Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3136382e302f32332d3233203d3e20343031373736.roa
File: 3134352e37392e3136382e302f32332d3233203d3e20343031373736.roa (raw, json)
Hash identifier: H9tR6GYy+CiCvxppS+/tRRpyMbNK9gDb+FvVB7tgxak=
Subject key identifier: DB:A5:A0:7E:EE:9B:76:BA:22:5F:2D:7F:8A:52:92:C3:81:7F:BE:10
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5B6571756EE9D044A1D2D932B218D31D848DB99A
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3136382e302f32332d3233203d3e20343031373736.roa
Signing time: Mon 16 Jun 2025 10:10:43 +0000
ROA not before: Mon 16 Jun 2025 10:05:43 +0000
ROA not after: Mon 15 Jun 2026 10:10:43 +0000
asID: 401776
IP address blocks: 145.79.168.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:65:71:75:6e:e9:d0:44:a1:d2:d9:32:b2:18:d3:1d:84:8d:b9:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 16 10:05:43 2025 GMT
Not After : Jun 15 10:10:43 2026 GMT
Subject: CN=DBA5A07EEE9B76BA225F2D7F8A5292C3817FBE10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:83:a1:e0:b9:be:fc:73:91:df:e9:c4:57:5e:
1b:75:ff:07:bb:b6:41:ef:28:9b:46:68:d5:8a:09:
b4:83:55:38:71:4b:62:c5:34:8c:71:c4:19:9e:38:
b8:71:b6:4c:51:f6:f0:76:bc:90:73:55:3d:c0:49:
19:cd:f2:23:61:19:de:1b:f0:0f:2d:43:62:8d:4a:
2c:d2:80:d1:2f:d3:75:00:bf:9b:0e:6b:a5:84:07:
7c:1d:68:ab:c7:9e:a0:27:5e:9a:14:80:21:2b:b7:
99:6c:ec:64:cc:34:bc:51:c9:53:43:9e:34:04:aa:
9f:e3:23:0e:f3:d6:c6:a4:4f:d0:b9:3c:0e:e0:80:
53:d6:6e:b9:ff:55:98:99:94:bc:b8:5c:53:f7:0c:
1d:02:05:12:2f:f6:5f:7f:1e:d6:ee:82:ea:60:7d:
16:de:4b:ed:5b:fe:7c:94:52:69:4c:7c:f2:f7:69:
4c:5b:1f:df:54:9b:09:18:4d:3d:d5:0b:fd:b7:4b:
72:51:82:a1:e3:e9:c9:49:c7:ab:73:6f:0a:ac:b7:
42:6f:11:ad:82:1a:a8:48:55:d1:40:5c:7c:43:3d:
89:74:d4:37:b5:22:14:5b:ab:b7:f8:7b:3d:77:f6:
b1:f2:1e:b0:78:21:ee:20:51:c9:e8:83:37:84:84:
35:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:A5:A0:7E:EE:9B:76:BA:22:5F:2D:7F:8A:52:92:C3:81:7F:BE:10
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3136382e302f32332d3233203d3e20343031373736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.79.168.0/23
Signature Algorithm: sha256WithRSAEncryption
6c:49:7e:d8:41:5d:a3:bc:07:39:bf:e2:e4:ec:39:d0:c0:50:
6c:f1:27:ef:c0:41:63:69:40:55:24:7c:19:3e:b6:43:6c:ac:
a8:e7:cb:f2:b7:58:24:cc:8e:fc:09:99:a9:06:4a:3b:34:64:
76:ca:67:21:3b:16:61:de:b1:08:01:01:ff:82:35:d5:98:e2:
24:7d:01:b7:ac:c6:e3:18:74:c6:5e:bc:f6:ef:8c:95:9a:e4:
33:6c:af:48:4e:36:55:d0:14:c8:e7:34:cd:6e:8e:a6:da:19:
06:13:cc:39:e9:ba:db:b2:1e:1d:01:c4:f8:02:06:7f:45:90:
c8:20:b9:ce:f6:ff:42:e8:a8:d1:b7:78:27:6b:38:25:f6:6c:
2c:54:ea:8f:cb:bb:76:04:3a:ed:02:b6:8e:11:d4:24:8f:0f:
39:59:24:f0:62:1a:3a:b3:73:06:40:c4:30:65:d8:fa:4e:8b:
21:20:e4:5c:7b:b1:c2:3a:90:61:74:47:73:e0:ad:dc:71:6e:
79:b7:b1:28:87:76:b2:cb:59:bc:88:24:a0:1f:a5:2e:96:26:
1b:6d:d4:ac:5d:c6:8a:21:e3:a1:7b:f5:dc:b8:6d:83:ba:90:
32:92:da:c0:fc:d5:ad:00:13:0a:03:3b:c1:5f:b3:3a:8f:3f:
77:95:bb:3c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUW2VxdW7p0ESh0tkyshjTHYSNuZowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA2MTYxMDA1NDNaFw0yNjA2MTUxMDEwNDNaMDMxMTAvBgNV
BAMTKERCQTVBMDdFRUU5Qjc2QkEyMjVGMkQ3RjhBNTI5MkMzODE3RkJFMTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1g6Hgub78c5Hf6cRXXht1/we7
tkHvKJtGaNWKCbSDVThxS2LFNIxxxBmeOLhxtkxR9vB2vJBzVT3ASRnN8iNhGd4b
8A8tQ2KNSizSgNEv03UAv5sOa6WEB3wdaKvHnqAnXpoUgCErt5ls7GTMNLxRyVND
njQEqp/jIw7z1sakT9C5PA7ggFPWbrn/VZiZlLy4XFP3DB0CBRIv9l9/Htbugupg
fRbeS+1b/nyUUmlMfPL3aUxbH99UmwkYTT3VC/23S3JRgqHj6clJx6tzbwqst0Jv
Ea2CGqhIVdFAXHxDPYl01De1IhRbq7f4ez139rHyHrB4Ie4gUcnogzeEhDXZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU26Wgfu6bdroiXy1/ilKSw4F/vhAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzNzM5MmUzMTM2
MzgyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzNDMwMzEzNzM3MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAGRT6gwDQYJKoZIhvcNAQELBQADggEBAGxJfthBXaO8Bzm/4uTsOdDAUGzxJ+/A
QWNpQFUkfBk+tkNsrKjny/K3WCTMjvwJmakGSjs0ZHbKZyE7FmHesQgBAf+CNdWY
4iR9AbesxuMYdMZevPbvjJWa5DNsr0hONlXQFMjnNM1ujqbaGQYTzDnputuyHh0B
xPgCBn9FkMgguc72/0LoqNG3eCdrOCX2bCxU6o/Lu3YEOu0Cto4R1CSPDzlZJPBi
GjqzcwZAxDBl2PpOiyEg5Fx7scI6kGF0R3Pgrdxxbnm3sSiHdrLLWbyIJKAfpS6W
Jhtt1Kxdxooh46F79dy4bYO6kDKS2sD81a0AEwoDO8FfszqPP3eVuzw=
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:51:45 2025 by rpki-client