Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136302e302f32342d3234203d3e203331313033.roa
File: 39352e3136392e3136302e302f32342d3234203d3e203331313033.roa (raw, json)
Hash identifier: 8vr1ZciHAkne0/U9xo8m/EZoMXPqvddsbCNMYo8K6Lc=
Subject key identifier: 55:DE:42:81:54:BB:A8:3B:88:35:9C:4B:70:03:95:EA:2A:8D:C2:5E
Certificate issuer: /CN=9e576996388e94b8c7ab20effb23bd11becb4108
Certificate serial: 1951554229D24366699A5FEACC478FBF15B7F638
Authority key identifier: 9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136302e302f32342d3234203d3e203331313033.roa
Signing time: Fri 02 May 2025 09:54:04 +0000
ROA not before: Fri 02 May 2025 09:49:04 +0000
ROA not after: Fri 01 May 2026 09:54:04 +0000
asID: 31103
IP address blocks: 95.169.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.mft
rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 13:15:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:51:55:42:29:d2:43:66:69:9a:5f:ea:cc:47:8f:bf:15:b7:f6:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e576996388e94b8c7ab20effb23bd11becb4108
Validity
Not Before: May 2 09:49:04 2025 GMT
Not After : May 1 09:54:04 2026 GMT
Subject: CN=55DE428154BBA83B88359C4B700395EA2A8DC25E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:29:3a:af:ce:26:68:3e:f9:86:23:e5:62:57:
90:06:b3:e1:a8:9a:10:69:1e:57:57:79:81:85:ba:
50:53:13:ea:4a:e5:a9:5a:20:20:06:56:f6:3f:16:
cb:8e:2f:47:f2:ca:b6:3e:b2:b6:31:d1:66:6f:98:
18:bd:93:4b:f7:62:ec:40:f3:70:ad:64:85:d5:43:
78:e1:88:6d:51:ee:50:83:f2:3d:90:bb:91:4d:b7:
e3:ff:75:c3:9c:56:85:88:ab:9f:9d:77:81:01:7c:
f9:50:36:32:d0:fa:e8:46:f8:2d:73:21:e8:b5:6d:
48:10:e8:4f:fb:de:ed:a6:c5:bb:0e:1f:e0:4c:50:
fb:ec:6e:16:65:e3:e9:18:37:55:5a:87:b7:ea:ce:
b1:5f:5e:bb:0b:bd:cd:30:9c:e4:11:bf:70:02:ff:
98:2c:e0:33:3a:e2:82:f6:a2:b8:44:44:a9:4c:c2:
0b:f1:3e:97:a2:4e:69:2c:5f:91:ca:1d:ca:97:ce:
da:92:82:97:0d:93:73:b9:5a:50:b5:a7:4f:9b:50:
b0:7d:bb:a1:8f:b7:f5:ac:fb:8c:5c:66:68:05:c8:
96:42:43:76:fd:61:52:f2:5b:76:b7:67:82:64:96:
86:46:81:86:7c:9b:56:41:5d:ad:8f:28:8a:1b:79:
ae:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:DE:42:81:54:BB:A8:3B:88:35:9C:4B:70:03:95:EA:2A:8D:C2:5E
X509v3 Authority Key Identifier:
keyid:9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136302e302f32342d3234203d3e203331313033.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.169.160.0/24
Signature Algorithm: sha256WithRSAEncryption
af:bc:4b:b6:e3:08:34:8e:8d:01:1c:34:b5:21:38:0a:3a:9a:
12:85:27:cd:54:82:eb:11:f4:b1:02:cc:48:d3:41:c1:6a:05:
a9:4b:93:a3:98:1f:da:81:13:96:ed:c3:25:e4:0d:1b:93:ec:
fd:d1:eb:a6:1c:23:85:68:83:ff:60:49:58:4a:40:fb:4c:40:
a1:40:6c:99:5c:33:54:08:9f:f6:74:1b:43:5d:56:15:b7:48:
df:2d:94:c2:ff:0e:98:63:b5:51:3d:a3:c7:df:aa:12:18:db:
30:be:1d:d6:3d:93:a3:d1:53:7e:ab:3b:48:a5:b6:ca:08:7b:
10:ea:30:a3:bc:67:35:f7:ae:99:7b:eb:b7:4b:41:b6:aa:1f:
81:82:77:d8:a3:fb:5e:7b:94:e7:b0:1d:fd:a1:57:1c:0b:eb:
5b:48:d5:29:94:6c:08:68:21:0c:3a:b9:f3:41:11:b2:08:20:
be:f6:d8:c2:5a:13:b4:03:be:53:74:15:ec:d2:52:d3:e0:52:
d0:33:a0:76:d7:8a:c2:7e:d6:0b:e6:82:59:ca:8b:56:a5:e4:
e7:61:62:d8:3d:13:14:1c:d6:fe:83:b3:2a:6b:4c:1b:c7:a0:
fa:89:93:8f:fb:7d:fa:85:3f:f5:a3:9a:f7:b4:65:c6:4b:91:
55:61:a2:2e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUGVFVQinSQ2Zpml/qzEePvxW39jgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWU1NzY5OTYzODhlOTRiOGM3YWIyMGVmZmIyM2JkMTFi
ZWNiNDEwODAeFw0yNTA1MDIwOTQ5MDRaFw0yNjA1MDEwOTU0MDRaMDMxMTAvBgNV
BAMTKDU1REU0MjgxNTRCQkE4M0I4ODM1OUM0QjcwMDM5NUVBMkE4REMyNUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOKTqvziZoPvmGI+ViV5AGs+Go
mhBpHldXeYGFulBTE+pK5alaICAGVvY/FsuOL0fyyrY+srYx0WZvmBi9k0v3YuxA
83CtZIXVQ3jhiG1R7lCD8j2Qu5FNt+P/dcOcVoWIq5+dd4EBfPlQNjLQ+uhG+C1z
Iei1bUgQ6E/73u2mxbsOH+BMUPvsbhZl4+kYN1Vah7fqzrFfXrsLvc0wnOQRv3AC
/5gs4DM64oL2orhERKlMwgvxPpeiTmksX5HKHcqXztqSgpcNk3O5WlC1p0+bULB9
u6GPt/Ws+4xcZmgFyJZCQ3b9YVLyW3a3Z4JkloZGgYZ8m1ZBXa2PKIobea4nAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUVd5CgVS7qDuINZxLcAOV6iqNwl4wHwYDVR0j
BBgwFoAUnldpljiOlLjHqyDv+yO9Eb7LQQgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAtMmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2
MTIzLzAvOUU1NzY5OTYzODhFOTRCOEM3QUIyMEVGRkIyM0JEMTFCRUNCNDEwOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25sZHBsamlPbExqSHF5RHYteU85RWI3
TFFRZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAt
MmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2MTIzLzAvMzkzNTJlMzEzNjM5MmUzMTM2
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzMxMzEzMDMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
X6mgMA0GCSqGSIb3DQEBCwUAA4IBAQCvvEu24wg0jo0BHDS1ITgKOpoShSfNVILr
EfSxAsxI00HBagWpS5OjmB/agROW7cMl5A0bk+z90eumHCOFaIP/YElYSkD7TECh
QGyZXDNUCJ/2dBtDXVYVt0jfLZTC/w6YY7VRPaPH36oSGNswvh3WPZOj0VN+qztI
pbbKCHsQ6jCjvGc1966Ze+u3S0G2qh+BgnfYo/tee5TnsB39oVccC+tbSNUplGwI
aCEMOrnzQRGyCCC+9tjCWhO0A75TdBXs0lLT4FLQM6B214rCftYL5oJZyotWpeTn
YWLYPRMUHNb+g7Mqa0wbx6D6iZOP+336hT/1o5r3tGXGS5FVYaIu
-----END CERTIFICATE-----
Generated at Wed May 7 06:30:28 2025 by rpki-client