Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS199959.roa
File: AS199959.roa (raw, json)
Hash identifier: l0SpRrQl1qSfJbiBWmOO7daEwKaG2znv0Z9JGSpeJzI=
Subject key identifier: 8C:83:40:31:33:DD:FF:F1:40:9C:38:4A:1D:30:CC:92:AF:5B:B1:58
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 4766FBB107C93217F87726642EF86C755A19D6F6
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS199959.roa
Signing time: Sat 26 Apr 2025 10:20:04 +0000
ROA not before: Sat 26 Apr 2025 10:15:04 +0000
ROA not after: Sat 25 Apr 2026 10:20:04 +0000
asID: 199959
IP address blocks: 91.124.145.0/24 maxlen: 24
91.124.178.0/24 maxlen: 24
91.124.179.0/24 maxlen: 24
91.124.216.0/24 maxlen: 24
91.124.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 08:22:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:66:fb:b1:07:c9:32:17:f8:77:26:64:2e:f8:6c:75:5a:19:d6:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Apr 26 10:15:04 2025 GMT
Not After : Apr 25 10:20:04 2026 GMT
Subject: CN=8C83403133DDFFF1409C384A1D30CC92AF5BB158
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:52:5c:42:21:d7:7e:c8:11:ae:90:9f:68:9a:
15:f7:64:b6:72:b8:02:0f:8c:21:db:90:9d:95:45:
84:48:4b:6b:6b:62:87:ec:17:e6:c9:d1:3c:97:4a:
50:f0:ad:aa:2b:16:eb:69:1f:af:73:5d:d5:f5:66:
ba:ec:71:52:5c:0e:96:10:7b:8f:aa:d3:e8:18:5b:
43:48:5a:cf:9c:e2:86:a7:38:a8:8e:a0:2f:fe:4e:
bf:f9:ba:96:36:e6:5a:87:9e:df:2a:00:27:b5:40:
92:26:8f:40:03:8a:87:59:8e:63:e2:b9:af:ac:3c:
7b:a6:19:d8:e9:31:6c:00:65:ee:6a:df:19:81:b1:
70:a9:cf:bb:49:ee:4f:87:ad:84:8b:36:ac:2e:32:
c6:6d:07:cf:d9:dc:73:a1:70:ad:68:00:e2:f2:09:
89:dd:f6:4f:60:68:a7:f4:6e:ba:42:f2:2f:59:6a:
45:af:27:b7:69:0a:e8:fc:26:ff:41:c2:0d:53:32:
52:69:04:81:f0:00:28:bc:9f:30:ae:ca:42:70:26:
79:3f:16:9b:66:ab:3d:b0:5a:ac:1b:75:86:dc:95:
32:84:28:7d:e2:31:88:8d:94:27:a8:9d:6c:f2:a0:
88:a2:4f:e3:3a:db:b0:b3:6d:85:14:d5:b2:95:09:
3e:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:83:40:31:33:DD:FF:F1:40:9C:38:4A:1D:30:CC:92:AF:5B:B1:58
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS199959.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.145.0/24
91.124.178.0/23
91.124.216.0/24
91.124.219.0/24
Signature Algorithm: sha256WithRSAEncryption
04:a6:2a:00:6f:fc:46:02:11:50:34:86:fa:6a:03:2f:31:a5:
35:9c:12:9d:d8:6f:a4:c5:a0:8b:4a:66:0d:46:af:d5:1e:59:
1c:b9:1d:dc:19:5a:8b:8b:99:60:cd:04:81:56:f5:dc:db:16:
b9:77:53:a7:f5:c0:08:f6:c0:7b:7d:de:5f:1f:af:c8:7a:cb:
b1:a7:2e:47:ad:68:cf:cd:01:34:58:b0:21:99:60:68:ba:55:
6a:b2:f7:14:31:6b:a6:6b:5e:9d:ad:6b:8e:5f:85:a7:06:dc:
d9:81:65:3c:16:bd:9a:8b:5a:2f:a0:4d:42:d8:81:6c:0d:14:
fc:e3:e6:17:6c:15:8a:50:27:f1:ab:0c:6f:2b:46:0a:2c:3a:
6d:2b:ea:02:10:a7:ac:c7:63:18:81:af:30:4c:24:87:1d:18:
08:99:53:b5:61:86:d7:bd:64:c5:fb:df:1f:07:fe:54:53:2b:
ba:d8:d0:04:49:08:1e:0b:43:2d:bf:02:d3:63:2f:b3:dd:02:
53:8f:e1:00:31:22:8e:03:b4:06:43:df:e6:39:83:21:34:ac:
33:4f:86:37:36:a6:26:49:5b:6d:bc:94:69:44:f3:10:99:56:
5b:b5:4f:b9:ab:f5:32:d6:41:62:c4:b6:b6:00:06:32:0a:d4:
72:47:7a:b4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUR2b7sQfJMhf4dyZkLvhsdVoZ1vYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA0MjYxMDE1MDRaFw0yNjA0MjUxMDIwMDRaMDMxMTAvBgNV
BAMTKDhDODM0MDMxMzNEREZGRjE0MDlDMzg0QTFEMzBDQzkyQUY1QkIxNTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCJUlxCIdd+yBGukJ9omhX3ZLZy
uAIPjCHbkJ2VRYRIS2trYofsF+bJ0TyXSlDwraorFutpH69zXdX1ZrrscVJcDpYQ
e4+q0+gYW0NIWs+c4oanOKiOoC/+Tr/5upY25lqHnt8qACe1QJImj0ADiodZjmPi
ua+sPHumGdjpMWwAZe5q3xmBsXCpz7tJ7k+HrYSLNqwuMsZtB8/Z3HOhcK1oAOLy
CYnd9k9gaKf0brpC8i9ZakWvJ7dpCuj8Jv9Bwg1TMlJpBIHwACi8nzCuykJwJnk/
Fptmqz2wWqwbdYbclTKEKH3iMYiNlCeonWzyoIiiT+M627CzbYUU1bKVCT53AgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUjINAMTPd//FAnDhKHTDMkq9bsVgwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTk5OTU5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW3yR
AwQBW3yyAwQAW3zYAwQAW3zbMA0GCSqGSIb3DQEBCwUAA4IBAQAEpioAb/xGAhFQ
NIb6agMvMaU1nBKd2G+kxaCLSmYNRq/VHlkcuR3cGVqLi5lgzQSBVvXc2xa5d1On
9cAI9sB7fd5fH6/Iesuxpy5HrWjPzQE0WLAhmWBoulVqsvcUMWuma16drWuOX4Wn
BtzZgWU8Fr2ai1ovoE1C2IFsDRT84+YXbBWKUCfxqwxvK0YKLDptK+oCEKesx2MY
ga8wTCSHHRgImVO1YYbXvWTF+98fB/5UUyu62NAESQgeC0MtvwLTYy+z3QJTj+EA
MSKOA7QGQ9/mOYMhNKwzT4Y3NqYmSVttvJRpRPMQmVZbtU+5q/Uy1kFixLa2AAYy
CtRyR3q0
-----END CERTIFICATE-----
Generated at Mon May 5 23:36:30 2025 by rpki-client