Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3139332e33372e3233392e302f32342d3234203d3e203231383539.roa
File: 3139332e33372e3233392e302f32342d3234203d3e203231383539.roa (raw, json)
Hash identifier: fXs8Q7RFNURJAv5Cpym1Y7A/Jcesf6v6o250wtbgcIM=
Subject key identifier: 9D:D3:76:EE:64:CA:34:EC:7C:C5:5C:20:E1:C7:81:E0:F3:B2:96:AC
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 21410D93CFD541C8222F3820C029F07FEA746DAE
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3139332e33372e3233392e302f32342d3234203d3e203231383539.roa
Signing time: Sun 27 Apr 2025 08:55:06 +0000
ROA not before: Sun 27 Apr 2025 08:50:06 +0000
ROA not after: Sun 26 Apr 2026 08:55:06 +0000
asID: 21859
IP address blocks: 193.37.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 23:27:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:41:0d:93:cf:d5:41:c8:22:2f:38:20:c0:29:f0:7f:ea:74:6d:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Apr 27 08:50:06 2025 GMT
Not After : Apr 26 08:55:06 2026 GMT
Subject: CN=9DD376EE64CA34EC7CC55C20E1C781E0F3B296AC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:a3:8c:1b:55:f8:f9:4e:76:7d:8c:0f:b0:1c:
6c:a4:39:92:8d:0e:e2:e5:39:bf:ba:41:51:74:ae:
bc:d6:db:9e:e0:a1:aa:8f:a8:3f:e0:ab:3e:1b:d9:
90:36:b8:ab:64:1a:4d:bc:67:26:ac:58:54:74:c2:
37:a0:0e:fa:31:68:6d:c0:ae:56:57:79:bb:e1:1a:
95:fe:21:48:be:65:2a:c3:42:83:30:b5:0d:25:0f:
fc:5a:0f:ba:99:b0:2f:2b:7b:b6:3d:90:a3:13:15:
fd:42:37:d3:44:ad:35:82:78:2f:9f:6c:39:94:c1:
b0:48:4e:44:86:70:29:7b:f6:01:fc:ec:5b:bb:8d:
f4:1f:89:23:5b:3f:d6:e1:89:a3:a0:66:b4:df:01:
5d:76:ef:a7:64:a1:5a:cd:69:aa:f5:0c:f8:d4:dd:
0e:83:b4:fc:0c:e8:cd:f6:79:8c:4d:6f:50:6c:33:
b8:70:04:fc:a4:7e:b9:c4:06:00:7f:a5:0a:c4:b0:
72:ac:b5:77:04:82:9d:ca:f4:42:7a:67:fc:5d:3c:
ee:c0:e8:89:fd:db:27:0b:ce:fa:75:74:47:8f:e6:
c3:e8:52:4c:5b:e9:89:1f:db:b8:6f:d5:56:e9:35:
ee:7f:fc:db:db:dc:60:60:6c:dd:98:f8:99:57:77:
fa:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:D3:76:EE:64:CA:34:EC:7C:C5:5C:20:E1:C7:81:E0:F3:B2:96:AC
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3139332e33372e3233392e302f32342d3234203d3e203231383539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.37.239.0/24
Signature Algorithm: sha256WithRSAEncryption
ca:05:b9:32:35:2b:85:70:71:d6:57:81:65:14:5e:09:0e:b7:
c9:05:2d:c5:03:09:e5:f6:7d:10:4d:2a:72:fa:d7:c0:c1:67:
86:39:47:2b:b7:d5:6b:15:08:c2:b0:a1:cf:05:b1:5d:e8:a5:
49:f6:ec:6b:b3:de:a5:5a:36:df:0a:1a:21:65:2c:7c:70:43:
2c:98:26:23:d3:39:99:5d:93:dc:7d:de:fd:ac:38:13:07:03:
25:6e:50:5b:5b:22:bd:48:ca:44:dd:f0:3d:1b:31:4e:fa:65:
20:8f:23:40:73:69:67:52:52:92:ef:6d:e1:81:10:bb:f6:1b:
79:32:67:55:02:83:35:28:6f:d5:97:0f:84:87:f6:3f:fe:ea:
99:61:c7:83:b5:74:5f:15:b1:c4:64:56:dd:28:34:39:b3:4d:
6d:2c:20:f3:e5:77:3a:2c:de:d4:c9:98:04:f1:cb:5b:a6:09:
55:40:aa:56:3d:27:e9:02:b2:b4:b7:62:f6:3e:69:40:48:59:
d6:0c:3b:8a:4d:84:21:98:44:c7:e7:5f:76:04:f9:b6:d7:3c:
e3:c3:fa:0a:d8:9d:99:27:5e:fa:03:d9:71:f1:0d:a3:17:a6:
c6:5c:f3:2c:cd:67:b8:06:df:7a:fe:b4:b9:e7:81:68:80:1c:
82:4f:ad:45
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUIUENk8/VQcgiLzggwCnwf+p0ba4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTA0MjcwODUwMDZaFw0yNjA0MjYwODU1MDZaMDMxMTAvBgNV
BAMTKDlERDM3NkVFNjRDQTM0RUM3Q0M1NUMyMEUxQzc4MUUwRjNCMjk2QUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDto4wbVfj5TnZ9jA+wHGykOZKN
DuLlOb+6QVF0rrzW257goaqPqD/gqz4b2ZA2uKtkGk28ZyasWFR0wjegDvoxaG3A
rlZXebvhGpX+IUi+ZSrDQoMwtQ0lD/xaD7qZsC8re7Y9kKMTFf1CN9NErTWCeC+f
bDmUwbBITkSGcCl79gH87Fu7jfQfiSNbP9bhiaOgZrTfAV1276dkoVrNaar1DPjU
3Q6DtPwM6M32eYxNb1BsM7hwBPykfrnEBgB/pQrEsHKstXcEgp3K9EJ6Z/xdPO7A
6In92ycLzvp1dEeP5sPoUkxb6Ykf27hv1VbpNe5//Nvb3GBgbN2Y+JlXd/pHAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUndN27mTKNOx8xVwg4ceB4POylqwwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzOTMzMmUzMzM3MmUzMjMz
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzgzNTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wSXvMA0GCSqGSIb3DQEBCwUAA4IBAQDKBbkyNSuFcHHWV4FlFF4JDrfJBS3FAwnl
9n0QTSpy+tfAwWeGOUcrt9VrFQjCsKHPBbFd6KVJ9uxrs96lWjbfChohZSx8cEMs
mCYj0zmZXZPcfd79rDgTBwMlblBbWyK9SMpE3fA9GzFO+mUgjyNAc2lnUlKS723h
gRC79ht5MmdVAoM1KG/Vlw+Eh/Y//uqZYceDtXRfFbHEZFbdKDQ5s01tLCDz5Xc6
LN7UyZgE8ctbpglVQKpWPSfpArK0t2L2PmlASFnWDDuKTYQhmETH5192BPm21zzj
w/oK2J2ZJ176A9lx8Q2jF6bGXPMszWe4Bt96/rS554FogByCT61F
-----END CERTIFICATE-----
Generated at Sat May 10 13:43:04 2025 by rpki-client