Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38392e3134372e3130322e302f32332d3332203d3e203531313637.roa
File: 38392e3134372e3130322e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: Wxt6bffnZiqyDhbYbu3WES5eUJD36zTgpNTko+WUrf0=
Subject key identifier: 69:70:03:96:03:ED:5C:25:21:EA:05:A0:95:93:A9:30:79:3C:FC:7E
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0D59B9C9E82F5B50D34EF4D6D8CCF6396AAA27A5
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38392e3134372e3130322e302f32332d3332203d3e203531313637.roa
Signing time: Thu 01 May 2025 20:46:11 +0000
ROA not before: Thu 01 May 2025 20:41:11 +0000
ROA not after: Thu 30 Apr 2026 20:46:11 +0000
asID: 51167
IP address blocks: 89.147.102.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 11:20:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:59:b9:c9:e8:2f:5b:50:d3:4e:f4:d6:d8:cc:f6:39:6a:aa:27:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 1 20:41:11 2025 GMT
Not After : Apr 30 20:46:11 2026 GMT
Subject: CN=6970039603ED5C2521EA05A09593A930793CFC7E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:cb:39:64:2c:55:f5:ec:b2:0e:7c:49:a0:a4:
25:3a:2a:e3:3f:9e:3b:74:bc:84:0e:21:69:0e:3c:
1a:85:d5:2b:48:87:17:72:67:27:9c:fd:5e:9e:aa:
bb:c0:8d:74:ce:74:91:8c:c1:e5:49:10:e0:b7:12:
d6:e3:63:3c:c7:03:8b:50:70:69:43:77:14:91:79:
d3:59:a6:8b:ee:47:49:cd:34:66:79:e4:c6:82:8b:
a0:0f:8b:62:77:f5:86:7c:84:5c:b0:dd:3e:8f:da:
0c:f3:b1:fb:aa:a4:e6:15:8d:17:e4:aa:be:3d:ab:
56:5a:0d:80:ef:31:54:bb:9a:36:26:5f:d4:7a:6d:
46:99:12:7c:37:76:77:39:32:e0:e6:bd:00:8e:49:
16:14:e1:af:77:a9:16:05:31:a9:a2:98:3d:b4:99:
e7:14:44:d4:8e:28:a2:bb:e2:5e:98:1c:f9:ca:b0:
03:d1:5f:f3:cd:ae:fe:8e:58:3e:83:d5:c7:74:e7:
6a:95:47:43:c8:c1:4f:07:b9:5e:ed:4d:dc:84:96:
cd:02:1a:cf:90:22:d1:da:fe:6a:68:08:03:2a:62:
f2:fc:40:b9:41:9a:2b:52:99:09:11:cf:ae:eb:58:
d8:f1:1f:4f:11:1b:ce:c7:75:6c:c2:97:e6:77:e2:
3b:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:70:03:96:03:ED:5C:25:21:EA:05:A0:95:93:A9:30:79:3C:FC:7E
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38392e3134372e3130322e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.147.102.0/23
Signature Algorithm: sha256WithRSAEncryption
24:34:8a:5e:06:50:e2:af:86:04:e6:f8:da:2f:f7:0e:07:41:
82:b1:37:74:75:55:46:f2:0a:4d:24:86:4a:d7:ee:16:59:a0:
f0:72:8d:d7:50:81:21:39:e6:f1:1f:d9:30:ba:ea:9d:02:ed:
f3:f0:02:6c:2e:c2:d9:ed:20:ac:02:62:91:c2:92:28:92:8f:
57:87:6a:20:78:03:e9:a2:7c:03:98:b5:2d:3c:74:95:f9:4f:
ce:20:8d:d0:08:97:0e:86:11:e3:af:6e:de:6a:b7:c3:80:a3:
6d:f2:49:49:ef:84:04:ca:cb:76:fe:88:7c:69:53:1c:2a:ae:
f9:37:3c:57:99:65:0a:76:d8:4b:8a:79:a0:5d:df:10:d0:cd:
29:ee:21:84:98:24:11:1e:e2:e4:ff:b7:00:a2:bf:b7:e2:0c:
8d:c4:3b:4b:51:a0:7e:a4:23:73:8e:ab:3b:44:07:15:94:ba:
b9:b9:7a:62:55:14:ad:dc:29:1b:96:73:33:95:2e:12:ca:55:
dc:f8:ad:c5:42:4d:e5:b6:79:6a:7e:d1:f0:0e:3b:32:6c:b8:
f8:59:f5:6f:08:b6:c1:98:d4:5f:00:b6:03:ce:35:eb:8f:52:
77:ce:18:d3:53:44:a8:85:9b:b2:9a:39:2a:78:39:25:ea:31:
6e:19:ca:e0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUDVm5yegvW1DTTvTW2Mz2OWqqJ6UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA1MDEyMDQxMTFaFw0yNjA0MzAyMDQ2MTFaMDMxMTAvBgNV
BAMTKDY5NzAwMzk2MDNFRDVDMjUyMUVBMDVBMDk1OTNBOTMwNzkzQ0ZDN0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGyzlkLFX17LIOfEmgpCU6KuM/
njt0vIQOIWkOPBqF1StIhxdyZyec/V6eqrvAjXTOdJGMweVJEOC3EtbjYzzHA4tQ
cGlDdxSRedNZpovuR0nNNGZ55MaCi6APi2J39YZ8hFyw3T6P2gzzsfuqpOYVjRfk
qr49q1ZaDYDvMVS7mjYmX9R6bUaZEnw3dnc5MuDmvQCOSRYU4a93qRYFMamimD20
mecURNSOKKK74l6YHPnKsAPRX/PNrv6OWD6D1cd052qVR0PIwU8HuV7tTdyEls0C
Gs+QItHa/mpoCAMqYvL8QLlBmitSmQkRz67rWNjxH08RG87HdWzCl+Z34jtRAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUaXADlgPtXCUh6gWglZOpMHk8/H4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzOTJlMzEzNDM3MmUzMTMw
MzIyZTMwMmYzMjMzMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
WZNmMA0GCSqGSIb3DQEBCwUAA4IBAQAkNIpeBlDir4YE5vjaL/cOB0GCsTd0dVVG
8gpNJIZK1+4WWaDwco3XUIEhOebxH9kwuuqdAu3z8AJsLsLZ7SCsAmKRwpIoko9X
h2ogeAPponwDmLUtPHSV+U/OII3QCJcOhhHjr27earfDgKNt8klJ74QEyst2/oh8
aVMcKq75NzxXmWUKdthLinmgXd8Q0M0p7iGEmCQRHuLk/7cAor+34gyNxDtLUaB+
pCNzjqs7RAcVlLq5uXpiVRSt3CkblnMzlS4SylXc+K3FQk3ltnlqftHwDjsybLj4
WfVvCLbBmNRfALYDzjXrj1J3zhjTU0SohZuymjkqeDkl6jFuGcrg
-----END CERTIFICATE-----
Generated at Tue May 6 16:11:10 2025 by rpki-client