Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e37372e302f32342d3234203d3e20313336373837.roa
File: 3135382e3232302e37372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: zl8uXuy8EXPnDpmsS3U35k4jOJcWShvcYPOFgMiTyxQ=
Subject key identifier: EF:9F:DA:94:BB:5E:84:A5:9B:62:91:42:14:66:31:6D:E8:1C:51:B3
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6A941DBFA60F43020AB58DB5DF31B02CE6EED2B6
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e37372e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 03 Sep 2025 07:47:29 +0000
ROA not before: Wed 03 Sep 2025 07:42:29 +0000
ROA not after: Wed 02 Sep 2026 07:47:29 +0000
asID: 136787
IP address blocks: 158.220.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:94:1d:bf:a6:0f:43:02:0a:b5:8d:b5:df:31:b0:2c:e6:ee:d2:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 3 07:42:29 2025 GMT
Not After : Sep 2 07:47:29 2026 GMT
Subject: CN=EF9FDA94BB5E84A59B6291421466316DE81C51B3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:7a:e2:25:1f:34:4a:d5:3c:71:40:b3:64:eb:
e1:2f:68:a1:43:2f:cb:59:25:7e:59:2a:c3:6d:1d:
07:66:26:be:a8:7a:f1:00:e6:07:0d:cd:72:c5:95:
66:83:38:2a:6b:02:8c:69:5b:fb:be:fd:0e:df:88:
8e:62:77:e8:0e:86:3e:21:ea:60:3c:6d:f4:ae:86:
39:4c:23:b8:73:15:a6:b1:14:cd:20:12:d7:8b:8b:
99:c5:65:a1:c5:a7:0a:19:50:ee:f2:4e:f6:1c:f7:
f1:78:aa:7c:53:ef:64:98:f4:5d:66:5c:4e:08:d5:
98:10:a0:ae:a5:e8:c8:f3:39:25:79:45:7e:c7:29:
5c:e3:d9:22:a1:f1:a3:91:54:24:18:8a:b5:71:36:
c8:ed:c9:17:ae:4b:c8:f9:28:ea:85:46:18:5c:25:
b6:06:0f:dc:bc:80:70:2e:cb:b2:cf:f7:6b:22:9d:
4f:b1:26:41:c3:f3:15:e8:6f:3d:d6:73:c8:1c:e4:
0f:31:ac:d4:04:c0:00:79:33:8b:21:e5:69:5e:76:
f3:9e:0c:b6:38:0a:49:b3:e6:7b:fe:54:05:60:fe:
f0:a0:c1:b5:fc:73:38:89:ef:22:5c:7d:24:e2:30:
98:66:a5:ac:51:9e:12:9f:95:13:89:1e:68:ad:5f:
c0:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:9F:DA:94:BB:5E:84:A5:9B:62:91:42:14:66:31:6D:E8:1C:51:B3
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e37372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.220.77.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:c5:a3:7c:39:e3:29:a2:77:00:cb:df:3c:7d:ab:2a:8a:64:
ce:e8:dd:4c:26:fd:61:ad:42:70:b6:e5:e9:a3:29:6e:75:8c:
b1:85:c1:ef:76:b0:ae:5b:e7:b7:30:16:9e:9e:1a:82:37:e1:
f3:31:16:ae:e3:ca:c6:88:69:b2:0e:91:67:02:47:1f:cb:22:
71:2b:fc:ff:04:cf:5a:65:f4:b4:61:e2:2b:f9:bb:28:9f:11:
7b:94:bf:85:e3:d1:92:44:21:a8:24:c4:27:0b:5b:43:d9:a5:
9a:ef:36:01:bc:0f:0a:8b:28:06:e5:a9:65:d5:bf:85:78:04:
5d:29:ae:5d:3e:28:af:fa:51:8d:6a:0b:1b:1d:75:65:2f:5c:
12:80:c9:6d:a7:1e:6a:e0:02:d1:9f:0d:c7:8d:c8:f4:fe:2e:
f0:0c:2f:c4:9b:b4:73:95:3a:f9:4c:94:9a:94:35:b4:60:30:
b1:f5:b8:7b:92:e4:8d:70:5d:1a:fd:ab:22:4f:e4:ec:95:60:
70:b8:ec:e5:12:97:b7:53:e4:00:68:ff:10:0b:f4:c6:c2:5d:
05:b5:da:d1:99:fd:a4:93:df:45:1d:54:c5:a3:0f:be:2d:55:
cd:d0:12:d5:fa:90:c9:e8:33:d0:11:3e:ca:34:e2:6e:45:59:
6e:b1:55:7c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUapQdv6YPQwIKtY213zGwLObu0rYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA5MDMwNzQyMjlaFw0yNjA5MDIwNzQ3MjlaMDMxMTAvBgNV
BAMTKEVGOUZEQTk0QkI1RTg0QTU5QjYyOTE0MjE0NjYzMTZERTgxQzUxQjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEeuIlHzRK1TxxQLNk6+EvaKFD
L8tZJX5ZKsNtHQdmJr6oevEA5gcNzXLFlWaDOCprAoxpW/u+/Q7fiI5id+gOhj4h
6mA8bfSuhjlMI7hzFaaxFM0gEteLi5nFZaHFpwoZUO7yTvYc9/F4qnxT72SY9F1m
XE4I1ZgQoK6l6MjzOSV5RX7HKVzj2SKh8aORVCQYirVxNsjtyReuS8j5KOqFRhhc
JbYGD9y8gHAuy7LP92sinU+xJkHD8xXobz3Wc8gc5A8xrNQEwAB5M4sh5WledvOe
DLY4Ckmz5nv+VAVg/vCgwbX8cziJ7yJcfSTiMJhmpaxRnhKflROJHmitX8AJAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU75/alLtehKWbYpFCFGYxbegcUbMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM4MmUzMjMyMzAyZTM3
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACe3E0wDQYJKoZIhvcNAQELBQADggEBABzFo3w54ymidwDL3zx9qyqKZM7o3Uwm
/WGtQnC25emjKW51jLGFwe92sK5b57cwFp6eGoI34fMxFq7jysaIabIOkWcCRx/L
InEr/P8Ez1pl9LRh4iv5uyifEXuUv4Xj0ZJEIagkxCcLW0PZpZrvNgG8DwqLKAbl
qWXVv4V4BF0prl0+KK/6UY1qCxsddWUvXBKAyW2nHmrgAtGfDceNyPT+LvAML8Sb
tHOVOvlMlJqUNbRgMLH1uHuS5I1wXRr9qyJP5OyVYHC47OUSl7dT5ABo/xAL9MbC
XQW12tGZ/aST30UdVMWjD74tVc3QEtX6kMnoM9ARPso04m5FWW6xVXw=
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:21:16 2025 by rpki-client