Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3231362e302f32312d3234203d3e203437353833.roa
File: 3134352e37392e3231362e302f32312d3234203d3e203437353833.roa (raw, json)
Hash identifier: vu8Pq9tSANj1E/fkKEaJ5upV5gjJ+dfkhczLugoVhX0=
Subject key identifier: 51:7F:93:40:BA:60:F4:34:45:19:4F:A0:23:99:F4:91:F7:E2:CF:B3
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 27A2B56C809A8436004974CA97FE16E0F2D6930D
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3231362e302f32312d3234203d3e203437353833.roa
Signing time: Thu 10 Apr 2025 10:09:05 +0000
ROA not before: Thu 10 Apr 2025 10:04:05 +0000
ROA not after: Thu 09 Apr 2026 10:09:05 +0000
asID: 47583
IP address blocks: 145.79.216.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 16:39:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:a2:b5:6c:80:9a:84:36:00:49:74:ca:97:fe:16:e0:f2:d6:93:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 10 10:04:05 2025 GMT
Not After : Apr 9 10:09:05 2026 GMT
Subject: CN=517F9340BA60F43445194FA02399F491F7E2CFB3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:49:9d:be:11:13:ec:77:51:2a:64:24:3d:bd:
e7:d8:e8:60:18:cd:6a:d2:6d:96:57:d3:cd:4d:10:
a5:26:ab:fb:03:45:38:59:d9:06:ef:a0:26:de:04:
06:af:8e:9d:78:87:5f:96:c1:2b:5a:9f:67:10:9f:
f7:8b:2e:c7:b2:9f:1c:4d:4a:86:ee:e6:79:aa:8c:
ff:34:b1:7c:c9:53:4c:fc:af:e2:aa:0e:52:32:99:
5f:f8:78:8c:b3:29:32:e8:cf:b6:c7:a4:19:23:bb:
5a:dc:ef:66:b7:c7:24:aa:c9:d2:13:4b:d7:aa:c3:
2f:59:ce:61:b2:9c:9f:92:68:ed:f3:e2:c1:11:58:
22:05:1f:66:11:a6:67:ad:50:6b:72:23:96:e7:75:
8b:1a:0f:ab:9d:60:e8:ce:da:f8:03:28:53:c1:f2:
ba:5a:c5:3c:37:c8:f0:35:1b:60:a4:da:35:81:c2:
1f:94:3e:24:fa:93:b1:6b:f5:a4:cc:17:39:19:1b:
fc:59:d0:e2:99:6e:a9:73:c9:60:17:c7:0d:37:b7:
60:86:cf:90:88:cc:28:df:f9:9e:97:75:b5:4c:1c:
d1:45:9f:d8:91:82:03:42:d2:0b:9b:8e:85:d3:5e:
65:01:b3:94:83:50:90:7b:55:47:b0:9a:e3:e9:72:
96:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:7F:93:40:BA:60:F4:34:45:19:4F:A0:23:99:F4:91:F7:E2:CF:B3
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3231362e302f32312d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.79.216.0/21
Signature Algorithm: sha256WithRSAEncryption
58:df:ac:89:ef:a2:70:31:7e:ca:89:a5:f2:3f:f6:9f:c0:4c:
57:41:7d:81:f4:ba:1a:de:63:ba:ef:65:cc:44:be:5d:3b:88:
67:cb:97:2b:1a:a2:ee:34:ea:f9:14:02:3e:f8:2f:e3:a1:24:
18:72:ec:05:b6:23:22:4b:9d:41:9f:9a:92:1a:c1:a5:8b:10:
51:c1:7f:88:2c:ee:11:95:f7:ec:b0:29:44:86:cf:06:1b:3b:
d2:d0:df:82:7e:03:71:54:5a:d6:08:8e:2a:fb:ee:6e:d9:38:
54:4b:91:a3:df:91:94:1c:21:11:1a:86:c4:97:d8:af:44:8c:
a4:fd:6c:b0:37:1f:d2:50:cb:4e:a6:d9:a9:b6:8a:3d:8a:c1:
d6:2f:d5:ec:90:20:4b:05:3e:0e:d2:57:b2:0d:43:19:2a:f5:
46:1e:2a:74:ff:12:8e:7c:3f:91:44:a1:78:35:84:d8:cb:43:
90:ab:4a:e0:7c:3f:5a:fa:84:7a:16:9b:08:2f:05:cc:ec:cb:
29:08:8a:66:ba:61:21:e4:d5:ed:c7:9e:c0:93:82:98:5b:3d:
c6:03:4e:81:e1:5a:9c:58:4e:ab:f6:37:fd:87:ab:cd:9d:d8:
40:58:4f:c6:70:00:af:95:9d:1e:f7:17:0e:b2:72:69:9f:cc:
9d:b4:c6:f8
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUJ6K1bICahDYASXTKl/4W4PLWkw0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA0MTAxMDA0MDVaFw0yNjA0MDkxMDA5MDVaMDMxMTAvBgNV
BAMTKDUxN0Y5MzQwQkE2MEY0MzQ0NTE5NEZBMDIzOTlGNDkxRjdFMkNGQjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRSZ2+ERPsd1EqZCQ9vefY6GAY
zWrSbZZX081NEKUmq/sDRThZ2QbvoCbeBAavjp14h1+WwStan2cQn/eLLseynxxN
Sobu5nmqjP80sXzJU0z8r+KqDlIymV/4eIyzKTLoz7bHpBkju1rc72a3xySqydIT
S9eqwy9ZzmGynJ+SaO3z4sERWCIFH2YRpmetUGtyI5bndYsaD6udYOjO2vgDKFPB
8rpaxTw3yPA1G2Ck2jWBwh+UPiT6k7Fr9aTMFzkZG/xZ0OKZbqlzyWAXxw03t2CG
z5CIzCjf+Z6XdbVMHNFFn9iRggNC0gubjoXTXmUBs5SDUJB7VUewmuPpcpaPAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUUX+TQLpg9DRFGU+gI5n0kffiz7MwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzNzM5MmUzMjMx
MzYyZTMwMmYzMjMxMmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
kU/YMA0GCSqGSIb3DQEBCwUAA4IBAQBY36yJ76JwMX7KiaXyP/afwExXQX2B9Loa
3mO672XMRL5dO4hny5crGqLuNOr5FAI++C/joSQYcuwFtiMiS51Bn5qSGsGlixBR
wX+ILO4RlffssClEhs8GGzvS0N+CfgNxVFrWCI4q++5u2ThUS5Gj35GUHCERGobE
l9ivRIyk/WywNx/SUMtOptmptoo9isHWL9XskCBLBT4O0leyDUMZKvVGHip0/xKO
fD+RRKF4NYTYy0OQq0rgfD9a+oR6FpsILwXM7MspCIpmumEh5NXtx57Ak4KYWz3G
A06B4VqcWE6r9jf9h6vNndhAWE/GcACvlZ0e9xcOsnJpn8ydtMb4
-----END CERTIFICATE-----
Generated at Tue May 6 06:14:54 2025 by rpki-client