Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e342e302f32342d3234203d3e20323134313433.roa
File: 3135392e3235332e342e302f32342d3234203d3e20323134313433.roa (raw, json)
Hash identifier: JO9eMRAwPS+hZf1UF8eYFlm1nYrsRkC7Oj1Lhed/bAU=
Subject key identifier: ED:A5:BE:A8:AA:FA:DF:A6:6F:68:47:1D:4E:AF:F7:CA:E4:AD:BF:58
Certificate issuer: /CN=4c189e42f35c944d463d9ea6501f093eb62ba785
Certificate serial: 0B67FF6FB651927BCFE0C3AB200B84582AAE94CC
Authority key identifier: 4C:18:9E:42:F3:5C:94:4D:46:3D:9E:A6:50:1F:09:3E:B6:2B:A7:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e342e302f32342d3234203d3e20323134313433.roa
Signing time: Thu 19 Jun 2025 12:14:05 +0000
ROA not before: Thu 19 Jun 2025 12:09:05 +0000
ROA not after: Thu 18 Jun 2026 12:14:05 +0000
asID: 214143
IP address blocks: 159.253.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.crl
rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.mft
rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 09:32:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:67:ff:6f:b6:51:92:7b:cf:e0:c3:ab:20:0b:84:58:2a:ae:94:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c189e42f35c944d463d9ea6501f093eb62ba785
Validity
Not Before: Jun 19 12:09:05 2025 GMT
Not After : Jun 18 12:14:05 2026 GMT
Subject: CN=EDA5BEA8AAFADFA66F68471D4EAFF7CAE4ADBF58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:23:f6:11:ee:72:ab:fe:81:a8:bf:81:32:c9:
82:5a:97:34:ac:de:bf:8f:fd:47:b1:72:43:29:5c:
7b:04:e8:7d:31:0c:ab:de:ca:53:de:8d:f1:bd:a6:
4e:c6:33:ea:9d:ec:12:8f:bd:af:f8:7b:35:27:64:
79:76:11:24:7f:56:34:bd:57:8d:7c:4b:50:b6:67:
2e:cf:26:42:a8:d7:48:82:a3:9c:7f:0d:a1:9c:2e:
68:bf:c7:a9:09:79:cc:f3:b2:1f:33:76:c4:b5:97:
28:fa:6a:f7:c2:81:26:02:72:a3:37:71:58:6a:b7:
23:cb:4f:2f:1c:7d:92:bd:a9:f2:7f:53:f0:64:74:
2b:07:ec:7a:64:9b:97:6a:8c:81:cb:ce:32:0c:ec:
f9:93:ba:95:9a:f5:7f:bd:a0:9c:a2:17:aa:3a:86:
ec:1c:8e:96:03:90:40:c3:ad:9f:b5:26:63:68:5e:
b1:22:66:7d:1b:2c:72:c8:2f:e4:5c:c8:2f:dd:f7:
90:8c:18:16:82:84:ea:7e:d1:24:73:01:10:ac:2b:
0c:dd:ae:90:a3:9d:92:7f:83:02:68:f7:24:a2:46:
4e:6d:4f:b0:79:8a:97:b9:6b:29:7f:e2:fd:7a:e0:
5a:d9:5e:52:0e:bf:ff:01:94:ac:94:42:e4:59:78:
0d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:A5:BE:A8:AA:FA:DF:A6:6F:68:47:1D:4E:AF:F7:CA:E4:AD:BF:58
X509v3 Authority Key Identifier:
keyid:4C:18:9E:42:F3:5C:94:4D:46:3D:9E:A6:50:1F:09:3E:B6:2B:A7:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e342e302f32342d3234203d3e20323134313433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.253.4.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:f6:fe:18:7c:d3:11:55:89:78:82:d5:be:0e:da:af:ca:86:
d1:04:9c:3d:0c:3d:4b:38:00:c8:3a:94:05:9f:34:08:b6:41:
6b:54:9a:6b:bd:1f:0a:49:37:c1:c6:77:af:d7:d6:7d:80:e1:
ff:05:44:6f:eb:e2:08:7a:60:67:2f:8a:de:5a:fa:70:a3:4a:
9d:cb:7c:19:f6:19:46:c3:71:43:a0:c3:a6:7a:0e:df:2c:4c:
46:c7:5c:84:d3:8a:07:97:b5:45:67:21:6d:6c:54:86:03:99:
fa:e4:05:65:0d:eb:00:8c:57:1a:e1:41:28:04:b8:05:24:9d:
9b:6b:fa:f1:76:77:44:69:b7:b4:bd:da:ce:5a:45:5b:54:d2:
11:6e:0d:91:12:f2:97:99:0a:b9:81:b1:cf:f9:ea:02:7c:f6:
00:7e:ce:f4:c7:ad:4a:e6:87:de:b5:b4:11:96:58:72:74:58:
2d:82:a5:30:a5:45:cc:b4:71:81:1e:93:4e:48:e7:70:54:fd:
e5:b3:44:3e:4a:b9:14:8e:f8:d5:bc:42:eb:a2:90:b0:79:23:
1e:e2:cc:e1:01:a5:f8:97:2d:24:31:14:8a:e9:e1:7b:dd:7f:
ce:59:e0:41:b4:b6:5c:3c:9a:49:0d:ed:20:01:10:90:f0:d1:
b3:36:af:97
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUC2f/b7ZRknvP4MOrIAuEWCqulMwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGMxODllNDJmMzVjOTQ0ZDQ2M2Q5ZWE2NTAxZjA5M2Vi
NjJiYTc4NTAeFw0yNTA2MTkxMjA5MDVaFw0yNjA2MTgxMjE0MDVaMDMxMTAvBgNV
BAMTKEVEQTVCRUE4QUFGQURGQTY2RjY4NDcxRDRFQUZGN0NBRTRBREJGNTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6I/YR7nKr/oGov4EyyYJalzSs
3r+P/UexckMpXHsE6H0xDKveylPejfG9pk7GM+qd7BKPva/4ezUnZHl2ESR/VjS9
V418S1C2Zy7PJkKo10iCo5x/DaGcLmi/x6kJeczzsh8zdsS1lyj6avfCgSYCcqM3
cVhqtyPLTy8cfZK9qfJ/U/BkdCsH7Hpkm5dqjIHLzjIM7PmTupWa9X+9oJyiF6o6
huwcjpYDkEDDrZ+1JmNoXrEiZn0bLHLIL+RcyC/d95CMGBaChOp+0SRzARCsKwzd
rpCjnZJ/gwJo9ySiRk5tT7B5ipe5ayl/4v164FrZXlIOv/8BlKyUQuRZeA2pAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU7aW+qKr636ZvaEcdTq/3yuStv1gwHwYDVR0j
BBgwFoAUTBieQvNclE1GPZ6mUB8JPrYrp4UwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2U1MTBlMTctMzFmYS00MTRiLTk4OWUtMDI2ZGJiNmZk
ZjUxLzAvNEMxODlFNDJGMzVDOTQ0RDQ2M0Q5RUE2NTAxRjA5M0VCNjJCQTc4NS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RCaWVRdk5jbEUxR1BaNm1VQjhKUHJZ
cnA0VS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2U1MTBlMTct
MzFmYS00MTRiLTk4OWUtMDI2ZGJiNmZkZjUxLzAvMzEzNTM5MmUzMjM1MzMyZTM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM0MzEzNDMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
n/0EMA0GCSqGSIb3DQEBCwUAA4IBAQAq9v4YfNMRVYl4gtW+DtqvyobRBJw9DD1L
OADIOpQFnzQItkFrVJprvR8KSTfBxnev19Z9gOH/BURv6+IIemBnL4reWvpwo0qd
y3wZ9hlGw3FDoMOmeg7fLExGx1yE04oHl7VFZyFtbFSGA5n65AVlDesAjFca4UEo
BLgFJJ2ba/rxdndEabe0vdrOWkVbVNIRbg2REvKXmQq5gbHP+eoCfPYAfs70x61K
5ofetbQRllhydFgtgqUwpUXMtHGBHpNOSOdwVP3ls0Q+SrkUjvjVvELropCweSMe
4szhAaX4ly0kMRSK6eF73X/OWeBBtLZcPJpJDe0gARCQ8NGzNq+X
-----END CERTIFICATE-----
Generated at Sun Jun 29 17:54:27 2025 by rpki-client