Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e37382e302f32342d3234203d3e20313336373837.roa
File: 3135382e3232302e37382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: gnVEntAijiECpzMeRjxlOc72aOHEQrK1cjteDkhSxBI=
Subject key identifier: 0B:46:E8:2F:FD:29:84:18:4D:98:89:56:3A:AC:58:91:43:5B:CA:F7
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5A343C1D55F582F600BB2AEB674982518AD8A367
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e37382e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 27 Aug 2025 19:47:27 +0000
ROA not before: Wed 27 Aug 2025 19:42:27 +0000
ROA not after: Wed 26 Aug 2026 19:47:27 +0000
asID: 136787
IP address blocks: 158.220.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 12:36:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:34:3c:1d:55:f5:82:f6:00:bb:2a:eb:67:49:82:51:8a:d8:a3:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 27 19:42:27 2025 GMT
Not After : Aug 26 19:47:27 2026 GMT
Subject: CN=0B46E82FFD2984184D9889563AAC5891435BCAF7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:9f:9e:b7:f2:56:4e:2a:c9:20:4b:8f:1e:7e:
89:78:5e:af:63:23:5b:5a:4c:0f:f5:66:4a:5e:d9:
95:c0:e8:bd:b2:77:44:5d:8b:5f:26:b4:e8:1d:68:
7a:78:14:76:88:3e:ba:9c:27:d5:f2:c7:11:ad:fe:
53:01:5d:56:14:b9:6e:f6:cd:ff:ff:b5:96:7b:a9:
a2:c7:79:d0:16:e2:5c:3f:ab:9c:9d:27:4e:6c:68:
e8:ca:cc:76:77:d4:8b:ce:d6:13:81:0b:5d:e7:9d:
4e:78:96:1e:38:88:7f:9f:e6:ee:cc:2d:f5:04:7d:
29:ea:11:e2:0f:9d:41:30:64:c8:ce:3a:05:d2:e1:
2b:14:8c:52:29:4c:15:4e:8f:ae:6a:1b:df:17:e2:
2b:12:dc:c0:60:28:1a:53:46:8b:dc:ad:9b:d1:b8:
44:db:f8:c4:94:25:31:54:81:e0:cb:b3:d3:dc:d9:
63:72:d7:b7:e5:4f:e5:26:8a:17:c5:0c:7b:26:04:
62:b5:ff:01:f2:96:c7:ed:f2:86:1b:1b:15:50:00:
7e:bd:63:d5:54:1a:c7:77:df:86:cc:7c:3b:2c:bd:
44:a5:70:85:00:0f:33:3a:72:6a:a4:b4:6d:cc:6d:
36:d3:6a:c5:1b:46:ed:e0:24:b5:6d:08:51:32:0d:
e8:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:46:E8:2F:FD:29:84:18:4D:98:89:56:3A:AC:58:91:43:5B:CA:F7
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e37382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.220.78.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:65:84:7c:0b:94:17:c0:2c:f4:49:b6:09:73:a7:59:c9:17:
f4:d5:d3:6e:83:d4:b2:73:96:a3:b2:a8:db:37:2a:2b:d1:e2:
cf:60:05:c4:50:81:df:14:22:b0:a9:ad:8e:26:4a:3e:6c:f8:
12:ab:15:07:73:23:c9:75:07:47:31:4f:f0:c1:e9:b5:8a:73:
38:32:6b:d0:a2:18:75:1c:17:09:81:bb:93:69:96:14:31:f2:
53:8e:8b:a0:ac:3d:01:44:ca:f3:94:1a:2d:dc:e4:82:29:0b:
84:67:69:9a:af:0e:da:cb:47:b2:48:03:b2:a0:73:34:fb:f2:
5e:17:34:2c:0b:fd:84:1c:ea:04:f8:0e:12:62:16:3b:01:b4:
d9:d4:7c:b1:0d:de:b9:14:84:8e:f8:93:08:8e:7c:1a:6f:b7:
aa:a3:e3:fa:8d:f3:b6:28:3f:a8:99:79:6e:a9:c8:31:97:94:
c9:f4:80:c4:22:d4:19:29:5f:83:6e:e4:8e:8c:43:6c:79:a2:
4b:33:b8:33:73:00:54:fe:c7:83:ce:5a:73:1e:a8:b3:a3:f2:
18:f6:4f:c1:e2:76:a6:53:cc:a2:0c:66:23:71:d0:93:d5:a7:
3c:a1:d9:cc:95:db:f3:2d:d2:06:a6:a8:16:b9:c0:be:55:82:
20:93:e3:1d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUWjQ8HVX1gvYAuyrrZ0mCUYrYo2cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjcxOTQyMjdaFw0yNjA4MjYxOTQ3MjdaMDMxMTAvBgNV
BAMTKDBCNDZFODJGRkQyOTg0MTg0RDk4ODk1NjNBQUM1ODkxNDM1QkNBRjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcn5638lZOKskgS48efol4Xq9j
I1taTA/1Zkpe2ZXA6L2yd0Rdi18mtOgdaHp4FHaIPrqcJ9XyxxGt/lMBXVYUuW72
zf//tZZ7qaLHedAW4lw/q5ydJ05saOjKzHZ31IvO1hOBC13nnU54lh44iH+f5u7M
LfUEfSnqEeIPnUEwZMjOOgXS4SsUjFIpTBVOj65qG98X4isS3MBgKBpTRovcrZvR
uETb+MSUJTFUgeDLs9Pc2WNy17flT+UmihfFDHsmBGK1/wHylsft8oYbGxVQAH69
Y9VUGsd334bMfDssvUSlcIUADzM6cmqktG3MbTbTasUbRu3gJLVtCFEyDegvAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUC0boL/0phBhNmIlWOqxYkUNbyvcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM4MmUzMjMyMzAyZTM3
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACe3E4wDQYJKoZIhvcNAQELBQADggEBAItlhHwLlBfALPRJtglzp1nJF/TV026D
1LJzlqOyqNs3KivR4s9gBcRQgd8UIrCprY4mSj5s+BKrFQdzI8l1B0cxT/DB6bWK
czgya9CiGHUcFwmBu5NplhQx8lOOi6CsPQFEyvOUGi3c5IIpC4RnaZqvDtrLR7JI
A7KgczT78l4XNCwL/YQc6gT4DhJiFjsBtNnUfLEN3rkUhI74kwiOfBpvt6qj4/qN
87YoP6iZeW6pyDGXlMn0gMQi1BkpX4Nu5I6MQ2x5okszuDNzAFT+x4POWnMeqLOj
8hj2T8HidqZTzKIMZiNx0JPVpzyh2cyV2/Mt0gamqBa5wL5VgiCT4x0=
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:30:51 2025 by rpki-client