Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e322e302f32342d3234203d3e20323031393439.roa
File: 3135392e3235332e322e302f32342d3234203d3e20323031393439.roa (raw, json)
Hash identifier: rMlznZEKjgK14Dq61AY4g7iAg2BKRbr2SN8fW4K6f5M=
Subject key identifier: 0E:B7:14:54:FF:64:FD:76:B4:30:0D:00:D5:B5:D0:68:F4:18:8E:2D
Certificate issuer: /CN=4c189e42f35c944d463d9ea6501f093eb62ba785
Certificate serial: 6786BAE73882251F1F7089CEAE29A38E757A5FEA
Authority key identifier: 4C:18:9E:42:F3:5C:94:4D:46:3D:9E:A6:50:1F:09:3E:B6:2B:A7:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e322e302f32342d3234203d3e20323031393439.roa
Signing time: Fri 11 Jul 2025 14:02:50 +0000
ROA not before: Fri 11 Jul 2025 13:57:50 +0000
ROA not after: Fri 10 Jul 2026 14:02:50 +0000
asID: 201949
IP address blocks: 159.253.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.crl
rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.mft
rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 10:26:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:86:ba:e7:38:82:25:1f:1f:70:89:ce:ae:29:a3:8e:75:7a:5f:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c189e42f35c944d463d9ea6501f093eb62ba785
Validity
Not Before: Jul 11 13:57:50 2025 GMT
Not After : Jul 10 14:02:50 2026 GMT
Subject: CN=0EB71454FF64FD76B4300D00D5B5D068F4188E2D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:55:07:37:6e:ac:80:11:60:51:fa:f6:ca:30:
ff:e9:c2:87:ad:f9:53:83:82:b2:bf:b4:16:8b:5c:
d5:76:cc:7f:7e:9d:3a:37:00:a7:1c:13:d8:f7:31:
0b:73:35:d4:dd:d3:0d:e9:4c:bd:05:bd:1e:9d:84:
2b:09:ca:5c:ce:3d:4e:84:ff:07:70:d6:f7:95:8d:
73:d9:29:bc:0f:0c:86:d4:a7:97:62:52:69:81:92:
77:47:c3:42:66:bb:12:fb:58:77:5d:97:2c:5b:30:
81:15:fc:8a:6e:5e:ba:52:0b:eb:c3:bc:6d:3e:05:
14:c4:90:e5:d7:8c:ea:9c:61:dd:39:c0:1c:48:a6:
8c:01:99:28:f3:7e:74:1d:b6:e7:69:ae:73:fe:cf:
64:5f:d1:3c:fb:c1:08:d3:8c:e7:56:54:63:1e:93:
fb:9d:df:5e:37:05:f5:ec:f2:78:54:63:26:99:d4:
3d:d5:6e:b6:66:13:06:1c:82:a3:44:cc:21:be:a7:
91:3c:2f:dd:d9:6b:b8:da:8f:c1:89:6f:6e:51:de:
61:9a:40:0d:40:71:c4:3c:47:0b:c2:ba:d5:3d:24:
47:d4:32:f7:8f:a6:c8:67:d4:a5:6b:e9:58:84:52:
ee:61:ed:5c:88:57:19:79:fe:05:7e:b5:ea:92:5d:
9b:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:B7:14:54:FF:64:FD:76:B4:30:0D:00:D5:B5:D0:68:F4:18:8E:2D
X509v3 Authority Key Identifier:
keyid:4C:18:9E:42:F3:5C:94:4D:46:3D:9E:A6:50:1F:09:3E:B6:2B:A7:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e322e302f32342d3234203d3e20323031393439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.253.2.0/24
Signature Algorithm: sha256WithRSAEncryption
73:ef:09:3d:c5:52:eb:ae:8a:5c:1e:d0:eb:0c:fa:e7:56:cc:
3f:ca:87:b1:14:fc:4f:2b:3a:84:28:54:b8:1e:6c:33:66:3f:
03:42:7c:44:88:8f:e3:a7:c9:1e:81:3f:bc:a7:f4:67:0e:87:
b6:63:8e:be:19:aa:9d:27:42:e6:07:eb:2e:a6:0e:05:5b:6b:
53:8a:ca:26:db:07:0a:8e:d3:3b:e5:10:8f:93:43:94:1a:f2:
11:3a:0f:c2:e0:a8:cc:7e:a7:c7:23:f4:3e:8e:2f:1b:78:2f:
e9:5a:2a:ca:a6:12:05:d6:a1:d5:0a:38:56:f6:a5:3f:72:3e:
3a:96:a9:34:53:4d:9f:12:bf:b0:8c:f6:e7:85:d1:ed:c2:ba:
51:ea:32:82:cc:7e:54:9b:f9:f0:cf:cc:14:75:b8:42:4c:48:
ba:c3:2a:b6:d9:d0:e1:49:c9:74:36:45:e1:5d:8d:26:ce:ac:
09:80:97:38:ba:17:6b:1f:01:bd:f3:6f:b0:1d:67:c1:0a:7e:
fd:a0:32:ce:ae:5d:d0:3d:cc:00:32:96:34:ff:3e:39:8e:9d:
9f:6e:dd:ce:90:c1:8e:50:4c:fd:11:62:94:b9:af:a5:61:20:
69:d9:db:4a:29:52:65:d7:8f:89:47:01:35:1d:5d:32:a0:59:
19:66:e4:22
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUZ4a65ziCJR8fcInOrimjjnV6X+owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGMxODllNDJmMzVjOTQ0ZDQ2M2Q5ZWE2NTAxZjA5M2Vi
NjJiYTc4NTAeFw0yNTA3MTExMzU3NTBaFw0yNjA3MTAxNDAyNTBaMDMxMTAvBgNV
BAMTKDBFQjcxNDU0RkY2NEZENzZCNDMwMEQwMEQ1QjVEMDY4RjQxODhFMkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIVQc3bqyAEWBR+vbKMP/pwoet
+VODgrK/tBaLXNV2zH9+nTo3AKccE9j3MQtzNdTd0w3pTL0FvR6dhCsJylzOPU6E
/wdw1veVjXPZKbwPDIbUp5diUmmBkndHw0JmuxL7WHddlyxbMIEV/IpuXrpSC+vD
vG0+BRTEkOXXjOqcYd05wBxIpowBmSjzfnQdtudprnP+z2Rf0Tz7wQjTjOdWVGMe
k/ud3143BfXs8nhUYyaZ1D3VbrZmEwYcgqNEzCG+p5E8L93Za7jaj8GJb25R3mGa
QA1AccQ8RwvCutU9JEfUMvePpshn1KVr6ViEUu5h7VyIVxl5/gV+teqSXZuLAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUDrcUVP9k/Xa0MA0A1bXQaPQYji0wHwYDVR0j
BBgwFoAUTBieQvNclE1GPZ6mUB8JPrYrp4UwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2U1MTBlMTctMzFmYS00MTRiLTk4OWUtMDI2ZGJiNmZk
ZjUxLzAvNEMxODlFNDJGMzVDOTQ0RDQ2M0Q5RUE2NTAxRjA5M0VCNjJCQTc4NS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RCaWVRdk5jbEUxR1BaNm1VQjhKUHJZ
cnA0VS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2U1MTBlMTct
MzFmYS00MTRiLTk4OWUtMDI2ZGJiNmZkZjUxLzAvMzEzNTM5MmUzMjM1MzMyZTMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMxMzkzNDM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
n/0CMA0GCSqGSIb3DQEBCwUAA4IBAQBz7wk9xVLrropcHtDrDPrnVsw/yoexFPxP
KzqEKFS4HmwzZj8DQnxEiI/jp8kegT+8p/RnDoe2Y46+GaqdJ0LmB+supg4FW2tT
isom2wcKjtM75RCPk0OUGvIROg/C4KjMfqfHI/Q+ji8beC/pWirKphIF1qHVCjhW
9qU/cj46lqk0U02fEr+wjPbnhdHtwrpR6jKCzH5Um/nwz8wUdbhCTEi6wyq22dDh
Scl0NkXhXY0mzqwJgJc4uhdrHwG982+wHWfBCn79oDLOrl3QPcwAMpY0/z45jp2f
bt3OkMGOUEz9EWKUua+lYSBp2dtKKVJl14+JRwE1HV0yoFkZZuQi
-----END CERTIFICATE-----
Generated at Tue Jul 22 20:06:35 2025 by rpki-client