Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/38342e31392e3136302e302f31392d3234203d3e203331313033.roa
File: 38342e31392e3136302e302f31392d3234203d3e203331313033.roa (raw, json)
Hash identifier: mmfL5qVgg4KaXtsVE7F7YcQcdDAu4pHAKwG2SsIvh8s=
Subject key identifier: E2:1F:B5:48:65:BE:8C:5F:ED:12:39:A0:11:6B:BF:7D:57:B2:EA:6F
Certificate issuer: /CN=9e576996388e94b8c7ab20effb23bd11becb4108
Certificate serial: 09AD955EA896EE3BE6BA1ABFE7D200768F2AABD6
Authority key identifier: 9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/38342e31392e3136302e302f31392d3234203d3e203331313033.roa
Signing time: Fri 02 May 2025 13:54:05 +0000
ROA not before: Fri 02 May 2025 13:49:05 +0000
ROA not after: Fri 01 May 2026 13:54:05 +0000
asID: 31103
IP address blocks: 84.19.160.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.mft
rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 23:19:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:ad:95:5e:a8:96:ee:3b:e6:ba:1a:bf:e7:d2:00:76:8f:2a:ab:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e576996388e94b8c7ab20effb23bd11becb4108
Validity
Not Before: May 2 13:49:05 2025 GMT
Not After : May 1 13:54:05 2026 GMT
Subject: CN=E21FB54865BE8C5FED1239A0116BBF7D57B2EA6F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:30:9d:78:77:b7:02:9a:ee:5a:04:e1:46:b1:
3c:ef:86:ed:15:8b:09:e3:08:cb:47:da:93:8f:37:
6c:1d:28:97:7b:60:e1:86:54:ee:5a:09:ae:41:31:
96:11:87:f2:32:70:48:de:c2:bd:cc:c9:e0:9d:92:
40:12:e2:7e:ff:d8:ef:1d:70:d4:70:68:4c:8e:8f:
d3:1e:1d:52:31:5d:c4:dd:a1:73:6c:da:bf:a3:20:
ab:bc:5f:b8:3c:0e:6d:92:75:53:ae:f3:ad:10:e7:
6f:2d:fd:58:6b:16:26:8a:92:4d:c2:ca:68:35:f2:
6b:c0:a5:e1:0a:66:8c:15:61:7b:e6:a4:a9:d7:ab:
9f:02:5f:c4:4e:1e:aa:c4:78:ea:ea:4c:ee:8f:8f:
37:a4:9f:45:6b:2e:e8:47:90:a9:73:ae:5b:5b:a0:
09:f0:90:40:3e:38:61:ac:66:94:56:fc:1c:1f:ab:
95:1b:47:f1:ba:35:56:e2:0c:40:41:0b:9e:8f:a5:
16:0f:74:d0:a1:7a:87:12:49:ec:96:1c:b1:c3:44:
43:f8:13:25:43:ea:17:53:18:9b:6a:2b:de:5b:7b:
fe:92:93:cc:3b:de:72:b5:94:79:c2:b8:60:9f:09:
93:27:ab:9d:a4:c0:05:f6:ff:fd:1f:75:d0:ec:61:
7d:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:1F:B5:48:65:BE:8C:5F:ED:12:39:A0:11:6B:BF:7D:57:B2:EA:6F
X509v3 Authority Key Identifier:
keyid:9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/38342e31392e3136302e302f31392d3234203d3e203331313033.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.19.160.0/19
Signature Algorithm: sha256WithRSAEncryption
27:52:04:86:52:27:9e:46:1e:23:35:da:d4:17:53:99:ea:69:
a7:d8:07:51:24:e4:07:56:7c:ab:8e:78:5d:81:71:8a:71:66:
00:68:40:1b:b5:3c:7d:6d:65:20:7c:b2:94:e5:fe:80:24:75:
87:7a:4b:13:08:3b:9f:21:6a:e1:4a:3b:22:40:0b:9d:b8:c4:
2c:e1:69:62:8f:49:f3:d4:6c:92:3d:cb:1f:b5:20:c4:6d:d9:
c8:86:3e:d6:9e:ef:70:dc:22:39:b2:85:a7:5a:40:01:49:99:
24:dc:33:8f:90:e5:3c:04:00:dc:a7:b2:d8:d4:0f:f8:d3:11:
e8:c4:ac:20:ad:6e:df:2a:aa:04:9f:d4:11:76:b5:a1:82:c5:
85:42:8c:b3:4a:6f:c9:46:dc:ba:74:68:c6:9d:ed:e4:dd:2f:
72:f8:0a:a3:87:ad:ea:b2:99:21:aa:bb:2e:c8:24:17:70:9f:
b0:43:7d:55:e1:e2:b4:0a:2f:70:31:46:33:63:58:b6:30:1f:
40:6c:08:54:e5:95:f2:f5:9c:16:09:bb:33:14:be:7e:f9:88:
a7:d1:e2:df:23:a3:13:6f:4a:16:bd:bd:4d:88:07:b8:98:55:
41:e9:3b:50:6f:06:1a:95:6a:7d:66:43:13:b8:25:26:9d:4c:
0e:13:d0:83
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUCa2VXqiW7jvmuhq/59IAdo8qq9YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWU1NzY5OTYzODhlOTRiOGM3YWIyMGVmZmIyM2JkMTFi
ZWNiNDEwODAeFw0yNTA1MDIxMzQ5MDVaFw0yNjA1MDExMzU0MDVaMDMxMTAvBgNV
BAMTKEUyMUZCNTQ4NjVCRThDNUZFRDEyMzlBMDExNkJCRjdENTdCMkVBNkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4MJ14d7cCmu5aBOFGsTzvhu0V
iwnjCMtH2pOPN2wdKJd7YOGGVO5aCa5BMZYRh/IycEjewr3MyeCdkkAS4n7/2O8d
cNRwaEyOj9MeHVIxXcTdoXNs2r+jIKu8X7g8Dm2SdVOu860Q528t/VhrFiaKkk3C
ymg18mvApeEKZowVYXvmpKnXq58CX8ROHqrEeOrqTO6Pjzekn0VrLuhHkKlzrltb
oAnwkEA+OGGsZpRW/Bwfq5UbR/G6NVbiDEBBC56PpRYPdNCheocSSeyWHLHDREP4
EyVD6hdTGJtqK95be/6Sk8w73nK1lHnCuGCfCZMnq52kwAX2//0fddDsYX2BAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU4h+1SGW+jF/tEjmgEWu/fVey6m8wHwYDVR0j
BBgwFoAUnldpljiOlLjHqyDv+yO9Eb7LQQgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAtMmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2
MTIzLzAvOUU1NzY5OTYzODhFOTRCOEM3QUIyMEVGRkIyM0JEMTFCRUNCNDEwOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25sZHBsamlPbExqSHF5RHYteU85RWI3
TFFRZy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAt
MmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2MTIzLzAvMzgzNDJlMzEzOTJlMzEzNjMw
MmUzMDJmMzEzOTJkMzIzNDIwM2QzZTIwMzMzMTMxMzAzMy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBVQT
oDANBgkqhkiG9w0BAQsFAAOCAQEAJ1IEhlInnkYeIzXa1BdTmeppp9gHUSTkB1Z8
q454XYFxinFmAGhAG7U8fW1lIHyylOX+gCR1h3pLEwg7nyFq4Uo7IkALnbjELOFp
Yo9J89Rskj3LH7UgxG3ZyIY+1p7vcNwiObKFp1pAAUmZJNwzj5DlPAQA3Key2NQP
+NMR6MSsIK1u3yqqBJ/UEXa1oYLFhUKMs0pvyUbcunRoxp3t5N0vcvgKo4et6rKZ
Iaq7LsgkF3CfsEN9VeHitAovcDFGM2NYtjAfQGwIVOWV8vWcFgm7MxS+fvmIp9Hi
3yOjE29KFr29TYgHuJhVQek7UG8GGpVqfWZDE7glJp1MDhPQgw==
-----END CERTIFICATE-----
Generated at Mon May 5 11:53:57 2025 by rpki-client