Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3137362e302f32342d3234203d3e203631333137.roa
File: 39352e3136392e3137362e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: LF3Qt516rCvmBJenhsc1+JrkzXOx4CnXdZEvvGLMG0Q=
Subject key identifier: 29:1A:C8:BD:E5:33:3D:E9:F5:29:45:69:EF:67:F7:A1:EF:5E:D2:E6
Certificate issuer: /CN=9e576996388e94b8c7ab20effb23bd11becb4108
Certificate serial: 0C602FEC8AA4421D6E01114E3827E524D9DCC498
Authority key identifier: 9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3137362e302f32342d3234203d3e203631333137.roa
Signing time: Mon 12 May 2025 14:01:04 +0000
ROA not before: Mon 12 May 2025 13:56:04 +0000
ROA not after: Mon 11 May 2026 14:01:04 +0000
asID: 61317
IP address blocks: 95.169.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.mft
rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:60:2f:ec:8a:a4:42:1d:6e:01:11:4e:38:27:e5:24:d9:dc:c4:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e576996388e94b8c7ab20effb23bd11becb4108
Validity
Not Before: May 12 13:56:04 2025 GMT
Not After : May 11 14:01:04 2026 GMT
Subject: CN=291AC8BDE5333DE9F5294569EF67F7A1EF5ED2E6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:be:48:46:78:13:d5:dd:f9:73:b2:13:ac:51:
f2:80:fc:5b:0f:4a:98:ec:4a:22:0b:01:97:77:dd:
7c:41:5d:ce:d7:66:52:b8:3d:f2:8c:99:0b:f2:55:
a0:90:19:f1:95:fa:ce:08:42:51:26:31:1a:f3:d5:
8e:23:80:5b:fa:21:9b:d3:76:84:fc:56:d6:17:ee:
3b:68:99:cf:86:66:ba:e3:b8:ce:0b:92:8b:68:1b:
5d:d3:39:7c:08:13:0f:b2:b7:67:4f:98:ec:dd:a4:
26:f6:1f:c5:59:ea:1d:ba:8b:c3:64:19:46:fa:e5:
43:18:49:ff:a9:c8:1a:dc:ff:c2:2b:89:c5:ab:7b:
f1:8b:ac:d0:ab:33:6f:62:49:14:93:e1:7b:45:38:
b7:cc:47:65:46:42:ba:9b:34:f7:a1:01:a2:b1:19:
b3:60:f2:90:6c:8f:cf:ab:d0:4f:a2:9d:b8:cb:28:
ed:35:71:13:61:20:cc:03:d1:a2:71:e9:52:34:3f:
2a:0c:d7:83:5f:91:b7:d9:c2:7e:30:a6:db:81:1e:
a8:32:8a:d5:c0:55:2c:f2:67:ce:f5:1e:5c:48:c7:
f0:ca:6f:d5:ba:7f:9d:47:7c:dd:64:24:de:90:a7:
fe:22:01:14:a1:28:45:6a:ce:c4:97:67:96:07:a7:
c1:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:1A:C8:BD:E5:33:3D:E9:F5:29:45:69:EF:67:F7:A1:EF:5E:D2:E6
X509v3 Authority Key Identifier:
keyid:9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3137362e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.169.176.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:54:26:8a:12:68:17:92:fb:bb:69:7d:42:2a:94:16:f4:66:
4d:1b:48:22:a2:98:95:65:9c:50:37:79:79:9c:a5:ba:a4:d6:
1b:e7:02:21:07:69:ee:82:37:d0:e5:f2:70:54:81:99:3b:f9:
d4:7e:1c:21:2f:45:f9:2f:77:fb:de:46:16:92:f1:86:e1:81:
0b:b7:0b:e6:a1:23:d0:9a:49:c0:24:b8:60:8a:dc:0c:72:15:
db:16:3f:4b:d0:51:b4:d8:d6:28:68:2c:93:2d:b0:50:64:8d:
ab:55:06:58:b9:55:6e:ae:1a:c3:0d:7e:ef:3c:a1:9e:77:11:
e7:9c:2c:8b:25:72:cf:c4:6c:bc:7e:0b:e9:03:4f:01:5a:96:
1b:1b:df:c5:92:b1:0c:41:d4:71:7c:90:ef:ae:81:3c:2e:0b:
9c:f4:57:27:34:f1:04:cc:34:4c:75:9b:18:4e:68:1d:f1:93:
9c:b6:52:cd:2f:ef:f8:4b:af:36:cc:54:67:df:bd:7d:88:e7:
7d:e5:9d:8d:17:b5:98:ba:79:e5:c4:8f:2b:61:0d:9c:d0:54:
a0:92:bb:7a:49:6a:9b:ac:2a:fd:fa:aa:aa:99:ff:cc:7b:41:
fa:07:a5:03:c0:32:73:68:76:5e:aa:39:33:73:3f:21:82:60:
84:01:e3:c7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUDGAv7IqkQh1uARFOOCflJNncxJgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWU1NzY5OTYzODhlOTRiOGM3YWIyMGVmZmIyM2JkMTFi
ZWNiNDEwODAeFw0yNTA1MTIxMzU2MDRaFw0yNjA1MTExNDAxMDRaMDMxMTAvBgNV
BAMTKDI5MUFDOEJERTUzMzNERTlGNTI5NDU2OUVGNjdGN0ExRUY1RUQyRTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrvkhGeBPV3flzshOsUfKA/FsP
SpjsSiILAZd33XxBXc7XZlK4PfKMmQvyVaCQGfGV+s4IQlEmMRrz1Y4jgFv6IZvT
doT8VtYX7jtomc+GZrrjuM4LkotoG13TOXwIEw+yt2dPmOzdpCb2H8VZ6h26i8Nk
GUb65UMYSf+pyBrc/8IricWre/GLrNCrM29iSRST4XtFOLfMR2VGQrqbNPehAaKx
GbNg8pBsj8+r0E+inbjLKO01cRNhIMwD0aJx6VI0PyoM14NfkbfZwn4wptuBHqgy
itXAVSzyZ871HlxIx/DKb9W6f51HfN1kJN6Qp/4iARShKEVqzsSXZ5YHp8HTAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUKRrIveUzPen1KUVp72f3oe9e0uYwHwYDVR0j
BBgwFoAUnldpljiOlLjHqyDv+yO9Eb7LQQgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAtMmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2
MTIzLzAvOUU1NzY5OTYzODhFOTRCOEM3QUIyMEVGRkIyM0JEMTFCRUNCNDEwOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25sZHBsamlPbExqSHF5RHYteU85RWI3
TFFRZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAt
MmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2MTIzLzAvMzkzNTJlMzEzNjM5MmUzMTM3
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMxMzMzMTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
X6mwMA0GCSqGSIb3DQEBCwUAA4IBAQA9VCaKEmgXkvu7aX1CKpQW9GZNG0giopiV
ZZxQN3l5nKW6pNYb5wIhB2nugjfQ5fJwVIGZO/nUfhwhL0X5L3f73kYWkvGG4YEL
twvmoSPQmknAJLhgitwMchXbFj9L0FG02NYoaCyTLbBQZI2rVQZYuVVurhrDDX7v
PKGedxHnnCyLJXLPxGy8fgvpA08BWpYbG9/FkrEMQdRxfJDvroE8Lguc9FcnNPEE
zDRMdZsYTmgd8ZOctlLNL+/4S682zFRn3719iOd95Z2NF7WYunnlxI8rYQ2c0FSg
krt6SWqbrCr9+qqqmf/Me0H6B6UDwDJzaHZeqjkzcz8hgmCEAePH
-----END CERTIFICATE-----
Generated at Sun Jun 29 08:50:02 2025 by rpki-client