Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3131382e302f32342d3234203d3e20333935373933.roa
File: 3134352e37392e3131382e302f32342d3234203d3e20333935373933.roa (raw, json)
Hash identifier: U5NxPSxzqPNobMmsM9/o3gMs+rLOSlr5pn7nommKMjo=
Subject key identifier: 46:27:F4:88:99:36:F5:FF:D0:B4:E2:FA:4E:45:80:6D:C0:61:19:23
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1B2935F8B94B6145892794496A030968BA9E7002
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3131382e302f32342d3234203d3e20333935373933.roa
Signing time: Wed 09 Jul 2025 10:50:02 +0000
ROA not before: Wed 09 Jul 2025 10:45:02 +0000
ROA not after: Wed 08 Jul 2026 10:50:02 +0000
asID: 395793
IP address blocks: 145.79.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 04:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:29:35:f8:b9:4b:61:45:89:27:94:49:6a:03:09:68:ba:9e:70:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 9 10:45:02 2025 GMT
Not After : Jul 8 10:50:02 2026 GMT
Subject: CN=4627F4889936F5FFD0B4E2FA4E45806DC0611923
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:9c:af:e8:25:85:44:54:e1:84:0a:7c:15:a9:
f1:26:12:6d:7c:6e:b4:d8:1b:b2:9b:2a:94:14:65:
a6:ee:27:7f:54:2e:96:18:c4:be:2f:12:79:a1:2f:
04:50:af:9d:fe:85:be:d4:2f:85:dd:29:bf:33:7a:
e3:26:6e:b2:5c:ba:d3:ae:c6:84:86:ba:19:73:11:
7b:00:96:61:32:a0:20:80:c1:cc:77:80:aa:e6:4a:
a6:c0:99:08:a2:30:69:44:bd:5c:c4:fa:46:50:60:
b2:e9:27:70:07:4c:d1:1b:dc:a5:b5:d1:63:87:a5:
33:6f:e9:b0:c0:0d:b8:b7:18:b3:e1:1d:55:92:ce:
6d:3e:4a:e2:4a:5d:ec:99:22:33:76:7d:16:08:ed:
27:32:5c:cb:6b:f0:6e:1c:82:01:93:14:67:fc:e7:
f5:80:80:67:5e:32:90:85:f1:1e:fa:85:e7:77:5e:
b9:ee:08:79:ab:a0:bd:9f:9e:f4:ce:f9:da:15:af:
cc:24:96:bd:d3:ca:b5:d4:0c:8c:c5:ef:22:44:a7:
b7:2d:80:ed:39:17:dd:e9:d2:b0:33:56:46:c8:7a:
b9:b3:31:d1:f6:11:50:1d:8f:1b:5c:fe:fa:0f:d1:
c8:fd:6b:18:9d:b6:09:65:b1:ee:fa:26:d0:80:13:
45:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:27:F4:88:99:36:F5:FF:D0:B4:E2:FA:4E:45:80:6D:C0:61:19:23
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3131382e302f32342d3234203d3e20333935373933.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.79.118.0/24
Signature Algorithm: sha256WithRSAEncryption
69:6d:8d:ec:f0:e6:61:a5:b8:07:06:a0:6d:80:5a:1c:90:08:
93:ab:d1:49:d3:98:d6:e8:e8:9f:9f:90:a4:87:7f:da:0c:38:
85:5e:b4:a5:33:d2:cb:5f:43:a2:56:3c:f5:a7:ee:49:f3:83:
5a:3a:08:9c:60:16:d4:de:a4:50:a5:21:6d:56:eb:dc:0d:19:
bb:fd:c1:9c:3b:44:4e:65:0e:9a:4d:f9:b9:98:00:66:dd:cb:
61:76:a8:fb:6c:5f:77:a2:5e:a5:f4:e7:9e:73:0e:cb:ec:de:
40:c3:a4:02:3e:ba:29:b5:ee:9e:bf:85:52:ff:9a:5c:0c:77:
a4:5b:a1:3f:b5:66:4c:8f:21:1b:f5:e1:12:6a:c1:c2:cd:a5:
d6:7e:1d:d7:30:12:28:88:d1:98:46:34:44:7a:4e:c3:89:eb:
29:d7:cc:cb:46:33:8b:a2:e9:8b:01:8c:81:30:ce:f1:d4:22:
03:eb:14:cd:f1:de:a5:19:91:8c:b9:07:90:cf:7d:52:74:f7:
20:3e:aa:3a:fa:57:63:c7:87:a8:f2:92:67:fe:db:07:bb:52:
4c:97:77:3a:81:14:04:1a:6a:04:79:c0:44:a7:18:d1:e2:8d:
e1:bd:34:2e:23:b5:07:57:7e:80:0a:cd:fe:19:b1:fc:93:f9:
2a:3d:cf:e8
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUGyk1+LlLYUWJJ5RJagMJaLqecAIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA3MDkxMDQ1MDJaFw0yNjA3MDgxMDUwMDJaMDMxMTAvBgNV
BAMTKDQ2MjdGNDg4OTkzNkY1RkZEMEI0RTJGQTRFNDU4MDZEQzA2MTE5MjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7nK/oJYVEVOGECnwVqfEmEm18
brTYG7KbKpQUZabuJ39ULpYYxL4vEnmhLwRQr53+hb7UL4XdKb8zeuMmbrJcutOu
xoSGuhlzEXsAlmEyoCCAwcx3gKrmSqbAmQiiMGlEvVzE+kZQYLLpJ3AHTNEb3KW1
0WOHpTNv6bDADbi3GLPhHVWSzm0+SuJKXeyZIjN2fRYI7ScyXMtr8G4cggGTFGf8
5/WAgGdeMpCF8R76hed3XrnuCHmroL2fnvTO+doVr8wklr3TyrXUDIzF7yJEp7ct
gO05F93p0rAzVkbIermzMdH2EVAdjxtc/voP0cj9axidtgllse76JtCAE0XJAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQURif0iJk29f/QtOL6TkWAbcBhGSMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzNzM5MmUzMTMx
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzUzNzM5MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACRT3YwDQYJKoZIhvcNAQELBQADggEBAGltjezw5mGluAcGoG2AWhyQCJOr0UnT
mNbo6J+fkKSHf9oMOIVetKUz0stfQ6JWPPWn7knzg1o6CJxgFtTepFClIW1W69wN
Gbv9wZw7RE5lDppN+bmYAGbdy2F2qPtsX3eiXqX0555zDsvs3kDDpAI+uim17p6/
hVL/mlwMd6RboT+1ZkyPIRv14RJqwcLNpdZ+HdcwEiiI0ZhGNER6TsOJ6ynXzMtG
M4ui6YsBjIEwzvHUIgPrFM3x3qUZkYy5B5DPfVJ09yA+qjr6V2PHh6jykmf+2we7
UkyXdzqBFAQaagR5wESnGNHijeG9NC4jtQdXfoAKzf4ZsfyT+So9z+g=
-----END CERTIFICATE-----
Generated at Sun Jul 20 11:44:26 2025 by rpki-client