Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e31342e3132382e302f32332d3234203d3e20323034313730.roa
File: 3134352e31342e3132382e302f32332d3234203d3e20323034313730.roa (raw, json)
Hash identifier: S+wqb1slNdap0q+KIg6R7K//2bfgDghe+xv/nLQwiUI=
Subject key identifier: F0:EB:1A:78:96:24:4F:81:CD:17:66:D8:A1:E2:CB:90:F1:5F:C6:C3
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0D9BBBCF1BF93A7660B1FA6FF2AE79F015D95806
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e31342e3132382e302f32332d3234203d3e20323034313730.roa
Signing time: Mon 21 Apr 2025 10:17:53 +0000
ROA not before: Mon 21 Apr 2025 10:12:53 +0000
ROA not after: Mon 20 Apr 2026 10:17:53 +0000
asID: 204170
IP address blocks: 145.14.128.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 09 May 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:9b:bb:cf:1b:f9:3a:76:60:b1:fa:6f:f2:ae:79:f0:15:d9:58:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 21 10:12:53 2025 GMT
Not After : Apr 20 10:17:53 2026 GMT
Subject: CN=F0EB1A7896244F81CD1766D8A1E2CB90F15FC6C3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:a3:2b:f6:30:43:dc:14:4b:b3:cb:c5:e9:22:
e0:bf:77:b3:4b:6a:7c:8a:d5:b2:d7:55:e3:e3:58:
d7:af:6c:ef:be:1f:e9:a4:36:e6:75:06:40:b5:89:
e8:41:ea:f7:44:36:67:43:1d:f2:94:6d:7e:c3:4f:
5f:dd:c6:3c:08:3e:3e:63:2c:a1:a0:26:16:24:32:
2e:65:ca:11:06:74:ce:05:13:82:50:4a:94:da:b8:
b1:3e:9f:75:35:25:18:95:25:b1:c8:76:ba:99:26:
b6:7a:a4:58:85:0a:38:c2:d2:6c:39:d5:fd:52:3c:
dc:c3:2e:16:97:b1:ba:a4:d8:74:d7:db:0d:e4:22:
39:f0:b7:e5:36:cd:b9:29:3b:b8:10:69:12:6e:a5:
87:bc:55:47:d2:81:48:b4:0a:08:4b:88:35:2e:d6:
e6:b5:69:de:14:8d:cf:4a:70:8f:dc:76:11:c1:e8:
32:29:56:eb:20:7b:73:3c:bd:b9:0d:d3:40:17:f3:
24:78:f1:68:9c:3d:97:a4:73:1c:8b:3c:ea:c4:4a:
8c:ad:06:42:12:ab:a7:05:b4:a1:fa:19:ae:64:8d:
a0:52:1e:6d:52:a3:d6:96:9b:b4:e0:01:34:07:96:
d3:c4:f3:2a:94:d2:8f:9f:85:6b:be:a4:de:12:bc:
ec:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:EB:1A:78:96:24:4F:81:CD:17:66:D8:A1:E2:CB:90:F1:5F:C6:C3
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e31342e3132382e302f32332d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.14.128.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:cc:10:29:11:d9:be:23:e1:71:f0:b8:99:6b:e9:3c:0c:cc:
6c:63:37:09:4b:f8:f1:2c:2c:c9:28:c1:5c:42:98:35:e1:87:
b8:c0:61:56:d8:bb:72:61:14:c6:06:e4:cf:06:eb:0d:09:30:
77:69:22:de:bc:4f:09:b2:51:b8:6d:10:f3:52:71:16:02:12:
0a:c8:b5:01:fb:0a:b6:70:8c:ce:f9:b1:98:c7:47:6e:29:38:
ee:02:18:3b:19:b7:5b:b9:ad:56:1d:cf:c1:e3:e5:89:2f:f2:
3f:cd:cd:85:56:8f:18:a3:81:58:34:14:c3:d3:e5:e4:a7:a6:
73:f7:da:3b:f9:52:0a:4b:0f:5c:fb:34:51:b5:17:0e:e4:e5:
b9:72:2c:aa:22:89:55:aa:6f:84:2a:85:fc:78:2d:95:7f:a4:
35:61:f9:56:9a:c6:0a:3e:3b:02:fa:58:92:73:83:65:b6:ed:
e9:2e:a3:b6:1a:40:ed:5d:a8:25:aa:3a:db:be:3f:90:b4:10:
93:47:ef:c6:2d:b1:25:b3:f5:1a:a3:87:dd:a9:3e:92:06:46:
5f:07:c5:82:14:3a:c9:4e:d2:49:b8:2c:fc:86:5e:45:76:00:
ac:3e:dd:5a:5e:ef:fb:8b:d4:3e:55:42:19:3f:fa:ca:31:9a:
ed:ea:b1:a1
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUDZu7zxv5OnZgsfpv8q558BXZWAYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA0MjExMDEyNTNaFw0yNjA0MjAxMDE3NTNaMDMxMTAvBgNV
BAMTKEYwRUIxQTc4OTYyNDRGODFDRDE3NjZEOEExRTJDQjkwRjE1RkM2QzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPoyv2MEPcFEuzy8XpIuC/d7NL
anyK1bLXVePjWNevbO++H+mkNuZ1BkC1iehB6vdENmdDHfKUbX7DT1/dxjwIPj5j
LKGgJhYkMi5lyhEGdM4FE4JQSpTauLE+n3U1JRiVJbHIdrqZJrZ6pFiFCjjC0mw5
1f1SPNzDLhaXsbqk2HTX2w3kIjnwt+U2zbkpO7gQaRJupYe8VUfSgUi0CghLiDUu
1ua1ad4Ujc9KcI/cdhHB6DIpVusge3M8vbkN00AX8yR48WicPZekcxyLPOrESoyt
BkISq6cFtKH6Ga5kjaBSHm1So9aWm7TgATQHltPE8yqU0o+fhWu+pN4SvOwnAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU8OsaeJYkT4HNF2bYoeLLkPFfxsMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzMTM0MmUzMTMy
MzgyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzMjMwMzQzMTM3MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAGRDoAwDQYJKoZIhvcNAQELBQADggEBAAvMECkR2b4j4XHwuJlr6TwMzGxjNwlL
+PEsLMkowVxCmDXhh7jAYVbYu3JhFMYG5M8G6w0JMHdpIt68TwmyUbhtEPNScRYC
EgrItQH7CrZwjM75sZjHR24pOO4CGDsZt1u5rVYdz8Hj5Ykv8j/NzYVWjxijgVg0
FMPT5eSnpnP32jv5UgpLD1z7NFG1Fw7k5blyLKoiiVWqb4Qqhfx4LZV/pDVh+Vaa
xgo+OwL6WJJzg2W27ekuo7YaQO1dqCWqOtu+P5C0EJNH78YtsSWz9Rqjh92pPpIG
Rl8HxYIUOslO0km4LPyGXkV2AKw+3Vpe7/uL1D5VQhk/+soxmu3qsaE=
-----END CERTIFICATE-----
Generated at Thu May 8 10:09:17 2025 by rpki-client