Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/3139332e33372e3233362e302f32342d3234203d3e203631333137.roa
File: 3139332e33372e3233362e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: qxlkfW/nLMV9I5WoI6HQ89q00naILT20Rguml63Zf0A=
Subject key identifier: 57:FE:B5:A6:83:47:3D:84:7D:06:D3:4F:F1:AB:9A:40:41:D6:46:15
Certificate issuer: /CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Certificate serial: 12E06EC47395704386C6212EB1A592F48C297506
Authority key identifier: 9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/3139332e33372e3233362e302f32342d3234203d3e203631333137.roa
Signing time: Wed 23 Apr 2025 09:54:04 +0000
ROA not before: Wed 23 Apr 2025 09:49:04 +0000
ROA not after: Wed 22 Apr 2026 09:54:04 +0000
asID: 61317
IP address blocks: 193.37.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 18:43:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:e0:6e:c4:73:95:70:43:86:c6:21:2e:b1:a5:92:f4:8c:29:75:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Validity
Not Before: Apr 23 09:49:04 2025 GMT
Not After : Apr 22 09:54:04 2026 GMT
Subject: CN=57FEB5A683473D847D06D34FF1AB9A4041D64615
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:54:96:2d:59:4b:21:df:bc:79:98:b5:4a:2c:
29:27:96:b9:14:f2:4b:d3:a5:85:36:7a:f7:29:e3:
b4:d1:32:39:87:34:3b:af:7a:f3:e4:0d:49:96:87:
e8:84:c8:f5:be:ef:32:db:aa:59:6c:9a:c3:84:d7:
2b:46:88:6a:64:63:3b:81:66:3c:f4:e4:53:33:d1:
9a:bf:a5:a0:b9:ec:c2:5d:cc:c8:16:a8:ea:10:46:
7a:86:d3:7b:94:f1:4e:7d:f4:d8:ab:bf:56:f0:77:
97:5e:5d:95:e8:08:bc:cf:b6:0e:34:06:d9:1f:43:
a1:39:77:a9:f1:42:a7:2c:82:b9:be:06:dd:d1:0c:
f5:60:3a:fb:66:89:42:0e:cf:b4:ff:08:8d:65:31:
45:b6:fb:04:92:c3:23:de:6a:16:31:b7:81:54:0b:
88:8f:0c:65:56:ae:2e:db:05:0e:07:f3:d6:3e:62:
41:b0:e1:4e:3c:7e:84:ab:3c:7b:ad:a4:6a:f1:34:
cd:ba:e5:4b:df:bb:7d:d4:f5:4b:d8:28:72:ef:f5:
77:50:f0:fd:4b:04:3f:bc:e2:a8:08:a9:15:50:61:
d3:a9:74:f7:7f:e7:4e:a3:17:66:49:20:e6:20:a7:
30:14:09:93:63:6d:1f:fa:a0:e9:eb:cf:1e:10:5c:
bb:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:FE:B5:A6:83:47:3D:84:7D:06:D3:4F:F1:AB:9A:40:41:D6:46:15
X509v3 Authority Key Identifier:
keyid:9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/3139332e33372e3233362e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.37.236.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:eb:97:17:1d:f9:40:3c:5e:12:aa:86:0f:6c:76:03:19:3b:
80:81:b0:57:7b:dd:fc:1d:84:a8:d6:3c:30:66:af:11:10:d5:
c5:1f:e6:f0:76:bd:ba:b1:04:e2:f8:c0:c5:7a:da:05:e4:25:
46:12:a2:60:65:d8:1f:6d:8f:c9:18:02:1d:e8:07:9a:26:ec:
a4:46:b0:72:d0:c4:73:71:84:c4:e2:20:49:50:c5:42:4b:24:
d3:e5:3d:ae:6c:13:ac:1e:e2:7f:25:c1:17:6e:52:13:e1:14:
9d:82:7f:74:0b:fd:ee:68:24:9f:e6:29:cb:c9:58:5f:3a:96:
55:75:de:a7:49:c8:d2:af:e1:2d:35:cf:55:f4:5d:d6:4d:8c:
eb:2f:6e:2b:23:3a:de:bc:d1:c0:41:e6:8c:c9:3b:30:df:0e:
b3:68:e0:99:12:af:4e:80:b9:be:cd:fb:d3:d8:44:db:37:8b:
b5:2e:bd:c0:56:8c:39:eb:75:57:78:8c:c6:d7:aa:44:71:9b:
e3:f0:68:91:63:95:b7:94:cf:ec:f2:af:8f:73:74:86:49:bd:
eb:c6:3f:7e:22:85:2b:5e:ef:6d:6d:fb:81:f1:21:f7:94:41:
43:bf:c5:59:f8:e4:2e:4d:b7:6b:87:2b:3b:a3:da:93:b8:d3:
40:58:60:39
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUEuBuxHOVcEOGxiEusaWS9IwpdQYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWYwZDI0Yzg1NWVlZTAwZmU0YWJmMzkwM2M2ZThmY2M3
MDgzZWQ0ZDAeFw0yNTA0MjMwOTQ5MDRaFw0yNjA0MjIwOTU0MDRaMDMxMTAvBgNV
BAMTKDU3RkVCNUE2ODM0NzNEODQ3RDA2RDM0RkYxQUI5QTQwNDFENjQ2MTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoVJYtWUsh37x5mLVKLCknlrkU
8kvTpYU2evcp47TRMjmHNDuvevPkDUmWh+iEyPW+7zLbqllsmsOE1ytGiGpkYzuB
Zjz05FMz0Zq/paC57MJdzMgWqOoQRnqG03uU8U599Nirv1bwd5deXZXoCLzPtg40
BtkfQ6E5d6nxQqcsgrm+Bt3RDPVgOvtmiUIOz7T/CI1lMUW2+wSSwyPeahYxt4FU
C4iPDGVWri7bBQ4H89Y+YkGw4U48foSrPHutpGrxNM265Uvfu33U9UvYKHLv9XdQ
8P1LBD+84qgIqRVQYdOpdPd/506jF2ZJIOYgpzAUCZNjbR/6oOnrzx4QXLslAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUV/61poNHPYR9BtNP8auaQEHWRhUwHwYDVR0j
BBgwFoAUnw0kyFXu4A/kq/OQPG6PzHCD7U0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQtNDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3
ODEzLzAvOUYwRDI0Qzg1NUVFRTAwRkU0QUJGMzkwM0M2RThGQ0M3MDgzRUQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL253MGt5Rlh1NEFfa3FfT1FQRzZQekhD
RDdVMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQt
NDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3ODEzLzAvMzEzOTMzMmUzMzM3MmUzMjMz
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMxMzMzMTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wSXsMA0GCSqGSIb3DQEBCwUAA4IBAQAr65cXHflAPF4SqoYPbHYDGTuAgbBXe938
HYSo1jwwZq8RENXFH+bwdr26sQTi+MDFetoF5CVGEqJgZdgfbY/JGAId6AeaJuyk
RrBy0MRzcYTE4iBJUMVCSyTT5T2ubBOsHuJ/JcEXblIT4RSdgn90C/3uaCSf5inL
yVhfOpZVdd6nScjSr+EtNc9V9F3WTYzrL24rIzrevNHAQeaMyTsw3w6zaOCZEq9O
gLm+zfvT2ETbN4u1Lr3AVow563VXeIzG16pEcZvj8GiRY5W3lM/s8q+Pc3SGSb3r
xj9+IoUrXu9tbfuB8SH3lEFDv8VZ+OQuTbdrhys7o9qTuNNAWGA5
-----END CERTIFICATE-----
Generated at Wed May 7 11:20:33 2025 by rpki-client