Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e37352e302f32342d3234203d3e20313336373837.roa
File: 3135382e3232302e37352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: jbaN0m0b7FWO2K0rW0CJf+5z9UYDSdIXeoX3jcK0or4=
Subject key identifier: ED:39:1B:9D:BC:4E:87:BF:57:D1:5F:A1:A4:56:6D:FA:8C:52:5C:23
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2A739BA7E1E2BC940A109CD69849363E8DFCA69D
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e37352e302f32342d3234203d3e20313336373837.roa
Signing time: Tue 09 Sep 2025 21:47:32 +0000
ROA not before: Tue 09 Sep 2025 21:42:32 +0000
ROA not after: Tue 08 Sep 2026 21:47:32 +0000
asID: 136787
IP address blocks: 158.220.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:73:9b:a7:e1:e2:bc:94:0a:10:9c:d6:98:49:36:3e:8d:fc:a6:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 9 21:42:32 2025 GMT
Not After : Sep 8 21:47:32 2026 GMT
Subject: CN=ED391B9DBC4E87BF57D15FA1A4566DFA8C525C23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:40:50:43:da:f1:e8:34:94:6d:03:9f:5a:5a:
c2:e9:f0:4e:50:57:13:f6:a2:b6:21:04:cc:04:ca:
7e:77:64:d4:2e:80:54:d4:15:47:0f:04:b6:4d:96:
55:3b:d2:5a:d6:5b:e3:05:a2:a5:18:3d:74:ba:97:
db:89:3a:48:8c:98:84:d3:39:67:91:05:3c:43:db:
f9:44:79:e9:2f:99:e4:70:52:26:48:e2:92:d9:34:
59:b8:03:64:bc:c8:80:d2:7c:06:3a:b5:f3:aa:4e:
60:85:15:15:62:44:ee:9b:7f:e5:04:a7:d3:30:bd:
56:89:cf:b8:be:8a:79:31:8d:f5:a4:22:5d:b8:8e:
c9:07:8d:b5:b6:c1:8d:d7:f4:63:e7:d4:89:d9:c4:
e1:0b:86:a5:22:f3:e0:01:79:61:88:30:a1:ef:99:
78:a3:b7:74:3e:aa:29:77:09:5e:35:9e:8a:44:6e:
42:a2:d6:5a:27:1d:f1:8f:5e:9d:6a:e8:00:55:30:
39:8c:7f:29:94:d8:38:2f:2f:c3:41:fb:bb:0a:fb:
31:13:fa:eb:fc:09:4c:c2:bf:54:35:24:3a:2e:19:
6e:73:79:a4:54:43:30:ae:21:7a:4f:fa:25:62:34:
9f:73:bc:93:4a:9c:9b:f2:29:50:a5:be:a3:d6:d1:
80:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:39:1B:9D:BC:4E:87:BF:57:D1:5F:A1:A4:56:6D:FA:8C:52:5C:23
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e37352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.220.75.0/24
Signature Algorithm: sha256WithRSAEncryption
50:0a:ed:21:42:5e:25:53:d1:8a:ea:95:ed:ad:12:0a:31:ef:
f6:ad:53:6b:86:73:7f:ed:d3:a1:51:d7:11:10:d2:bd:75:29:
d4:90:24:f8:37:e4:63:22:4d:1e:a5:44:d4:e1:ab:92:a1:50:
b9:75:92:48:ca:d1:ff:2c:a7:91:18:69:dd:d3:6d:cf:11:c8:
e4:49:e4:05:e8:f0:fc:02:e6:7f:f2:57:3c:72:e1:e0:60:3d:
e4:fd:af:e6:44:42:05:bf:95:3f:2f:c7:fd:a3:83:43:eb:06:
a5:af:e9:0c:7e:33:3f:eb:f4:65:23:d2:99:a9:32:0c:54:0f:
5f:59:01:80:60:b8:63:6d:df:f2:97:57:c6:83:49:01:ea:0c:
25:64:45:15:af:48:db:6d:bb:d9:8e:d8:38:07:b3:40:e6:45:
f2:10:78:76:91:25:c2:80:41:15:f7:d9:1a:03:d3:cf:87:18:
2b:d3:81:d0:b3:bc:e9:84:8e:64:35:57:d1:ef:16:ff:6d:dc:
cd:6a:65:02:87:33:55:4a:01:4a:7e:7c:f9:8b:8c:0c:9e:49:
a9:3b:04:bd:bb:6e:c6:8c:f4:b6:c2:73:82:4c:d4:41:b2:0b:
00:5b:c5:35:2f:95:53:32:7f:93:07:c7:8b:03:1a:ab:e7:82:
f4:d6:54:9d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUKnObp+HivJQKEJzWmEk2Po38pp0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA5MDkyMTQyMzJaFw0yNjA5MDgyMTQ3MzJaMDMxMTAvBgNV
BAMTKEVEMzkxQjlEQkM0RTg3QkY1N0QxNUZBMUE0NTY2REZBOEM1MjVDMjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvQFBD2vHoNJRtA59aWsLp8E5Q
VxP2orYhBMwEyn53ZNQugFTUFUcPBLZNllU70lrWW+MFoqUYPXS6l9uJOkiMmITT
OWeRBTxD2/lEeekvmeRwUiZI4pLZNFm4A2S8yIDSfAY6tfOqTmCFFRViRO6bf+UE
p9MwvVaJz7i+inkxjfWkIl24jskHjbW2wY3X9GPn1InZxOELhqUi8+ABeWGIMKHv
mXijt3Q+qil3CV41nopEbkKi1lonHfGPXp1q6ABVMDmMfymU2DgvL8NB+7sK+zET
+uv8CUzCv1Q1JDouGW5zeaRUQzCuIXpP+iViNJ9zvJNKnJvyKVClvqPW0YBvAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU7TkbnbxOh79X0V+hpFZt+oxSXCMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM4MmUzMjMyMzAyZTM3
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACe3EswDQYJKoZIhvcNAQELBQADggEBAFAK7SFCXiVT0Yrqle2tEgox7/atU2uG
c3/t06FR1xEQ0r11KdSQJPg35GMiTR6lRNThq5KhULl1kkjK0f8sp5EYad3Tbc8R
yORJ5AXo8PwC5n/yVzxy4eBgPeT9r+ZEQgW/lT8vx/2jg0PrBqWv6Qx+Mz/r9GUj
0pmpMgxUD19ZAYBguGNt3/KXV8aDSQHqDCVkRRWvSNttu9mO2DgHs0DmRfIQeHaR
JcKAQRX32RoD08+HGCvTgdCzvOmEjmQ1V9HvFv9t3M1qZQKHM1VKAUp+fPmLjAye
Sak7BL27bsaM9LbCc4JM1EGyCwBbxTUvlVMyf5MHx4sDGqvngvTWVJ0=
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:20:09 2025 by rpki-client