Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e38342e302f32342d3234203d3e203633343733.roa
File: 3137362e3132362e38342e302f32342d3234203d3e203633343733.roa (raw, json)
Hash identifier: XICmBDzz42Pv+DtO4sutdanveCEyCtkaVjEmGy3SPsQ=
Subject key identifier: 88:D2:67:E5:20:80:60:37:A1:E1:97:3E:24:36:94:24:9A:04:AB:8E
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 03263B12DBBAD088A5E5D2488F6BAD813AAEB4F4
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e38342e302f32342d3234203d3e203633343733.roa
Signing time: Sun 22 Jun 2025 08:46:42 +0000
ROA not before: Sun 22 Jun 2025 08:41:42 +0000
ROA not after: Sun 21 Jun 2026 08:46:42 +0000
asID: 63473
IP address blocks: 176.126.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:26:3b:12:db:ba:d0:88:a5:e5:d2:48:8f:6b:ad:81:3a:ae:b4:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 22 08:41:42 2025 GMT
Not After : Jun 21 08:46:42 2026 GMT
Subject: CN=88D267E520806037A1E1973E243694249A04AB8E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:4c:15:50:47:8e:c9:d8:2d:5b:b4:b4:e3:15:
75:d8:1d:9c:33:7f:1d:3b:c8:9c:ae:0d:bd:91:a2:
56:fe:d0:b6:51:e6:78:a7:da:e3:bb:f9:13:54:18:
cf:36:1e:f7:ca:fa:5e:1c:15:c0:65:7d:4c:ff:4a:
10:f6:17:36:7e:e8:bb:d5:c1:cd:9e:5f:0b:f7:97:
c0:3f:c0:f8:73:c8:6f:95:e8:e6:d3:70:d9:e2:df:
8f:14:70:a9:14:58:e3:2f:2d:63:5d:90:ca:4f:c0:
07:7b:bf:bf:4a:79:75:58:33:b4:cb:9f:e0:f5:e3:
b9:44:8d:b2:a7:30:36:11:2d:0c:6c:32:36:c4:fa:
86:47:64:11:34:10:f6:fc:79:40:8d:39:ec:f2:9b:
06:02:bc:f5:03:9d:65:f6:b7:75:f8:9b:69:3d:3d:
1e:02:6d:52:98:f3:08:57:fa:3d:20:c9:95:26:6f:
3e:f4:c3:03:df:8e:95:d0:a8:0c:e7:bd:bb:a5:ae:
be:70:e4:05:ec:f3:8e:f3:f5:c6:71:ba:a5:57:92:
fc:6f:73:e2:08:be:d7:b5:73:ce:32:46:01:d7:5c:
0e:c7:9d:e3:af:6b:25:1e:38:38:3e:55:bd:0b:37:
16:a8:5e:b9:d2:25:9b:9a:0b:90:72:9e:d0:09:38:
b4:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:D2:67:E5:20:80:60:37:A1:E1:97:3E:24:36:94:24:9A:04:AB:8E
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e38342e302f32342d3234203d3e203633343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.126.84.0/24
Signature Algorithm: sha256WithRSAEncryption
63:8e:6d:27:7e:71:12:14:ab:c3:d0:f3:5e:b3:dc:3a:72:3b:
50:71:89:1b:4b:b6:62:49:46:ca:6c:fe:83:77:55:56:84:89:
24:85:f5:20:2c:4c:aa:14:a3:43:0d:e3:18:5a:2e:dc:a3:17:
11:77:2a:7b:36:ff:94:99:a7:92:b5:68:8b:32:b3:d8:c2:58:
64:66:3e:e4:98:01:8d:a6:7b:85:df:7d:b6:2e:d8:0f:e1:cd:
ff:c6:9d:68:15:13:d4:37:52:c5:ee:fe:07:bc:56:b8:93:c6:
81:9b:a3:37:fb:ce:58:7b:83:aa:dc:21:8c:81:aa:7a:8b:83:
0d:5b:58:4f:5f:66:9a:12:a1:26:f6:f5:51:b9:2a:7b:02:4f:
4b:84:7b:3f:da:c8:4b:20:c0:d6:d1:e0:3a:37:67:2c:87:c0:
f6:f6:be:e8:6e:16:d9:b5:d5:0a:af:24:ff:1e:d6:67:10:b8:
b1:4b:86:80:07:07:9c:fd:a7:ab:27:59:da:d8:16:48:bc:15:
a6:f5:6f:a4:f6:98:d1:f8:a8:54:26:76:1f:9e:0e:ea:97:ad:
62:2c:ea:ae:64:38:c9:f8:fa:9f:8c:dc:a7:62:9e:1d:c5:ed:
c6:04:46:55:b9:ce:3d:91:88:f9:aa:ef:ab:3f:98:16:65:9e:
54:6b:81:c0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUAyY7Etu60Iil5dJIj2utgTqutPQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA2MjIwODQxNDJaFw0yNjA2MjEwODQ2NDJaMDMxMTAvBgNV
BAMTKDg4RDI2N0U1MjA4MDYwMzdBMUUxOTczRTI0MzY5NDI0OUEwNEFCOEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjTBVQR47J2C1btLTjFXXYHZwz
fx07yJyuDb2Rolb+0LZR5nin2uO7+RNUGM82HvfK+l4cFcBlfUz/ShD2FzZ+6LvV
wc2eXwv3l8A/wPhzyG+V6ObTcNni348UcKkUWOMvLWNdkMpPwAd7v79KeXVYM7TL
n+D147lEjbKnMDYRLQxsMjbE+oZHZBE0EPb8eUCNOezymwYCvPUDnWX2t3X4m2k9
PR4CbVKY8whX+j0gyZUmbz70wwPfjpXQqAznvbulrr5w5AXs847z9cZxuqVXkvxv
c+IIvte1c84yRgHXXA7HneOvayUeODg+Vb0LNxaoXrnSJZuaC5ByntAJOLTXAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUiNJn5SCAYDeh4Zc+JDaUJJoEq44wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNzM2MmUzMTMyMzYyZTM4
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMzMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
sH5UMA0GCSqGSIb3DQEBCwUAA4IBAQBjjm0nfnESFKvD0PNes9w6cjtQcYkbS7Zi
SUbKbP6Dd1VWhIkkhfUgLEyqFKNDDeMYWi7coxcRdyp7Nv+UmaeStWiLMrPYwlhk
Zj7kmAGNpnuF3322LtgP4c3/xp1oFRPUN1LF7v4HvFa4k8aBm6M3+85Ye4Oq3CGM
gap6i4MNW1hPX2aaEqEm9vVRuSp7Ak9LhHs/2shLIMDW0eA6N2csh8D29r7obhbZ
tdUKryT/HtZnELixS4aABwec/aerJ1na2BZIvBWm9W+k9pjR+KhUJnYfng7ql61i
LOquZDjJ+PqfjNynYp4dxe3GBEZVuc49kYj5qu+rP5gWZZ5Ua4HA
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:06:14 2025 by rpki-client