Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3131372e302f32342d3234203d3e20313336373837.roa
File: 3135362e36372e3131372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: FlezZm1hkihF03kMwxGEpEDls6uvYYVsmvx6H9lBWNk=
Subject key identifier: AD:D4:B9:BE:D5:EB:5F:7F:5E:69:54:EE:EC:31:EE:22:E9:BE:D3:EF
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 010735F4DD924DA3F9F1E7DDEA8413B56AC43410
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3131372e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 28 Sep 2025 20:47:43 +0000
ROA not before: Sun 28 Sep 2025 20:42:43 +0000
ROA not after: Sun 27 Sep 2026 20:47:43 +0000
asID: 136787
IP address blocks: 156.67.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:07:35:f4:dd:92:4d:a3:f9:f1:e7:dd:ea:84:13:b5:6a:c4:34:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 28 20:42:43 2025 GMT
Not After : Sep 27 20:47:43 2026 GMT
Subject: CN=ADD4B9BED5EB5F7F5E6954EEEC31EE22E9BED3EF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:93:8d:02:ff:17:4c:bd:f2:d2:28:6e:9e:7f:
d4:3d:66:6e:db:0c:98:6b:ad:75:18:da:cd:31:76:
e9:a1:58:b1:0b:4e:7e:11:54:f2:74:90:ac:83:2b:
86:f7:75:dd:06:7f:4d:9b:02:60:1c:16:e1:52:23:
b4:fe:c9:1e:6f:98:41:e7:95:66:8d:85:11:44:c4:
c2:5d:66:9b:5e:47:c9:3b:3e:1f:c0:d3:e1:da:bd:
31:4b:a7:e1:c5:ea:bf:00:0b:bd:ad:8a:01:f4:fd:
e5:8e:90:f0:d2:53:6a:62:d6:1c:6e:32:ae:d0:2e:
a9:fc:6b:01:69:8a:69:ab:ef:25:96:3d:9d:4b:4a:
8f:c2:0f:07:00:31:c1:b7:84:68:84:b6:ef:87:20:
47:42:1c:de:b3:ec:aa:fc:d7:12:33:82:2f:68:d0:
db:12:dd:fb:cd:5f:be:d6:dd:15:bf:24:07:04:be:
0d:a5:9c:ab:cf:06:5d:83:0a:e2:e2:de:4f:df:41:
8d:19:bf:b2:25:06:2c:7f:cb:f7:3e:59:2c:00:98:
07:b2:73:91:39:6c:1c:55:9b:e9:7c:73:ca:61:24:
de:5d:e8:64:c0:e2:9e:89:9f:93:e3:c0:7d:22:e0:
9a:52:48:a8:fd:09:a7:71:22:54:b7:f7:88:24:fe:
16:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:D4:B9:BE:D5:EB:5F:7F:5E:69:54:EE:EC:31:EE:22:E9:BE:D3:EF
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3131372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.117.0/24
Signature Algorithm: sha256WithRSAEncryption
35:80:bb:cc:bf:97:8e:4b:7a:1e:a9:95:82:b3:74:09:26:9c:
3b:8d:10:99:b1:ed:6b:69:67:6d:1c:51:aa:54:22:b3:3f:b2:
1d:fa:56:d5:6c:7d:ac:75:b5:ef:4b:86:0e:6c:0e:d4:37:d1:
2b:32:bb:ef:4d:49:ab:46:75:27:d3:fe:c0:31:39:bf:78:0f:
d7:76:d5:d0:7b:21:4b:8c:6f:7d:72:8f:28:b1:ea:db:d3:d7:
cb:48:9c:a8:4e:e8:55:33:f7:3d:4f:c8:b7:60:54:40:c4:a1:
7d:b2:ea:6e:60:c6:41:40:84:b8:ff:72:bc:b8:e8:d2:5d:e1:
78:a3:5a:d1:03:65:d0:b1:4c:9b:67:d9:d6:14:72:97:7a:7e:
cf:a5:d1:97:e7:55:28:e2:9c:40:ac:55:11:62:e3:e2:7e:02:
c0:9b:0b:c8:23:10:ab:18:3e:af:22:6c:91:ee:28:ff:96:b9:
60:6b:e3:51:cd:a6:a9:2b:ad:65:3a:9a:d3:0a:4e:f6:13:56:
59:81:38:b5:b9:57:b4:d9:c4:b0:fe:c0:20:29:f7:0a:7f:68:
36:69:d8:04:3e:95:06:88:cc:d7:89:80:ab:2e:e7:d0:e0:e6:
06:3f:2b:0e:95:57:b5:be:76:a3:19:08:ff:26:f5:f4:09:5d:
59:8b:66:d7
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUAQc19N2STaP58efd6oQTtWrENBAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA5MjgyMDQyNDNaFw0yNjA5MjcyMDQ3NDNaMDMxMTAvBgNV
BAMTKEFERDRCOUJFRDVFQjVGN0Y1RTY5NTRFRUVDMzFFRTIyRTlCRUQzRUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNk40C/xdMvfLSKG6ef9Q9Zm7b
DJhrrXUY2s0xdumhWLELTn4RVPJ0kKyDK4b3dd0Gf02bAmAcFuFSI7T+yR5vmEHn
lWaNhRFExMJdZpteR8k7Ph/A0+HavTFLp+HF6r8AC72tigH0/eWOkPDSU2pi1hxu
Mq7QLqn8awFpimmr7yWWPZ1LSo/CDwcAMcG3hGiEtu+HIEdCHN6z7Kr81xIzgi9o
0NsS3fvNX77W3RW/JAcEvg2lnKvPBl2DCuLi3k/fQY0Zv7IlBix/y/c+WSwAmAey
c5E5bBxVm+l8c8phJN5d6GTA4p6Jn5PjwH0i4JpSSKj9CadxIlS394gk/hbVAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUrdS5vtXrX39eaVTu7DHuIum+0+8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzMTMx
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACcQ3UwDQYJKoZIhvcNAQELBQADggEBADWAu8y/l45Leh6plYKzdAkmnDuNEJmx
7WtpZ20cUapUIrM/sh36VtVsfax1te9Lhg5sDtQ30Ssyu+9NSatGdSfT/sAxOb94
D9d21dB7IUuMb31yjyix6tvT18tInKhO6FUz9z1PyLdgVEDEoX2y6m5gxkFAhLj/
cry46NJd4XijWtEDZdCxTJtn2dYUcpd6fs+l0ZfnVSjinECsVRFi4+J+AsCbC8gj
EKsYPq8ibJHuKP+WuWBr41HNpqkrrWU6mtMKTvYTVlmBOLW5V7TZxLD+wCAp9wp/
aDZp2AQ+lQaIzNeJgKsu59Dg5gY/Kw6VV7W+dqMZCP8m9fQJXVmLZtc=
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:39:47 2025 by rpki-client