Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/39312e3139392e3130382e302f32342d3234203d3e203630343538.roa
File: 39312e3139392e3130382e302f32342d3234203d3e203630343538.roa (raw, json)
Hash identifier: Ltqzgt94mzKk47x8Q+jGxz5JrNySG/Y0tzlAfjYhG0M=
Subject key identifier: DE:90:E0:F6:42:3E:CB:FE:A5:55:66:6F:1F:B4:6E:37:D6:D1:FB:19
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 62859DD4397FBADB8809F4B3911B9C8151024DA4
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/39312e3139392e3130382e302f32342d3234203d3e203630343538.roa
Signing time: Mon 05 May 2025 06:54:05 +0000
ROA not before: Mon 05 May 2025 06:49:05 +0000
ROA not after: Mon 04 May 2026 06:54:05 +0000
asID: 60458
IP address blocks: 91.199.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 08:07:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:85:9d:d4:39:7f:ba:db:88:09:f4:b3:91:1b:9c:81:51:02:4d:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: May 5 06:49:05 2025 GMT
Not After : May 4 06:54:05 2026 GMT
Subject: CN=DE90E0F6423ECBFEA555666F1FB46E37D6D1FB19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6a:64:bd:78:d3:aa:e9:ab:54:85:c1:da:a9:
0d:14:d2:cc:37:86:bf:fc:36:87:3e:f6:b6:25:94:
f2:9d:52:41:b4:fb:2f:78:36:b9:93:03:3a:5a:42:
a5:85:97:48:67:b5:f5:0b:45:87:3c:72:5d:5d:3b:
78:72:82:cb:1c:8d:62:4d:eb:11:ba:2a:cb:df:88:
d9:63:3d:8b:5a:52:59:39:27:2d:47:82:e5:d8:41:
e3:10:3f:7d:7a:68:72:89:6a:5a:9a:37:3a:ca:aa:
cf:83:32:79:73:6f:d5:55:a9:28:06:83:6a:b1:94:
2f:4e:81:f0:13:36:fc:b9:e5:0a:6f:15:9e:a7:02:
92:01:ed:a3:3a:3c:72:b5:7f:60:6b:b8:61:d4:33:
30:7a:02:d8:8d:a2:16:5d:d4:5c:e3:07:a3:73:1e:
28:c0:57:8d:f2:99:cd:76:de:d1:28:58:46:d3:17:
48:1d:c7:07:f5:a1:36:e8:06:00:20:f3:14:f5:8e:
5b:e3:98:98:c6:64:9a:7f:c7:b4:9f:77:fc:bf:c5:
5c:c1:49:c8:c2:bb:5e:bc:ff:fb:c2:af:2a:2a:86:
17:c3:2a:d3:c8:73:fa:ab:46:a4:db:bf:c5:f9:59:
f2:85:e9:c8:5e:0a:0e:31:12:ad:86:dd:07:54:fd:
cd:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:90:E0:F6:42:3E:CB:FE:A5:55:66:6F:1F:B4:6E:37:D6:D1:FB:19
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/39312e3139392e3130382e302f32342d3234203d3e203630343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.108.0/24
Signature Algorithm: sha256WithRSAEncryption
cd:6a:9e:20:a5:1d:81:48:69:f9:06:44:a3:dd:d9:22:28:e2:
1f:4e:29:f7:bf:bd:08:ac:5c:1a:aa:93:24:67:7a:85:12:53:
d0:4a:72:55:53:1c:46:7a:43:27:ed:50:3c:aa:f1:33:47:c4:
a1:25:4d:92:4c:46:db:0d:dc:ed:6f:19:b6:68:f1:56:c9:5c:
b3:fc:be:d2:5e:a3:cf:78:4d:fc:b5:e6:66:bb:75:07:6b:72:
49:ed:3c:26:95:5b:dd:7a:c5:da:f9:39:b6:1f:fe:65:03:ee:
a1:e9:2f:2c:dd:d7:93:6e:f6:b0:29:2e:84:d0:72:b0:30:9d:
b2:af:c6:11:ec:bb:c6:0e:f5:06:88:af:9f:85:ba:98:1a:0b:
50:bd:26:24:e5:cc:71:fc:0e:46:01:f7:65:27:81:06:aa:c8:
ef:4d:65:70:b6:5d:5a:02:91:be:bc:0d:a7:c6:0f:c0:cb:d7:
ae:c9:67:d9:80:0e:3b:51:d0:c3:b0:9e:2e:08:5a:53:0e:d0:
3a:f4:4a:8e:50:bc:ba:26:e0:37:2a:88:31:15:f1:00:76:9c:
5d:45:d2:3c:d9:76:86:15:0c:3e:fb:92:ec:42:d7:af:b6:64:
7b:40:23:78:ce:ec:a2:70:97:23:b5:c7:33:9e:38:ac:10:65:
99:d6:65:9d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUYoWd1Dl/utuICfSzkRucgVECTaQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNTA1MDUwNjQ5MDVaFw0yNjA1MDQwNjU0MDVaMDMxMTAvBgNV
BAMTKERFOTBFMEY2NDIzRUNCRkVBNTU1NjY2RjFGQjQ2RTM3RDZEMUZCMTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8amS9eNOq6atUhcHaqQ0U0sw3
hr/8Noc+9rYllPKdUkG0+y94NrmTAzpaQqWFl0hntfULRYc8cl1dO3hygsscjWJN
6xG6KsvfiNljPYtaUlk5Jy1HguXYQeMQP316aHKJalqaNzrKqs+DMnlzb9VVqSgG
g2qxlC9OgfATNvy55QpvFZ6nApIB7aM6PHK1f2BruGHUMzB6AtiNohZd1FzjB6Nz
HijAV43ymc123tEoWEbTF0gdxwf1oTboBgAg8xT1jlvjmJjGZJp/x7Sfd/y/xVzB
ScjCu168//vCryoqhhfDKtPIc/qrRqTbv8X5WfKF6cheCg4xEq2G3QdU/c3DAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU3pDg9kI+y/6lVWZvH7RuN9bR+xkwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzkzMTJlMzEzOTM5MmUzMTMw
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMwMzQzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
W8dsMA0GCSqGSIb3DQEBCwUAA4IBAQDNap4gpR2BSGn5BkSj3dkiKOIfTin3v70I
rFwaqpMkZ3qFElPQSnJVUxxGekMn7VA8qvEzR8ShJU2STEbbDdztbxm2aPFWyVyz
/L7SXqPPeE38teZmu3UHa3JJ7TwmlVvdesXa+Tm2H/5lA+6h6S8s3deTbvawKS6E
0HKwMJ2yr8YR7LvGDvUGiK+fhbqYGgtQvSYk5cxx/A5GAfdlJ4EGqsjvTWVwtl1a
ApG+vA2nxg/Ay9euyWfZgA47UdDDsJ4uCFpTDtA69EqOULy6JuA3KogxFfEAdpxd
RdI82XaGFQw++5LsQtevtmR7QCN4zuyicJcjtccznjisEGWZ1mWd
-----END CERTIFICATE-----
Generated at Sat May 10 22:26:50 2025 by rpki-client