Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3132312e302f32342d3234203d3e20313336373837.roa
File: 3135362e36372e3132312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 5HGis/KQJjeB31lXGKsjqo8o7w6adxcTlHcNxbeiGuA=
Subject key identifier: 97:49:E0:9A:F1:41:82:5F:05:DB:01:9E:8D:38:7A:1E:8D:8C:C5:F3
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3E19430EAA23882E54BC45E8A81AC5E075E2EFBE
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3132312e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 28 Sep 2025 20:47:40 +0000
ROA not before: Sun 28 Sep 2025 20:42:40 +0000
ROA not after: Sun 27 Sep 2026 20:47:40 +0000
asID: 136787
IP address blocks: 156.67.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 17:43:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:19:43:0e:aa:23:88:2e:54:bc:45:e8:a8:1a:c5:e0:75:e2:ef:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 28 20:42:40 2025 GMT
Not After : Sep 27 20:47:40 2026 GMT
Subject: CN=9749E09AF141825F05DB019E8D387A1E8D8CC5F3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:4f:f4:9a:be:f3:66:a6:9d:e6:b9:24:1b:24:
64:7f:ff:ba:5f:89:fb:6a:2b:11:00:5c:63:35:af:
8e:50:2a:9a:45:33:2d:0d:4e:2f:7f:e9:ea:cc:d9:
88:28:80:10:13:61:08:99:d5:79:44:bf:90:63:2f:
a9:1f:6f:8c:04:b0:85:0c:ba:22:82:59:bb:9c:5d:
d1:6b:71:4d:0d:48:99:5e:2e:33:80:7f:5e:2e:94:
e4:7a:e3:98:d1:d6:80:6b:12:fa:ee:29:33:5c:61:
63:2b:b2:cd:6d:c7:65:5c:2a:6b:d1:dc:51:da:26:
7d:78:9f:43:a6:f1:8f:ea:ca:31:7c:75:5b:32:9d:
07:e4:80:9c:da:fb:b8:42:97:9c:03:1e:1c:b9:fd:
32:c7:37:1f:95:fa:b4:6f:51:e5:64:09:08:4a:90:
d8:c8:c2:f4:4e:27:37:d9:c0:94:e7:65:27:66:b1:
da:a7:cf:f7:79:54:31:71:13:b6:38:b1:47:7a:47:
f6:9b:b1:ff:f7:3d:5c:df:a1:08:4d:0c:fb:14:e4:
44:69:e5:70:3e:2f:8c:ef:ac:0a:47:36:6f:5c:7a:
cb:ef:9c:7f:d9:e1:e7:82:a8:79:5c:42:82:17:be:
b0:74:5f:5c:c8:1d:98:12:57:41:f2:45:94:36:d9:
b9:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:49:E0:9A:F1:41:82:5F:05:DB:01:9E:8D:38:7A:1E:8D:8C:C5:F3
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3132312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.121.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:5f:8a:4e:fa:40:6d:48:16:8b:3a:2a:42:d7:d6:ca:52:3d:
2b:29:27:52:a6:9e:8b:cf:9a:5c:a2:96:58:8f:40:f8:fe:aa:
76:b8:c2:b6:b9:e2:5a:52:95:a8:e8:7a:11:f1:4e:a2:93:5f:
57:6a:f2:c9:1e:67:63:d3:74:ca:7e:8e:d2:79:28:bf:1b:99:
43:05:ba:36:23:4d:43:d0:c0:61:3c:cf:d5:08:c1:6d:02:f4:
8d:be:4b:ea:78:35:8c:c7:af:fd:c0:7d:e9:05:0a:c7:e8:f7:
f3:69:9c:71:a7:d2:84:ae:64:b5:8c:26:9c:6f:ef:42:bc:f4:
0d:6f:28:b4:ec:ce:9c:5e:2a:14:30:87:1f:c3:4e:07:30:97:
51:43:65:57:cb:64:8a:63:e3:c6:3a:42:d6:f5:78:bd:32:be:
2a:2b:50:f4:09:2c:c2:5b:1b:da:aa:e8:29:d1:24:f1:5e:fd:
22:06:e9:61:d6:f0:d5:1f:e2:84:db:58:89:e4:27:9a:c5:29:
c9:31:23:c4:57:7c:a1:7a:7a:c5:e9:0e:34:d8:8b:6c:ea:9e:
f2:ca:5b:e8:17:26:5a:0f:e7:86:06:ba:e6:7a:b7:ee:67:cd:
ec:91:6d:ed:d3:5a:9f:ea:a0:92:8b:d2:92:8a:7b:d1:fd:40:
3f:15:17:75
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUPhlDDqojiC5UvEXoqBrF4HXi774wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA5MjgyMDQyNDBaFw0yNjA5MjcyMDQ3NDBaMDMxMTAvBgNV
BAMTKDk3NDlFMDlBRjE0MTgyNUYwNURCMDE5RThEMzg3QTFFOEQ4Q0M1RjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXT/SavvNmpp3muSQbJGR//7pf
iftqKxEAXGM1r45QKppFMy0NTi9/6erM2YgogBATYQiZ1XlEv5BjL6kfb4wEsIUM
uiKCWbucXdFrcU0NSJleLjOAf14ulOR645jR1oBrEvruKTNcYWMrss1tx2VcKmvR
3FHaJn14n0Om8Y/qyjF8dVsynQfkgJza+7hCl5wDHhy5/TLHNx+V+rRvUeVkCQhK
kNjIwvROJzfZwJTnZSdmsdqnz/d5VDFxE7Y4sUd6R/absf/3PVzfoQhNDPsU5ERp
5XA+L4zvrApHNm9cesvvnH/Z4eeCqHlcQoIXvrB0X1zIHZgSV0HyRZQ22bkbAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUl0ngmvFBgl8F2wGejTh6Ho2MxfMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzMTMy
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACcQ3kwDQYJKoZIhvcNAQELBQADggEBAAtfik76QG1IFos6KkLX1spSPSspJ1Km
novPmlyilliPQPj+qna4wra54lpSlajoehHxTqKTX1dq8skeZ2PTdMp+jtJ5KL8b
mUMFujYjTUPQwGE8z9UIwW0C9I2+S+p4NYzHr/3AfekFCsfo9/NpnHGn0oSuZLWM
Jpxv70K89A1vKLTszpxeKhQwhx/DTgcwl1FDZVfLZIpj48Y6Qtb1eL0yviorUPQJ
LMJbG9qq6CnRJPFe/SIG6WHW8NUf4oTbWInkJ5rFKckxI8RXfKF6esXpDjTYi2zq
nvLKW+gXJloP54YGuuZ6t+5nzeyRbe3TWp/qoJKL0pKKe9H9QD8VF3U=
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:07:48 2025 by rpki-client