Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231372e3132362e302f32332d3332203d3e203531313637.roa
File: 3138352e3231372e3132362e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: 7eXJO97mMutvCTp93hNxNswQW0XF3ePFah6ePmRdTSs=
Subject key identifier: B9:70:92:0A:41:C3:9B:11:5B:89:6A:39:0C:D5:9D:FC:41:3A:A0:02
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1C3C4FBA069011A6828B6D796343C8479271D4F5
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231372e3132362e302f32332d3332203d3e203531313637.roa
Signing time: Fri 22 Aug 2025 14:47:10 +0000
ROA not before: Fri 22 Aug 2025 14:42:10 +0000
ROA not after: Fri 21 Aug 2026 14:47:10 +0000
asID: 51167
IP address blocks: 185.217.126.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:3c:4f:ba:06:90:11:a6:82:8b:6d:79:63:43:c8:47:92:71:d4:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 22 14:42:10 2025 GMT
Not After : Aug 21 14:47:10 2026 GMT
Subject: CN=B970920A41C39B115B896A390CD59DFC413AA002
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:79:51:0d:5a:89:94:51:c9:cd:49:14:bc:ea:
c4:60:d4:11:84:f2:e9:cf:fe:fd:a8:83:a3:cb:5b:
45:c7:55:aa:72:01:0b:b1:cd:80:f5:b9:8a:37:e5:
60:9c:bf:4e:b3:7d:4e:a8:0c:d8:ef:a5:06:98:a7:
a4:9e:f5:53:8d:c3:33:c0:33:86:82:62:ca:52:e8:
20:5c:26:14:c2:b7:b3:01:18:32:b5:ff:f5:eb:b5:
1d:a8:e8:68:53:58:ec:06:9b:0c:1e:29:89:e1:53:
59:03:29:d3:7d:da:0c:94:6e:bb:80:7e:b9:96:e0:
4a:4c:57:3a:3c:e0:65:c0:39:f7:c6:92:01:f9:21:
69:8a:57:99:e6:c3:18:e3:b3:aa:1a:81:59:d5:d7:
7f:64:31:1d:a3:f6:e5:9e:fa:53:80:aa:22:dc:33:
13:51:f6:b4:5f:d1:3f:f9:87:05:d7:3e:a1:ab:c0:
c2:4a:77:a1:c7:0e:16:7c:32:b5:9d:50:64:be:5b:
ab:01:32:f6:46:19:b2:43:46:f0:60:8f:e5:e5:c8:
3d:23:ae:7c:81:c6:24:01:49:90:23:9e:4a:40:cb:
ed:63:88:63:21:56:b5:9d:0f:ea:77:79:55:b8:74:
81:d4:2b:f3:73:96:50:0a:f7:bb:4c:1b:1e:53:3f:
85:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:70:92:0A:41:C3:9B:11:5B:89:6A:39:0C:D5:9D:FC:41:3A:A0:02
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231372e3132362e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.126.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:fc:12:1d:b8:5a:22:06:4a:3b:9c:74:bd:e2:37:9e:46:c5:
20:a5:09:1c:e4:d7:a3:0d:c8:48:7c:e5:d6:04:ac:cd:67:7d:
3f:58:e3:0f:6e:84:e1:be:d7:24:ac:a4:56:50:11:39:64:c1:
0d:a3:26:75:3a:a3:5d:db:87:c1:1e:ad:8f:d2:77:f8:ec:4a:
cf:de:a1:d8:9d:26:59:ec:c9:6a:b0:ca:14:ae:eb:77:fb:42:
4f:dd:66:ae:ba:ef:58:7e:18:23:9c:5e:57:c9:2f:6d:31:f3:
ff:90:93:8c:7d:d0:b2:af:38:80:09:f0:e2:f3:43:15:43:31:
45:54:fc:fe:ee:c4:e4:08:ba:8e:b0:a8:91:9c:c7:10:99:0f:
0e:e6:45:0d:67:bb:91:f7:55:6e:c0:0f:86:3b:03:bd:59:52:
94:93:31:0c:bc:ce:94:64:17:c8:a4:9f:8f:53:49:e8:e6:8b:
79:db:c8:9c:21:30:7b:be:d1:09:4b:ae:e9:22:5e:53:9a:2a:
b9:26:8e:5a:3c:c4:55:4a:20:47:08:96:7c:ca:5e:e9:24:11:
77:3f:db:21:93:1e:d1:2b:e1:03:d2:7c:b3:55:69:b6:6e:cf:
5b:60:d2:b2:e9:98:1d:8d:38:f3:46:a0:48:51:09:91:b5:b7:
1c:c6:3a:df
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUHDxPugaQEaaCi215Y0PIR5Jx1PUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjIxNDQyMTBaFw0yNjA4MjExNDQ3MTBaMDMxMTAvBgNV
BAMTKEI5NzA5MjBBNDFDMzlCMTE1Qjg5NkEzOTBDRDU5REZDNDEzQUEwMDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDheVENWomUUcnNSRS86sRg1BGE
8unP/v2og6PLW0XHVapyAQuxzYD1uYo35WCcv06zfU6oDNjvpQaYp6Se9VONwzPA
M4aCYspS6CBcJhTCt7MBGDK1//XrtR2o6GhTWOwGmwweKYnhU1kDKdN92gyUbruA
frmW4EpMVzo84GXAOffGkgH5IWmKV5nmwxjjs6oagVnV139kMR2j9uWe+lOAqiLc
MxNR9rRf0T/5hwXXPqGrwMJKd6HHDhZ8MrWdUGS+W6sBMvZGGbJDRvBgj+XlyD0j
rnyBxiQBSZAjnkpAy+1jiGMhVrWdD+p3eVW4dIHUK/NzllAK97tMGx5TP4WxAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUuXCSCkHDmxFbiWo5DNWd/EE6oAIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzcyZTMx
MzIzNjJlMzAyZjMyMzMyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG52X4wDQYJKoZIhvcNAQELBQADggEBAF38Eh24WiIGSjucdL3iN55GxSClCRzk
16MNyEh85dYErM1nfT9Y4w9uhOG+1ySspFZQETlkwQ2jJnU6o13bh8EerY/Sd/js
Ss/eodidJlnsyWqwyhSu63f7Qk/dZq6671h+GCOcXlfJL20x8/+Qk4x90LKvOIAJ
8OLzQxVDMUVU/P7uxOQIuo6wqJGcxxCZDw7mRQ1nu5H3VW7AD4Y7A71ZUpSTMQy8
zpRkF8ikn49TSejmi3nbyJwhMHu+0QlLrukiXlOaKrkmjlo8xFVKIEcIlnzKXukk
EXc/2yGTHtEr4QPSfLNVabZuz1tg0rLpmB2NOPNGoEhRCZG1txzGOt8=
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:46:11 2025 by rpki-client