Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139382e302f32342d3234203d3e203136353039.roa
File: 3139332e3130392e3139382e302f32342d3234203d3e203136353039.roa (raw, json)
Hash identifier: z5V9n30p1GBU7c/KxMggtDwF7FacCwv91eyAp3oJpU4=
Subject key identifier: 78:3A:8A:65:4D:AF:E6:C9:38:AD:38:9B:E7:06:9F:A5:C3:91:82:A1
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 54CA917D44D6A4D0D0282CE2176CC95A126BFCB9
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139382e302f32342d3234203d3e203136353039.roa
Signing time: Thu 08 May 2025 14:55:56 +0000
ROA not before: Thu 08 May 2025 14:50:56 +0000
ROA not after: Thu 07 May 2026 14:55:56 +0000
asID: 16509
IP address blocks: 193.109.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 01:39:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:ca:91:7d:44:d6:a4:d0:d0:28:2c:e2:17:6c:c9:5a:12:6b:fc:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: May 8 14:50:56 2025 GMT
Not After : May 7 14:55:56 2026 GMT
Subject: CN=783A8A654DAFE6C938AD389BE7069FA5C39182A1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d4:e8:6d:64:73:45:d3:98:fb:c1:a5:4f:79:
1a:d3:72:48:6f:85:16:e5:a3:84:4e:54:c5:ba:09:
5b:dd:b5:1f:2d:f4:3a:cf:59:72:fb:32:d9:c0:84:
43:19:d4:93:cd:2b:21:bb:d7:d2:7c:59:89:5e:3b:
39:93:5c:2c:30:f5:3a:b8:0c:2b:6f:43:27:24:df:
55:38:46:47:a7:79:a0:79:fa:1b:5a:24:65:3a:75:
27:a2:d6:0d:73:29:d5:28:51:6e:10:51:6a:f1:ce:
12:31:28:8f:ef:7b:04:7c:fb:76:16:b6:60:66:56:
8d:bf:32:d9:51:a8:ec:1d:63:72:7e:65:2f:76:c7:
f3:fd:5d:bb:c5:30:93:25:7b:d5:a7:1b:a7:8f:1a:
80:8c:03:35:45:76:d6:66:72:12:1a:42:38:35:13:
4e:db:22:d8:5e:23:94:60:7e:ef:a8:c2:c6:8f:77:
49:e3:36:39:95:53:e8:17:ad:9d:9d:73:af:b0:98:
68:99:0d:f2:19:d8:ea:b0:f7:f3:39:27:b3:61:43:
30:7e:21:03:ab:f0:99:93:d1:60:9c:36:fb:e1:0b:
14:4f:e1:d9:dc:3c:f5:8e:b9:5e:59:fa:a3:17:d5:
35:f3:bd:c0:40:09:93:60:65:96:56:3a:b6:04:95:
98:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:3A:8A:65:4D:AF:E6:C9:38:AD:38:9B:E7:06:9F:A5:C3:91:82:A1
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139382e302f32342d3234203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.198.0/24
Signature Algorithm: sha256WithRSAEncryption
74:a8:e7:8c:cf:2a:a6:2c:6e:35:d6:01:a1:72:0f:e2:38:1f:
44:ec:84:7e:6d:76:34:9c:15:05:5f:71:4e:fe:44:2d:94:7e:
a6:fd:f6:01:37:63:75:98:3f:be:bf:45:11:10:91:30:7f:eb:
69:81:a3:c0:c6:7e:e9:46:b8:a3:0a:f2:71:f5:20:70:6a:20:
6e:53:4b:1b:e6:7c:7f:0a:34:05:f1:59:57:bc:b0:ad:4b:29:
85:ce:54:cd:b9:33:8d:a2:50:98:43:35:32:05:e2:44:a5:2f:
89:57:f9:56:7a:5a:03:ff:19:30:83:45:5f:dd:2b:38:1e:93:
b0:ec:5d:c0:61:97:9b:bb:77:39:32:45:6f:2f:6c:8d:82:91:
7c:d1:cb:ea:65:bb:63:29:71:1a:fc:c1:0d:23:7a:4a:d2:f5:
77:2e:7c:b3:08:39:43:50:be:07:78:35:ab:a7:da:da:41:ab:
f9:00:fc:a3:de:4f:5f:68:b1:60:75:7d:82:75:a9:94:c0:cf:
88:7c:95:7f:45:42:f2:6a:1d:01:5f:bc:18:c3:a9:1d:e0:26:
9e:39:ba:79:7f:fe:48:f0:2a:27:63:a0:28:03:aa:ac:07:e9:
90:f3:7d:93:b3:34:81:5c:24:87:d1:cb:fa:4d:57:98:03:70:
d2:db:fb:1e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUVMqRfUTWpNDQKCziF2zJWhJr/LkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTA1MDgxNDUwNTZaFw0yNjA1MDcxNDU1NTZaMDMxMTAvBgNV
BAMTKDc4M0E4QTY1NERBRkU2QzkzOEFEMzg5QkU3MDY5RkE1QzM5MTgyQTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG1OhtZHNF05j7waVPeRrTckhv
hRblo4ROVMW6CVvdtR8t9DrPWXL7MtnAhEMZ1JPNKyG719J8WYleOzmTXCww9Tq4
DCtvQyck31U4RkeneaB5+htaJGU6dSei1g1zKdUoUW4QUWrxzhIxKI/vewR8+3YW
tmBmVo2/MtlRqOwdY3J+ZS92x/P9XbvFMJMle9WnG6ePGoCMAzVFdtZmchIaQjg1
E07bItheI5Rgfu+owsaPd0njNjmVU+gXrZ2dc6+wmGiZDfIZ2Oqw9/M5J7NhQzB+
IQOr8JmT0WCcNvvhCxRP4dncPPWOuV5Z+qMX1TXzvcBACZNgZZZWOrYElZjjAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUeDqKZU2v5sk4rTib5wafpcORgqEwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzOTMzMmUzMTMwMzkyZTMx
MzkzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzYzNTMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADBbcYwDQYJKoZIhvcNAQELBQADggEBAHSo54zPKqYsbjXWAaFyD+I4H0TshH5t
djScFQVfcU7+RC2Ufqb99gE3Y3WYP76/RREQkTB/62mBo8DGfulGuKMK8nH1IHBq
IG5TSxvmfH8KNAXxWVe8sK1LKYXOVM25M42iUJhDNTIF4kSlL4lX+VZ6WgP/GTCD
RV/dKzgek7DsXcBhl5u7dzkyRW8vbI2CkXzRy+plu2MpcRr8wQ0jekrS9XcufLMI
OUNQvgd4Naun2tpBq/kA/KPeT19osWB1fYJ1qZTAz4h8lX9FQvJqHQFfvBjDqR3g
Jp45unl//kjwKidjoCgDqqwH6ZDzfZOzNIFcJIfRy/pNV5gDcNLb+x4=
-----END CERTIFICATE-----
Generated at Sun May 11 18:49:49 2025 by rpki-client