Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e39332e302f32342d3234203d3e20313336373837.roa
File: 3135362e36372e39332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: S6ZQf3Nm2h7ISb+N9zgTznje35o4Rh1VHScvBpUe3lE=
Subject key identifier: 22:7C:73:E1:2D:2D:A6:D6:D9:58:74:92:96:BD:19:48:F6:0C:E4:ED
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4CD404183BF4177520D1E101797EDD3E025ECFF4
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e39332e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 28 Sep 2025 20:47:39 +0000
ROA not before: Sun 28 Sep 2025 20:42:39 +0000
ROA not after: Sun 27 Sep 2026 20:47:39 +0000
asID: 136787
IP address blocks: 156.67.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 17:43:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:d4:04:18:3b:f4:17:75:20:d1:e1:01:79:7e:dd:3e:02:5e:cf:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 28 20:42:39 2025 GMT
Not After : Sep 27 20:47:39 2026 GMT
Subject: CN=227C73E12D2DA6D6D958749296BD1948F60CE4ED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:08:24:f8:23:2f:49:9c:de:33:13:3b:8f:91:
ed:87:3a:5a:a8:6b:ff:4b:c8:46:0b:f1:ae:fe:bf:
09:73:9a:9c:36:a7:51:4f:82:28:07:f5:d3:fd:d0:
75:17:07:f3:8d:6c:76:75:ff:2a:a3:30:fd:68:6e:
08:6a:71:79:86:06:ea:26:2d:78:01:62:aa:d8:fe:
b3:63:45:35:2e:45:06:ea:bb:eb:a0:29:e9:46:39:
60:f3:85:2f:f4:45:26:24:8c:d2:52:c9:35:82:7d:
20:67:51:87:f6:a4:9c:8b:2a:d0:74:5f:32:a9:8d:
1a:2b:e4:b5:be:8d:24:e9:86:60:49:16:b1:f9:6a:
30:82:7e:61:42:ed:9b:db:29:c9:95:fd:32:a8:29:
aa:1d:ee:36:66:18:de:68:ca:fc:bf:78:66:89:55:
6c:16:90:ea:14:34:61:4d:39:c3:77:0e:d6:de:8a:
9b:5c:18:f4:41:b3:bb:0a:da:87:40:64:f7:93:4e:
ce:dd:07:44:88:e0:dc:76:15:c6:ef:de:57:18:c4:
6a:11:c5:e3:5b:2f:be:c8:5c:8d:f6:9b:df:5c:3e:
65:97:73:63:dc:4e:45:61:06:11:bc:3d:8a:c6:1d:
4b:20:7d:a0:1d:5b:01:38:63:92:f9:30:eb:f1:8e:
9b:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:7C:73:E1:2D:2D:A6:D6:D9:58:74:92:96:BD:19:48:F6:0C:E4:ED
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e39332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.93.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:21:ce:85:7e:3c:91:2b:d3:d2:20:bf:0f:0e:7e:d2:76:07:
23:72:cd:93:24:b8:a2:49:4c:3a:16:16:b6:24:55:27:67:8d:
b4:0e:b5:9c:fc:9c:95:ca:46:ee:dc:27:0e:44:c3:a8:1a:66:
0d:27:2b:b1:a7:02:0b:5a:39:e5:5c:a1:bb:5c:61:a6:1c:5c:
f9:15:f5:26:c1:ca:69:8b:d3:ae:72:ae:03:52:f5:76:a3:54:
81:66:4f:65:1e:2c:1d:cc:9c:f2:7b:32:40:df:80:38:8f:3e:
59:dc:9d:f9:7d:2c:3e:5c:d2:8d:d1:a8:fd:1a:05:ec:47:aa:
6d:c0:2b:7a:49:5d:65:91:40:e6:ba:dc:32:6b:ed:6a:38:d7:
3f:e9:8a:f0:bf:1c:83:b2:98:3c:c5:8d:aa:49:91:8d:54:23:
bc:bd:4a:d3:2f:92:a2:bd:c5:ae:25:42:87:80:fb:03:d4:62:
3f:73:64:cb:af:53:3c:6f:9d:fa:7a:19:fc:af:bb:ea:aa:77:
52:b6:ef:07:9f:ff:79:04:45:2e:17:7c:b0:0b:ce:3e:17:72:
e4:ab:4a:5e:9d:6c:d0:9b:a6:41:71:fd:11:1f:f0:2d:0b:9c:
f0:7a:7e:16:91:e7:95:33:1f:f8:1b:83:9d:4e:11:61:85:a3:
18:ca:8e:a4
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUTNQEGDv0F3Ug0eEBeX7dPgJez/QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA5MjgyMDQyMzlaFw0yNjA5MjcyMDQ3MzlaMDMxMTAvBgNV
BAMTKDIyN0M3M0UxMkQyREE2RDZEOTU4NzQ5Mjk2QkQxOTQ4RjYwQ0U0RUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsCCT4Iy9JnN4zEzuPke2HOlqo
a/9LyEYL8a7+vwlzmpw2p1FPgigH9dP90HUXB/ONbHZ1/yqjMP1obghqcXmGBuom
LXgBYqrY/rNjRTUuRQbqu+ugKelGOWDzhS/0RSYkjNJSyTWCfSBnUYf2pJyLKtB0
XzKpjRor5LW+jSTphmBJFrH5ajCCfmFC7ZvbKcmV/TKoKaod7jZmGN5oyvy/eGaJ
VWwWkOoUNGFNOcN3DtbeiptcGPRBs7sK2odAZPeTTs7dB0SI4Nx2Fcbv3lcYxGoR
xeNbL77IXI32m99cPmWXc2PcTkVhBhG8PYrGHUsgfaAdWwE4Y5L5MOvxjpudAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUInxz4S0tptbZWHSSlr0ZSPYM5O0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzOTMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
nENdMA0GCSqGSIb3DQEBCwUAA4IBAQB6Ic6FfjyRK9PSIL8PDn7Sdgcjcs2TJLii
SUw6Fha2JFUnZ420DrWc/JyVykbu3CcORMOoGmYNJyuxpwILWjnlXKG7XGGmHFz5
FfUmwcppi9Oucq4DUvV2o1SBZk9lHiwdzJzyezJA34A4jz5Z3J35fSw+XNKN0aj9
GgXsR6ptwCt6SV1lkUDmutwya+1qONc/6YrwvxyDspg8xY2qSZGNVCO8vUrTL5Ki
vcWuJUKHgPsD1GI/c2TLr1M8b536ehn8r7vqqndStu8Hn/95BEUuF3ywC84+F3Lk
q0penWzQm6ZBcf0RH/AtC5zwen4WkeeVMx/4G4OdThFhhaMYyo6k
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:04:10 2025 by rpki-client