Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e34342e302f32322d3234203d3e2035363530.roa
File: 3134352e37392e34342e302f32322d3234203d3e2035363530.roa (raw, json)
Hash identifier: sS1bD6jJ0sHBP6C3Xq5+QtPSH0itFqvbBfs56GwADsw=
Subject key identifier: 07:F5:20:F3:94:14:BA:78:2F:EF:5E:DD:22:CC:64:19:AE:50:95:C3
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0D938345E1D1A90C48FB19C7A70A4DD390B15DB2
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e34342e302f32322d3234203d3e2035363530.roa
Signing time: Wed 25 Jun 2025 18:11:12 +0000
ROA not before: Wed 25 Jun 2025 18:06:12 +0000
ROA not after: Wed 24 Jun 2026 18:11:12 +0000
asID: 5650
IP address blocks: 145.79.44.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 20:58:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:93:83:45:e1:d1:a9:0c:48:fb:19:c7:a7:0a:4d:d3:90:b1:5d:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 25 18:06:12 2025 GMT
Not After : Jun 24 18:11:12 2026 GMT
Subject: CN=07F520F39414BA782FEF5EDD22CC6419AE5095C3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:26:49:6d:0e:73:1a:bd:07:9d:34:45:22:c8:
6a:7d:d2:a0:7b:a1:a6:49:20:76:98:d5:98:dc:b6:
5a:d9:af:4c:6e:44:3d:78:fa:9b:9c:26:67:8d:bc:
62:0d:ef:90:8f:8d:c7:8a:89:0c:5a:44:63:74:07:
60:b9:72:bf:0d:df:1c:b1:f9:8f:8b:7d:66:7f:d8:
21:1c:73:21:98:8f:0a:cb:75:ea:12:d9:35:67:6b:
f4:6e:86:1f:e0:3c:a8:06:df:28:9a:83:05:b5:42:
87:10:96:04:d3:04:b1:39:2d:c2:2b:53:1a:11:08:
fd:15:3e:53:17:54:99:ea:14:ad:90:a8:a3:ed:36:
6c:cc:4a:d8:93:ca:f4:58:f0:de:ba:46:b4:d8:aa:
11:bb:bf:57:91:4a:6b:8b:82:0c:d0:0a:a5:9b:fa:
6c:f0:0b:26:61:d0:94:dd:8f:01:72:5e:7a:bf:d6:
14:d2:3b:22:95:a1:d7:3d:b9:1c:9c:e1:ad:69:72:
30:35:ba:e8:2d:b5:55:91:b4:f0:b7:2b:ce:f7:83:
f2:d8:dc:27:fd:72:1e:8b:25:e0:6f:46:a5:9d:29:
b9:06:a5:4e:5d:82:6e:80:ac:7e:bf:d4:47:e3:61:
93:a6:62:9d:aa:bd:ce:f0:1e:b9:ff:b0:e5:cc:8e:
5c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:F5:20:F3:94:14:BA:78:2F:EF:5E:DD:22:CC:64:19:AE:50:95:C3
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e34342e302f32322d3234203d3e2035363530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.79.44.0/22
Signature Algorithm: sha256WithRSAEncryption
08:ba:42:7e:b4:e3:74:0b:fd:9e:70:59:5f:3a:6f:b5:cb:ef:
32:28:91:83:01:59:0d:58:4b:5f:b5:ab:19:af:f2:8b:09:2b:
ef:d6:a3:3b:c7:34:0d:b5:16:dd:fa:d2:30:2d:dc:0f:3b:3b:
61:db:92:75:cc:cd:ea:4a:61:8e:5e:9b:c5:17:2e:7c:cf:48:
65:9e:f8:69:aa:2d:93:e2:8b:2c:5a:1a:8c:5d:7d:c7:08:07:
9b:3f:4a:08:2e:d4:6e:64:02:42:59:4e:ad:66:e1:b7:49:72:
57:f0:7b:3c:18:c0:9b:c3:f0:07:05:e3:09:28:c6:8e:8e:7a:
6a:ff:56:e1:34:ab:a5:66:d0:4d:52:7e:fc:c0:13:c1:e1:dc:
7b:0c:3b:dc:5b:98:a0:df:bd:02:4a:5c:60:06:fa:af:c4:9b:
d2:59:55:ec:17:63:3e:51:f7:6a:0e:e7:69:6a:49:97:b2:b7:
f4:17:aa:e1:2b:d9:3b:f4:55:e4:8f:46:3d:ed:6c:67:b8:36:
da:35:b6:4f:27:23:2e:a5:24:e7:ac:f8:a3:55:7e:25:9d:49:
52:3b:ff:cf:b3:68:25:99:44:7c:36:d6:5f:8f:89:e8:ee:7e:
ca:98:b1:c4:8f:79:25:c3:1e:42:16:2e:8d:aa:1f:e2:29:70:
a0:24:06:4a
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUDZODReHRqQxI+xnHpwpN05CxXbIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA2MjUxODA2MTJaFw0yNjA2MjQxODExMTJaMDMxMTAvBgNV
BAMTKDA3RjUyMEYzOTQxNEJBNzgyRkVGNUVERDIyQ0M2NDE5QUU1MDk1QzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIJkltDnMavQedNEUiyGp90qB7
oaZJIHaY1ZjctlrZr0xuRD14+pucJmeNvGIN75CPjceKiQxaRGN0B2C5cr8N3xyx
+Y+LfWZ/2CEccyGYjwrLdeoS2TVna/Ruhh/gPKgG3yiagwW1QocQlgTTBLE5LcIr
UxoRCP0VPlMXVJnqFK2QqKPtNmzMStiTyvRY8N66RrTYqhG7v1eRSmuLggzQCqWb
+mzwCyZh0JTdjwFyXnq/1hTSOyKVodc9uRyc4a1pcjA1uugttVWRtPC3K873g/LY
3Cf9ch6LJeBvRqWdKbkGpU5dgm6ArH6/1EfjYZOmYp2qvc7wHrn/sOXMjlw5AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUB/Ug85QUungv717dIsxkGa5QlcMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzNzM5MmUzNDM0
MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzUzNjM1MzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKRTyww
DQYJKoZIhvcNAQELBQADggEBAAi6Qn6043QL/Z5wWV86b7XL7zIokYMBWQ1YS1+1
qxmv8osJK+/WozvHNA21Ft360jAt3A87O2HbknXMzepKYY5em8UXLnzPSGWe+Gmq
LZPiiyxaGoxdfccIB5s/Sggu1G5kAkJZTq1m4bdJclfwezwYwJvD8AcF4wkoxo6O
emr/VuE0q6Vm0E1SfvzAE8Hh3HsMO9xbmKDfvQJKXGAG+q/Em9JZVewXYz5R92oO
52lqSZeyt/QXquEr2Tv0VeSPRj3tbGe4Nto1tk8nIy6lJOes+KNVfiWdSVI7/8+z
aCWZRHw21l+PiejufsqYscSPeSXDHkIWLo2qH+IpcKAkBko=
-----END CERTIFICATE-----
Generated at Sun Jun 29 07:46:19 2025 by rpki-client