Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3138392e302f32342d3234203d3e203331313033.roa
File: 39352e3136392e3138392e302f32342d3234203d3e203331313033.roa (raw, json)
Hash identifier: GOon70I5uhhs/nnQp16QL9ir1jKCr0nAP5fOjpanC0o=
Subject key identifier: 8B:B1:FB:4B:2D:CE:24:4C:E5:71:AA:E9:CA:05:12:B4:7A:41:7A:BE
Certificate issuer: /CN=9e576996388e94b8c7ab20effb23bd11becb4108
Certificate serial: 43444BBABB0013D5171C59C88886FFEDA1B39373
Authority key identifier: 9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3138392e302f32342d3234203d3e203331313033.roa
Signing time: Fri 02 May 2025 09:54:04 +0000
ROA not before: Fri 02 May 2025 09:49:04 +0000
ROA not after: Fri 01 May 2026 09:54:04 +0000
asID: 31103
IP address blocks: 95.169.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.mft
rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 09 May 2025 18:41:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:44:4b:ba:bb:00:13:d5:17:1c:59:c8:88:86:ff:ed:a1:b3:93:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e576996388e94b8c7ab20effb23bd11becb4108
Validity
Not Before: May 2 09:49:04 2025 GMT
Not After : May 1 09:54:04 2026 GMT
Subject: CN=8BB1FB4B2DCE244CE571AAE9CA0512B47A417ABE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:62:7d:b7:90:71:63:86:2d:55:a8:e3:11:ed:
13:dc:f4:e4:2d:d4:41:d5:dd:c2:8b:dd:e6:3d:b6:
b9:73:a4:8a:10:62:d5:ad:b2:39:20:03:40:fe:fd:
50:f7:41:0c:8b:3e:26:16:24:d0:44:f9:bf:b3:4a:
88:21:91:f7:4f:be:fb:ab:ea:23:2a:9e:a3:7e:5f:
ba:a6:42:aa:85:63:80:4c:ea:ea:85:76:70:f2:35:
f5:70:f5:b3:23:bf:28:ef:10:c4:aa:d4:74:98:00:
31:53:2a:8c:ec:05:82:06:99:0b:b1:8a:22:1e:e7:
04:db:57:39:7d:b4:63:87:36:44:1e:36:7e:65:1f:
3e:31:76:2c:86:9e:fb:05:4e:c9:44:2b:be:a9:b3:
0e:a5:d8:85:52:7f:46:c7:74:af:4d:a7:b5:a4:19:
e4:83:09:f8:f0:d4:1d:dd:dc:83:6d:ae:d5:31:84:
79:46:db:d2:27:59:6d:21:df:f3:27:bb:b2:ce:fd:
90:6f:0f:bd:e0:51:e7:36:ba:60:6e:38:cc:23:d8:
69:95:14:08:e9:54:51:a9:4f:c4:f2:34:05:74:63:
42:6d:59:ed:20:bf:f4:01:8c:6a:53:9b:d7:66:29:
ac:bb:8a:dd:a1:e4:5e:45:a3:3b:eb:04:71:d4:c3:
1f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:B1:FB:4B:2D:CE:24:4C:E5:71:AA:E9:CA:05:12:B4:7A:41:7A:BE
X509v3 Authority Key Identifier:
keyid:9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3138392e302f32342d3234203d3e203331313033.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.169.189.0/24
Signature Algorithm: sha256WithRSAEncryption
73:fb:df:49:fc:47:be:e8:6b:02:f3:c3:cd:8c:27:2c:9a:a2:
4e:57:41:f9:ac:3c:ac:9b:c6:2a:80:8c:8e:ba:79:fd:4b:3f:
6e:7c:99:47:9d:d2:3c:17:a4:37:00:cc:85:82:61:7c:aa:1e:
c0:01:58:e5:50:3e:86:7f:60:a0:d3:cd:4c:c0:6b:92:fc:8f:
7c:8e:ae:0c:43:75:e6:7d:55:e1:a9:a3:65:49:7d:09:42:89:
52:7e:e3:e0:da:0a:c6:de:70:02:62:da:ac:39:be:6c:7e:70:
e6:cf:e6:de:00:d3:2c:76:2c:f5:c7:08:8e:bd:b2:56:0f:60:
e7:dc:cd:ce:b8:3f:54:96:c1:2a:6d:24:39:61:45:e8:b3:e3:
5b:7a:a8:cf:97:c4:d8:8e:21:6a:ed:0a:59:f5:3c:f4:7c:58:
e6:ae:bc:3c:8b:7c:1f:d2:92:25:80:2d:48:56:b6:6c:a8:ea:
3f:19:2b:1f:ad:22:39:7f:fe:6c:13:8b:95:18:3d:b8:f7:3c:
26:e9:6a:69:59:1a:bf:25:b2:b8:ce:02:f7:70:b0:67:5a:09:
d0:dc:1c:45:4c:ae:62:da:71:37:3c:a1:b2:e4:f2:14:e5:96:
28:da:05:c4:f4:13:a6:b3:8b:76:c9:e1:c8:ac:7f:ff:f4:1e:
69:76:ee:d7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUQ0RLursAE9UXHFnIiIb/7aGzk3MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWU1NzY5OTYzODhlOTRiOGM3YWIyMGVmZmIyM2JkMTFi
ZWNiNDEwODAeFw0yNTA1MDIwOTQ5MDRaFw0yNjA1MDEwOTU0MDRaMDMxMTAvBgNV
BAMTKDhCQjFGQjRCMkRDRTI0NENFNTcxQUFFOUNBMDUxMkI0N0E0MTdBQkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjYn23kHFjhi1VqOMR7RPc9OQt
1EHV3cKL3eY9trlzpIoQYtWtsjkgA0D+/VD3QQyLPiYWJNBE+b+zSoghkfdPvvur
6iMqnqN+X7qmQqqFY4BM6uqFdnDyNfVw9bMjvyjvEMSq1HSYADFTKozsBYIGmQux
iiIe5wTbVzl9tGOHNkQeNn5lHz4xdiyGnvsFTslEK76psw6l2IVSf0bHdK9Np7Wk
GeSDCfjw1B3d3INtrtUxhHlG29InWW0h3/Mnu7LO/ZBvD73gUec2umBuOMwj2GmV
FAjpVFGpT8TyNAV0Y0JtWe0gv/QBjGpTm9dmKay7it2h5F5FozvrBHHUwx/zAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUi7H7Sy3OJEzlcarpygUStHpBer4wHwYDVR0j
BBgwFoAUnldpljiOlLjHqyDv+yO9Eb7LQQgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAtMmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2
MTIzLzAvOUU1NzY5OTYzODhFOTRCOEM3QUIyMEVGRkIyM0JEMTFCRUNCNDEwOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25sZHBsamlPbExqSHF5RHYteU85RWI3
TFFRZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAt
MmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2MTIzLzAvMzkzNTJlMzEzNjM5MmUzMTM4
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzMxMzEzMDMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
X6m9MA0GCSqGSIb3DQEBCwUAA4IBAQBz+99J/Ee+6GsC88PNjCcsmqJOV0H5rDys
m8YqgIyOunn9Sz9ufJlHndI8F6Q3AMyFgmF8qh7AAVjlUD6Gf2Cg081MwGuS/I98
jq4MQ3XmfVXhqaNlSX0JQolSfuPg2grG3nACYtqsOb5sfnDmz+beANMsdiz1xwiO
vbJWD2Dn3M3OuD9UlsEqbSQ5YUXos+NbeqjPl8TYjiFq7QpZ9Tz0fFjmrrw8i3wf
0pIlgC1IVrZsqOo/GSsfrSI5f/5sE4uVGD249zwm6WppWRq/JbK4zgL3cLBnWgnQ
3BxFTK5i2nE3PKGy5PIU5ZYo2gXE9BOms4t2yeHIrH//9B5pdu7X
-----END CERTIFICATE-----
Generated at Fri May 9 07:36:38 2025 by rpki-client