu08z6HMbqhqDK/1GNcJmALPXsU2OflwYcHzWu+1ASbR1
WvnrBIUn8U0vZfW2de2xiUjHUTuLElKRaGYK9VYjvIvXrh/pcChPOqg1xA7R+f+T
4B/HjR/m834XADeu9gwpIScC8WtOjm1XpzCBfxfLoo3KVpxG+m/ISWP+iHnpqTgQ
J5oGQQv/ngaZ8LdcGpR1M4cvHvbMQnm/aAQKDiKsh2d90BEuIQuJBgxTaX8bAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUVnevd2WfFoOhlLvNAdsjhJpjB6kwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzEzOTM0MmUzMzMxMmUzMTM5
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM5MzkzNzMzMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCH8QwDQYJKoZIhvcNAQELBQADggEBAFsqX6IfD8oc/Hz0LBCwiwNSP1f0Gv8s
yCfiw14pSLni0D7tZLzeh4zWougOOjwUgjBlJwYlCbdX+K7reX5Jj0NrzXoFM2jQ
2o6wiWSIn4rojTsc2F5uih5+AR4Rj898dU5qcypdDZAzV49Jq/95MD6NreAe0zVk
8T052qvmWAo4vJmV5oAw1Hmv9sj9Qp0hhT9/cYw2GCaminomwyR1ntymCgAD2BWu
4h/gHeCYgpmw3T/mxHJrypQ0RsAktpQA9wNMtTQ5X0gNYbeL9rX5pM7pBWpoIMZO
wB78MAPSKm4igybPxJ1AVP/oiUsLfmv0Eg9HoC/0N8aidA13z11gwk4=
-----END CERTIFICATE-----
Generated at Thu May 8 12:40:03 2025 by rpki-client