Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139382e302f32342d3234203d3e203134363138.roa
File: 3139332e3130392e3139382e302f32342d3234203d3e203134363138.roa (raw, json)
Hash identifier: TzKztGvM6TYRPq0S594ntNfiXaiqI/cwk5JHSSEOQZ0=
Subject key identifier: BC:11:36:3E:A9:4F:C4:FE:C1:DF:97:6E:98:94:4A:C8:22:7C:80:5F
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 4E305921BFE640776DE8C53FBBD16832F33C1E2A
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139382e302f32342d3234203d3e203134363138.roa
Signing time: Thu 08 May 2025 14:55:56 +0000
ROA not before: Thu 08 May 2025 14:50:56 +0000
ROA not after: Thu 07 May 2026 14:55:56 +0000
asID: 14618
IP address blocks: 193.109.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 15:53:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:30:59:21:bf:e6:40:77:6d:e8:c5:3f:bb:d1:68:32:f3:3c:1e:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: May 8 14:50:56 2025 GMT
Not After : May 7 14:55:56 2026 GMT
Subject: CN=BC11363EA94FC4FEC1DF976E98944AC8227C805F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:72:d4:f5:38:7e:37:77:5f:7d:bf:ea:5e:96:
7c:2b:bf:b7:cf:c0:ee:09:b0:60:86:5d:51:6a:7a:
e6:da:ed:60:96:ab:5b:2a:ef:5d:9d:14:11:bc:7e:
9b:ff:9f:99:7a:9f:0f:1e:36:7a:ba:c5:9d:e9:4d:
aa:6c:e4:a2:fa:9c:bf:e6:2b:41:10:8b:2a:b3:95:
6d:90:6d:78:da:4a:c3:26:63:0b:d5:e9:d9:39:23:
db:b4:5a:7b:79:7d:06:6f:ad:88:16:c1:05:7d:1d:
a9:d7:0a:e0:9a:df:10:7c:43:f3:c7:37:43:e4:fe:
f4:04:80:72:6f:b1:8a:b4:dd:89:74:59:20:42:21:
f9:b1:c8:90:c0:e1:d0:2e:c1:79:7b:ba:38:51:d4:
c2:1c:79:8d:b2:45:f0:bb:30:8b:98:fb:0f:95:00:
45:4c:6a:db:ba:86:22:13:13:75:e1:68:d9:25:da:
68:45:d9:be:e2:76:92:87:fd:d3:dd:ae:4b:0a:75:
8f:ea:09:82:74:07:86:90:f1:b6:ad:f6:1f:f1:45:
af:0d:36:50:19:44:93:27:44:b5:56:d1:74:22:1c:
72:38:5e:cd:55:f5:8d:53:74:ea:42:a8:5f:1a:e9:
f3:11:f5:c7:50:9a:99:43:f0:ac:37:ae:7a:73:1e:
c5:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:11:36:3E:A9:4F:C4:FE:C1:DF:97:6E:98:94:4A:C8:22:7C:80:5F
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139382e302f32342d3234203d3e203134363138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.198.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:00:da:0e:81:ab:62:f1:5f:6a:a7:4d:18:6d:35:76:6c:c7:
10:82:1d:46:bb:ac:8b:05:54:df:70:29:d8:1c:01:78:e3:8e:
67:9f:44:7c:82:ee:e0:6f:2b:30:b8:90:65:c9:3f:fc:eb:e0:
ec:6a:c7:a6:de:65:9d:d3:76:21:10:46:2f:73:70:7a:3f:bc:
cd:fe:12:ab:60:8e:9d:89:f6:27:2b:86:67:e7:31:7b:8f:ff:
da:06:e6:d3:a9:54:2c:cb:35:88:99:5a:4e:e5:1a:ab:a2:39:
2e:5b:11:1d:e5:bf:77:3c:f8:4b:0c:fb:1a:fd:1a:d2:7f:af:
3b:58:5b:c8:d5:54:42:9a:1d:2d:af:47:47:05:27:0b:ac:4a:
40:98:8c:4c:07:66:ea:e4:7b:98:aa:99:e6:13:ac:ec:d0:ad:
31:79:14:0a:b2:7c:ff:9f:3d:54:f1:00:26:e2:ad:7f:b0:14:
03:f0:33:1f:89:1e:4f:9f:bc:80:2d:3e:95:6f:0a:05:69:52:
5f:22:e0:7e:48:86:8a:54:93:9e:fe:b2:22:39:7a:da:ed:2f:
e4:69:2c:61:44:f7:bd:1e:3a:7d:f8:91:58:9f:6c:4f:8e:9b:
79:34:31:d2:67:06:b7:23:f9:a5:ef:e9:16:7d:6b:2a:a3:e5:
d9:d3:01:3d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUTjBZIb/mQHdt6MU/u9FoMvM8HiowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTA1MDgxNDUwNTZaFw0yNjA1MDcxNDU1NTZaMDMxMTAvBgNV
BAMTKEJDMTEzNjNFQTk0RkM0RkVDMURGOTc2RTk4OTQ0QUM4MjI3QzgwNUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/ctT1OH43d199v+pelnwrv7fP
wO4JsGCGXVFqeuba7WCWq1sq712dFBG8fpv/n5l6nw8eNnq6xZ3pTaps5KL6nL/m
K0EQiyqzlW2QbXjaSsMmYwvV6dk5I9u0Wnt5fQZvrYgWwQV9HanXCuCa3xB8Q/PH
N0Pk/vQEgHJvsYq03Yl0WSBCIfmxyJDA4dAuwXl7ujhR1MIceY2yRfC7MIuY+w+V
AEVMatu6hiITE3XhaNkl2mhF2b7idpKH/dPdrksKdY/qCYJ0B4aQ8bat9h/xRa8N
NlAZRJMnRLVW0XQiHHI4Xs1V9Y1TdOpCqF8a6fMR9cdQmplD8Kw3rnpzHsWXAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUvBE2PqlPxP7B35dumJRKyCJ8gF8wHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzOTMzMmUzMTMwMzkyZTMx
MzkzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzNjMxMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADBbcYwDQYJKoZIhvcNAQELBQADggEBAFsA2g6Bq2LxX2qnTRhtNXZsxxCCHUa7
rIsFVN9wKdgcAXjjjmefRHyC7uBvKzC4kGXJP/zr4Oxqx6beZZ3TdiEQRi9zcHo/
vM3+Eqtgjp2J9icrhmfnMXuP/9oG5tOpVCzLNYiZWk7lGquiOS5bER3lv3c8+EsM
+xr9GtJ/rztYW8jVVEKaHS2vR0cFJwusSkCYjEwHZurke5iqmeYTrOzQrTF5FAqy
fP+fPVTxACbirX+wFAPwMx+JHk+fvIAtPpVvCgVpUl8i4H5IhopUk57+siI5etrt
L+RpLGFE970eOn34kVifbE+Om3k0MdJnBrcj+aXv6RZ9ayqj5dnTAT0=
-----END CERTIFICATE-----
Generated at Tue May 13 08:18:19 2025 by rpki-client