Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3136372e302f32342d3234203d3e20323134313433.roa
File: 3134352e37392e3136372e302f32342d3234203d3e20323134313433.roa (raw, json)
Hash identifier: 0K8gMDD2aD7kDcc/ZE8fFzem/e+h3Kl4TJy2JEEkt6M=
Subject key identifier: B5:64:6E:45:02:96:EB:04:DC:C6:F8:50:7D:1D:40:7C:68:A8:EB:3E
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5C022204D929B51D707E7943440E8B724696425F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3136372e302f32342d3234203d3e20323134313433.roa
Signing time: Thu 19 Jun 2025 19:40:24 +0000
ROA not before: Thu 19 Jun 2025 19:35:24 +0000
ROA not after: Thu 18 Jun 2026 19:40:24 +0000
asID: 214143
IP address blocks: 145.79.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:02:22:04:d9:29:b5:1d:70:7e:79:43:44:0e:8b:72:46:96:42:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 19 19:35:24 2025 GMT
Not After : Jun 18 19:40:24 2026 GMT
Subject: CN=B5646E450296EB04DCC6F8507D1D407C68A8EB3E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:82:41:df:d1:53:30:9e:6e:73:da:9c:e5:84:
9d:58:60:47:6a:39:3a:7e:ce:7c:07:e9:d9:25:70:
fe:68:6a:bd:db:a6:4f:f4:7d:36:27:99:ee:17:26:
69:cb:3f:f6:f8:1a:bd:3a:84:67:2c:8a:e3:aa:e7:
77:3a:de:8b:6a:9b:de:cd:75:53:90:44:2f:a2:ef:
56:b3:a3:b8:de:19:ef:0a:8f:f5:1d:31:b0:4d:e4:
41:0c:a0:5d:69:a9:fb:45:c8:1c:f7:99:7e:81:7a:
80:75:e4:20:f9:99:8e:ae:c8:9e:53:f7:c8:01:07:
3f:ca:13:66:a3:cc:bd:d0:ce:01:0a:95:62:e8:61:
87:1a:2a:7d:ed:4d:20:f0:41:c1:38:0e:65:03:e6:
12:d4:da:b2:75:09:0b:12:21:b4:b5:ca:af:b4:3e:
c6:47:e8:01:b2:85:7b:b3:64:fd:86:cd:16:01:8d:
d2:0a:69:5e:31:d3:45:8d:e6:17:f0:5e:0c:80:65:
1e:49:85:24:9c:11:f7:f7:5b:86:71:c7:1a:ed:2b:
b9:7c:47:5f:ba:20:ce:5d:3b:ac:6e:68:0d:23:64:
78:68:3b:3b:f6:4c:b9:57:ac:f0:41:df:6f:1d:09:
26:fd:a3:e2:91:6e:60:78:27:c4:c5:72:18:10:05:
7c:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:64:6E:45:02:96:EB:04:DC:C6:F8:50:7D:1D:40:7C:68:A8:EB:3E
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3136372e302f32342d3234203d3e20323134313433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.79.167.0/24
Signature Algorithm: sha256WithRSAEncryption
72:c5:71:5d:b4:49:f8:ab:38:ae:3a:56:37:98:a6:9a:b0:22:
e1:ca:a1:48:c7:42:57:32:b6:03:43:7a:2e:99:99:cc:17:59:
b7:04:1e:88:5f:f1:72:a1:3a:6a:15:c5:7e:43:7a:04:bd:5a:
3f:17:5a:69:32:a2:27:29:ac:ce:02:44:d5:8e:ab:5b:e5:63:
74:56:6b:54:c7:29:91:0b:97:64:49:9b:ba:ee:7a:b0:2f:a0:
b8:41:25:55:69:d5:95:2f:2a:fa:1c:8c:bf:6c:e0:d3:52:60:
c3:b5:22:3e:1d:88:e5:6d:40:f9:10:2a:cd:fc:4f:e4:53:06:
78:8d:2a:eb:78:df:79:91:0e:52:7e:75:ab:f0:6d:14:c4:b6:
5e:75:d2:b5:a3:8c:c6:3f:71:f9:0b:9f:7c:45:82:ea:db:e0:
9d:ac:4e:9b:60:be:6f:56:7e:d6:c1:34:e4:ec:7e:32:07:fe:
ce:c1:b2:81:06:1c:fe:fe:70:7d:cd:5b:16:40:c5:04:41:bb:
50:31:ca:f6:ad:e3:80:7e:98:e3:f1:29:8a:18:be:03:f4:fb:
fd:f6:c7:eb:69:97:40:fa:d4:c1:98:83:37:17:1e:be:ae:92:
a3:d3:9a:8c:16:62:fb:c8:98:28:4e:db:a6:e3:33:0a:ca:e2:
77:53:7a:aa
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUXAIiBNkptR1wfnlDRA6LckaWQl8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA2MTkxOTM1MjRaFw0yNjA2MTgxOTQwMjRaMDMxMTAvBgNV
BAMTKEI1NjQ2RTQ1MDI5NkVCMDREQ0M2Rjg1MDdEMUQ0MDdDNjhBOEVCM0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFgkHf0VMwnm5z2pzlhJ1YYEdq
OTp+znwH6dklcP5oar3bpk/0fTYnme4XJmnLP/b4Gr06hGcsiuOq53c63otqm97N
dVOQRC+i71azo7jeGe8Kj/UdMbBN5EEMoF1pqftFyBz3mX6BeoB15CD5mY6uyJ5T
98gBBz/KE2ajzL3QzgEKlWLoYYcaKn3tTSDwQcE4DmUD5hLU2rJ1CQsSIbS1yq+0
PsZH6AGyhXuzZP2GzRYBjdIKaV4x00WN5hfwXgyAZR5JhSScEff3W4ZxxxrtK7l8
R1+6IM5dO6xuaA0jZHhoOzv2TLlXrPBB328dCSb9o+KRbmB4J8TFchgQBXzLAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUtWRuRQKW6wTcxvhQfR1AfGio6z4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzNzM5MmUzMTM2
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzQzMTM0MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACRT6cwDQYJKoZIhvcNAQELBQADggEBAHLFcV20SfirOK46VjeYppqwIuHKoUjH
QlcytgNDei6ZmcwXWbcEHohf8XKhOmoVxX5DegS9Wj8XWmkyoicprM4CRNWOq1vl
Y3RWa1THKZELl2RJm7ruerAvoLhBJVVp1ZUvKvocjL9s4NNSYMO1Ij4diOVtQPkQ
Ks38T+RTBniNKut433mRDlJ+davwbRTEtl510rWjjMY/cfkLn3xFgurb4J2sTptg
vm9WftbBNOTsfjIH/s7BsoEGHP7+cH3NWxZAxQRBu1Axyvat44B+mOPxKYoYvgP0
+/32x+tpl0D61MGYgzcXHr6ukqPTmowWYvvImChO26bjMwrK4ndTeqo=
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:08:29 2025 by rpki-client