Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e3133342e302f32332d3332203d3e203531313637.roa
File: 3138352e3231342e3133342e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: SoimnDyGVnaMpvfZWJmjzyt+H0ViCDSFmHPKskp4kKA=
Subject key identifier: B7:EC:8F:A1:71:B8:60:CE:79:51:FC:00:54:4E:00:8F:3A:2E:78:29
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7EBA7ABDD1E1B5A5761B5C5E69097FED9DB570E6
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e3133342e302f32332d3332203d3e203531313637.roa
Signing time: Fri 22 Aug 2025 14:47:14 +0000
ROA not before: Fri 22 Aug 2025 14:42:14 +0000
ROA not after: Fri 21 Aug 2026 14:47:14 +0000
asID: 51167
IP address blocks: 185.214.134.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:ba:7a:bd:d1:e1:b5:a5:76:1b:5c:5e:69:09:7f:ed:9d:b5:70:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 22 14:42:14 2025 GMT
Not After : Aug 21 14:47:14 2026 GMT
Subject: CN=B7EC8FA171B860CE7951FC00544E008F3A2E7829
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e7:44:7f:fa:98:3e:dd:c0:d9:1c:f7:51:8c:
3c:04:b6:7d:13:36:6e:5f:2a:bc:0e:be:68:0b:a8:
8f:47:cc:59:05:c9:54:86:dd:46:7e:a1:5e:ec:9d:
63:14:49:47:29:2d:31:a7:7c:24:09:cd:4e:b1:ad:
0a:2f:95:9b:19:79:da:33:c7:0f:93:53:eb:de:8b:
6b:28:58:f7:06:da:11:3a:08:71:fa:bd:45:f6:31:
d9:45:97:9e:ee:d4:0c:04:6f:4c:5d:14:38:0c:94:
af:d8:93:fd:97:f2:68:e1:56:e6:fa:a2:54:c3:08:
95:1b:ef:15:48:b5:7c:bb:ad:3f:85:c1:8b:86:75:
dd:dd:f3:de:95:12:77:56:0e:c8:6f:5f:a1:96:b8:
d6:a4:56:17:2e:26:98:ff:f9:29:e9:df:8d:a3:22:
53:24:6c:35:d7:36:49:55:37:dc:7f:d3:c5:2d:a6:
cb:14:d2:f3:a7:5d:bb:1b:70:1a:1f:25:38:be:e3:
45:43:c5:6a:7b:a9:a5:ff:e5:83:b0:57:d8:41:ef:
54:c1:21:dc:8e:6c:0e:a6:9a:fe:6d:67:28:82:37:
b3:a1:d9:e6:16:1f:f1:2a:66:7b:16:54:6c:d3:eb:
16:76:cf:91:cf:8d:79:28:31:8f:ee:19:bd:9a:c8:
83:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:EC:8F:A1:71:B8:60:CE:79:51:FC:00:54:4E:00:8F:3A:2E:78:29
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e3133342e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.134.0/23
Signature Algorithm: sha256WithRSAEncryption
32:f0:9e:b5:ad:3f:ea:90:2d:22:ca:a6:91:5d:52:be:7b:11:
3f:e1:c2:1e:f9:2f:da:16:30:c5:f5:9c:0b:0c:5f:f4:95:22:
54:1a:e3:6e:56:2b:ad:51:6e:43:ce:67:4b:8a:e9:db:99:2b:
7b:b5:18:d6:6b:65:21:45:8d:8d:3d:bf:5f:01:4b:7f:99:eb:
5c:8c:75:bd:09:6d:33:27:d3:05:2d:3a:bd:37:bc:f7:2f:b4:
95:34:af:b6:48:bd:2b:d5:d8:ef:cb:8a:b7:2f:76:7e:c7:14:
c1:6b:fa:e8:b1:42:b6:d4:04:1e:6b:b5:c3:f3:05:e2:28:86:
fa:2c:56:0c:96:8d:b2:d2:07:b4:6f:c1:44:5a:81:c9:0c:78:
58:ba:f4:d0:69:b1:ee:fe:71:6c:73:87:05:bb:59:2c:23:c0:
44:0e:f6:f9:d2:0e:1d:f0:c8:94:19:aa:1b:01:8f:7e:7a:90:
8f:96:7f:3d:9d:0d:ae:2d:31:c8:9c:b4:28:44:0c:cb:e1:8f:
90:6b:1c:3b:31:e8:4d:28:6b:3a:fd:25:98:5f:aa:1a:de:6e:
b8:de:63:ea:bf:c0:d3:78:32:0a:8b:7c:68:6a:b9:ed:3f:cf:
bf:0c:89:f6:3d:d3:c9:ed:3b:fe:b8:ed:99:02:11:71:37:f4:
3b:eb:23:ac
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUfrp6vdHhtaV2G1xeaQl/7Z21cOYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjIxNDQyMTRaFw0yNjA4MjExNDQ3MTRaMDMxMTAvBgNV
BAMTKEI3RUM4RkExNzFCODYwQ0U3OTUxRkMwMDU0NEUwMDhGM0EyRTc4MjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDP50R/+pg+3cDZHPdRjDwEtn0T
Nm5fKrwOvmgLqI9HzFkFyVSG3UZ+oV7snWMUSUcpLTGnfCQJzU6xrQovlZsZedoz
xw+TU+vei2soWPcG2hE6CHH6vUX2MdlFl57u1AwEb0xdFDgMlK/Yk/2X8mjhVub6
olTDCJUb7xVItXy7rT+FwYuGdd3d896VEndWDshvX6GWuNakVhcuJpj/+Snp342j
IlMkbDXXNklVN9x/08UtpssU0vOnXbsbcBofJTi+40VDxWp7qaX/5YOwV9hB71TB
IdyObA6mmv5tZyiCN7Oh2eYWH/EqZnsWVGzT6xZ2z5HPjXkoMY/uGb2ayIPZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUt+yPoXG4YM55UfwAVE4AjzoueCkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzQyZTMx
MzMzNDJlMzAyZjMyMzMyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG51oYwDQYJKoZIhvcNAQELBQADggEBADLwnrWtP+qQLSLKppFdUr57ET/hwh75
L9oWMMX1nAsMX/SVIlQa425WK61RbkPOZ0uK6duZK3u1GNZrZSFFjY09v18BS3+Z
61yMdb0JbTMn0wUtOr03vPcvtJU0r7ZIvSvV2O/Lircvdn7HFMFr+uixQrbUBB5r
tcPzBeIohvosVgyWjbLSB7RvwURagckMeFi69NBpse7+cWxzhwW7WSwjwEQO9vnS
Dh3wyJQZqhsBj356kI+Wfz2dDa4tMcictChEDMvhj5BrHDsx6E0oazr9JZhfqhre
brjeY+q/wNN4MgqLfGhque0/z78MifY908ntO/647ZkCEXE39DvrI6w=
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:53:47 2025 by rpki-client