Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/39312e3139392e3130322e302f32342d3234203d3e203630343538.roa
File: 39312e3139392e3130322e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: RopopLlJOVRjGz4avSxfYPvo0OC9G/eDY75KWGAV/aw=
Subject key identifier: 4D:01:F5:34:7E:43:8D:48:3A:39:60:65:28:22:2F:1C:FC:18:15:C8
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 316E2B4B36C2DA0961FE99142E0BFD2661014834
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/39312e3139392e3130322e302f32342d3234203d3e203630343538.roa
Signing time: Mon 05 May 2025 06:54:06 +0000
ROA not before: Mon 05 May 2025 06:49:06 +0000
ROA not after: Mon 04 May 2026 06:54:06 +0000
asID: 60458
IP address blocks: 91.199.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:6e:2b:4b:36:c2:da:09:61:fe:99:14:2e:0b:fd:26:61:01:48:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: May 5 06:49:06 2025 GMT
Not After : May 4 06:54:06 2026 GMT
Subject: CN=4D01F5347E438D483A39606528222F1CFC1815C8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d8:e0:c3:7b:90:de:12:5f:03:b3:45:dd:6b:
70:c6:d8:54:65:20:41:a7:79:80:94:fc:79:cc:70:
5a:6b:20:a2:8c:ae:2d:b9:88:b4:c2:5b:d4:4a:3a:
c0:84:d2:d7:33:4f:29:ab:e5:53:eb:82:9a:58:6b:
53:a7:8c:84:d7:ca:07:0b:34:d2:dd:3d:fc:a6:73:
72:23:8c:4e:a8:a0:4c:d6:e0:95:0f:ca:3d:d2:0b:
01:d6:f2:9c:22:aa:6a:a7:62:eb:95:3d:63:3b:f7:
9f:a5:49:09:65:24:fa:a8:ec:d1:d1:0b:44:64:a7:
cd:34:23:b6:5c:b0:e2:e6:b7:a0:20:27:8d:dd:ca:
7e:20:7a:0b:ac:6f:45:5e:8a:aa:48:76:59:76:47:
7c:c0:0d:7f:51:6c:03:4a:68:12:bb:d9:7d:50:ab:
db:9d:c5:5d:41:22:7a:d6:70:e9:2f:23:16:45:3e:
43:61:ef:11:76:3f:b9:11:d6:c0:05:cb:b3:85:91:
9c:6b:c9:f3:bb:2b:52:f6:f7:c8:1a:4e:c7:28:61:
37:39:64:60:32:63:56:1f:52:61:3f:d6:8b:d4:5e:
c4:e2:97:49:36:15:50:33:06:d2:94:a2:95:a7:b1:
ee:08:d6:b6:76:bb:9e:fb:47:ce:00:11:6c:51:54:
2f:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:01:F5:34:7E:43:8D:48:3A:39:60:65:28:22:2F:1C:FC:18:15:C8
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/39312e3139392e3130322e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.102.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:42:27:a0:3b:96:11:cf:aa:31:59:85:66:ea:85:07:f6:9b:
c5:5d:15:29:9a:2f:b4:e0:d5:0e:3e:1c:e9:1a:c4:6e:f1:74:
33:c9:8e:0b:6f:28:70:99:15:75:3e:32:de:e7:44:71:eb:60:
83:5b:c1:e9:81:bf:f3:0d:64:8c:5d:26:09:44:90:c6:36:a4:
72:88:1f:51:c1:31:bf:a6:bc:90:05:a1:02:4b:bf:d2:ec:63:
c3:f3:74:ca:c0:a0:ce:ac:ff:7f:b0:36:7e:f4:0b:ea:96:ba:
86:01:64:f3:72:71:73:0b:68:a3:f7:2e:de:8f:19:81:f5:cb:
9c:01:8a:88:a3:a6:99:53:a4:22:2c:fd:1b:09:fd:4e:40:f8:
73:ed:50:01:72:62:74:f9:13:7a:e7:0d:c3:39:09:c2:a3:96:
cd:35:7c:06:09:7f:98:d7:b3:bc:97:13:ca:f3:d3:29:b0:d0:
91:09:72:82:61:8b:a2:98:aa:db:a2:1f:13:15:68:6d:51:91:
a9:bb:94:60:e1:39:a7:19:b2:9f:75:01:d8:9b:0a:15:4c:c6:
99:fc:39:f8:4f:d7:d1:c3:62:ab:8b:4c:1f:21:4c:9b:0c:9d:
51:30:65:f8:07:08:b8:42:d1:f4:84:1e:8a:05:8e:31:95:01:
a8:5f:2d:df
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUMW4rSzbC2glh/pkULgv9JmEBSDQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNTA1MDUwNjQ5MDZaFw0yNjA1MDQwNjU0MDZaMDMxMTAvBgNV
BAMTKDREMDFGNTM0N0U0MzhENDgzQTM5NjA2NTI4MjIyRjFDRkMxODE1QzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCq2ODDe5DeEl8Ds0Xda3DG2FRl
IEGneYCU/HnMcFprIKKMri25iLTCW9RKOsCE0tczTymr5VPrgppYa1OnjITXygcL
NNLdPfymc3IjjE6ooEzW4JUPyj3SCwHW8pwiqmqnYuuVPWM795+lSQllJPqo7NHR
C0Rkp800I7ZcsOLmt6AgJ43dyn4gegusb0VeiqpIdll2R3zADX9RbANKaBK72X1Q
q9udxV1BInrWcOkvIxZFPkNh7xF2P7kR1sAFy7OFkZxryfO7K1L298gaTscoYTc5
ZGAyY1YfUmE/1ovUXsTil0k2FVAzBtKUopWnse4I1rZ2u577R84AEWxRVC/bAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUTQH1NH5DjUg6OWBlKCIvHPwYFcgwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzkzMTJlMzEzOTM5MmUzMTMw
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMwMzQzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
W8dmMA0GCSqGSIb3DQEBCwUAA4IBAQBrQiegO5YRz6oxWYVm6oUH9pvFXRUpmi+0
4NUOPhzpGsRu8XQzyY4LbyhwmRV1PjLe50Rx62CDW8Hpgb/zDWSMXSYJRJDGNqRy
iB9RwTG/pryQBaECS7/S7GPD83TKwKDOrP9/sDZ+9AvqlrqGAWTzcnFzC2ij9y7e
jxmB9cucAYqIo6aZU6QiLP0bCf1OQPhz7VABcmJ0+RN65w3DOQnCo5bNNXwGCX+Y
17O8lxPK89MpsNCRCXKCYYuimKrboh8TFWhtUZGpu5Rg4TmnGbKfdQHYmwoVTMaZ
/Dn4T9fRw2Kri0wfIUybDJ1RMGX4Bwi4QtH0hB6KBY4xlQGoXy3f
-----END CERTIFICATE-----
Generated at Sat May 10 10:53:35 2025 by rpki-client