Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3138312e302f32342d3234203d3e20323134303235.roa
File: 39352e3231342e3138312e302f32342d3234203d3e20323134303235.roa (raw, json)
Hash identifier: 1UxYccK9JJCwmCQOcrxMzUmtYqXMEA+sXJKMK+TMi4g=
Subject key identifier: 74:26:7D:F6:EF:A6:8A:5C:A6:2C:8F:46:79:96:68:DC:A0:9F:28:FB
Certificate issuer: /CN=92f49de8684f1287f4f6cb185d5cf7de80c90b94
Certificate serial: 5F77798CCC35683435F0460DE959762BB962D99A
Authority key identifier: 92:F4:9D:E8:68:4F:12:87:F4:F6:CB:18:5D:5C:F7:DE:80:C9:0B:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3138312e302f32342d3234203d3e20323134303235.roa
Signing time: Tue 22 Apr 2025 06:57:23 +0000
ROA not before: Tue 22 Apr 2025 06:52:23 +0000
ROA not after: Tue 21 Apr 2026 06:57:23 +0000
asID: 214025
IP address blocks: 95.214.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.crl
rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.mft
rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 14:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:77:79:8c:cc:35:68:34:35:f0:46:0d:e9:59:76:2b:b9:62:d9:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92f49de8684f1287f4f6cb185d5cf7de80c90b94
Validity
Not Before: Apr 22 06:52:23 2025 GMT
Not After : Apr 21 06:57:23 2026 GMT
Subject: CN=74267DF6EFA68A5CA62C8F46799668DCA09F28FB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:a1:02:40:26:68:fa:57:ca:df:42:d2:42:2c:
2f:5f:b7:fe:d9:51:1a:12:7a:2a:40:20:b2:ea:15:
86:bb:ef:8a:a8:83:90:16:3c:c9:97:ca:4d:0d:99:
bb:2c:d5:f2:4c:1f:80:de:9f:50:ce:b3:ba:8f:19:
54:e3:cc:07:f6:db:45:f3:25:66:56:f8:6a:43:6b:
a6:42:2f:e1:56:63:94:34:d0:d6:75:33:48:5c:73:
c6:1d:af:26:e4:ca:c0:52:92:9d:5c:88:ee:78:fe:
11:86:e0:3f:20:b3:d8:9f:04:1f:88:7a:c1:d4:ac:
77:2f:4d:51:72:06:46:de:ce:2e:96:34:45:28:7c:
f4:c9:cf:e0:d0:84:b1:31:bf:96:ce:19:7d:1e:45:
49:a5:67:78:0f:6d:9f:38:83:3b:32:f2:58:d9:08:
fb:99:e2:67:c7:a6:7c:ff:46:1e:a8:e7:3f:b5:d4:
68:d3:d5:0d:60:6d:b6:d7:be:dd:d7:26:b5:23:6d:
90:f4:a5:e2:dc:a6:92:02:a6:90:28:ef:a3:f6:7a:
39:f2:1e:7a:ac:7a:93:f9:69:20:cd:98:65:25:6b:
aa:ed:58:b8:1a:7f:7c:b5:de:8a:9d:4e:bd:fa:30:
05:8c:a7:65:45:37:3f:e4:ef:fa:18:61:b2:cc:d7:
48:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:26:7D:F6:EF:A6:8A:5C:A6:2C:8F:46:79:96:68:DC:A0:9F:28:FB
X509v3 Authority Key Identifier:
keyid:92:F4:9D:E8:68:4F:12:87:F4:F6:CB:18:5D:5C:F7:DE:80:C9:0B:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/39352e3231342e3138312e302f32342d3234203d3e20323134303235.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.181.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:5f:a0:fc:5e:34:a5:59:1f:6a:c2:1c:76:3a:a9:73:5e:cc:
ee:b7:7d:32:75:39:0e:7e:bd:5e:e0:b2:9e:af:04:56:7e:05:
be:c0:11:fc:2f:9e:e5:16:96:37:15:4b:9c:a0:54:0e:dd:f9:
e0:21:7f:ce:56:77:ee:c3:59:c8:39:4b:84:46:c8:d7:7d:a0:
4c:72:c1:51:a5:a8:87:f0:69:c2:f8:2e:bf:62:46:f3:95:de:
ea:4d:2e:7a:87:f3:d1:41:b8:29:be:38:23:05:15:6a:8b:74:
ba:b4:5a:82:ee:45:6c:e0:05:1e:a2:a2:52:82:3a:fe:09:f1:
6e:36:36:b1:4c:00:a4:67:87:7b:dc:66:c4:92:83:be:f8:61:
07:7f:e7:9a:1e:0d:04:c1:48:ab:8b:54:e6:89:1e:26:0b:74:
13:09:56:e2:99:db:a0:8a:e0:68:65:3e:95:71:8d:4b:7d:f1:
a9:da:2c:95:63:74:34:1c:94:3e:64:08:69:c7:b1:e7:3e:e8:
6e:b5:16:ba:0a:0c:86:d4:4a:21:09:14:69:d6:c5:93:59:83:
c9:a5:4a:92:5a:fa:6e:c1:33:4f:19:89:e9:e5:73:f7:08:d3:
42:25:74:ea:69:56:73:f5:b2:ce:ca:d3:a4:a4:4c:8e:4d:ba:
f7:c4:b9:c5
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUX3d5jMw1aDQ18EYN6Vl2K7li2ZowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTJmNDlkZTg2ODRmMTI4N2Y0ZjZjYjE4NWQ1Y2Y3ZGU4
MGM5MGI5NDAeFw0yNTA0MjIwNjUyMjNaFw0yNjA0MjEwNjU3MjNaMDMxMTAvBgNV
BAMTKDc0MjY3REY2RUZBNjhBNUNBNjJDOEY0Njc5OTY2OERDQTA5RjI4RkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqoQJAJmj6V8rfQtJCLC9ft/7Z
URoSeipAILLqFYa774qog5AWPMmXyk0Nmbss1fJMH4Den1DOs7qPGVTjzAf220Xz
JWZW+GpDa6ZCL+FWY5Q00NZ1M0hcc8YdrybkysBSkp1ciO54/hGG4D8gs9ifBB+I
esHUrHcvTVFyBkbezi6WNEUofPTJz+DQhLExv5bOGX0eRUmlZ3gPbZ84gzsy8ljZ
CPuZ4mfHpnz/Rh6o5z+11GjT1Q1gbbbXvt3XJrUjbZD0peLcppICppAo76P2ejny
HnqsepP5aSDNmGUla6rtWLgaf3y13oqdTr36MAWMp2VFNz/k7/oYYbLM10jZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUdCZ99u+milymLI9GeZZo3KCfKPswHwYDVR0j
BBgwFoAUkvSd6GhPEof09ssYXVz33oDJC5QwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNjA5MjMzODktMmJkZS00M2UwLWIwZDUtZmMyNDRhNjMw
M2QwLzAvOTJGNDlERTg2ODRGMTI4N0Y0RjZDQjE4NUQ1Q0Y3REU4MEM5MEI5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2t2U2Q2R2hQRW9mMDlzc1lYVnozM29E
SkM1US5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNjA5MjMzODkt
MmJkZS00M2UwLWIwZDUtZmMyNDRhNjMwM2QwLzAvMzkzNTJlMzIzMTM0MmUzMTM4
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzQzMDMyMzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABf1rUwDQYJKoZIhvcNAQELBQADggEBAD5foPxeNKVZH2rCHHY6qXNezO63fTJ1
OQ5+vV7gsp6vBFZ+Bb7AEfwvnuUWljcVS5ygVA7d+eAhf85Wd+7DWcg5S4RGyNd9
oExywVGlqIfwacL4Lr9iRvOV3upNLnqH89FBuCm+OCMFFWqLdLq0WoLuRWzgBR6i
olKCOv4J8W42NrFMAKRnh3vcZsSSg774YQd/55oeDQTBSKuLVOaJHiYLdBMJVuKZ
26CK4GhlPpVxjUt98anaLJVjdDQclD5kCGnHsec+6G61FroKDIbUSiEJFGnWxZNZ
g8mlSpJa+m7BM08Zienlc/cI00IldOppVnP1ss7K06SkTI5NuvfEucU=
-----END CERTIFICATE-----
Generated at Mon May 12 23:17:38 2025 by rpki-client