Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3132352e302f32342d3234203d3e203332303433.roa
File: 3134352e37392e3132352e302f32342d3234203d3e203332303433.roa (raw, json)
Hash identifier: a8wX4MROKI2paif92yWJfhKJ5twJQSWTK688S0XcHAI=
Subject key identifier: C7:79:87:AA:87:27:32:08:98:F9:53:57:61:37:B4:FB:CF:73:91:E6
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 304A5285ABB86649876CDF0F3B158845F02F3573
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3132352e302f32342d3234203d3e203332303433.roa
Signing time: Wed 09 Jul 2025 10:51:13 +0000
ROA not before: Wed 09 Jul 2025 10:46:13 +0000
ROA not after: Wed 08 Jul 2026 10:51:13 +0000
asID: 32043
IP address blocks: 145.79.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 20:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:4a:52:85:ab:b8:66:49:87:6c:df:0f:3b:15:88:45:f0:2f:35:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 9 10:46:13 2025 GMT
Not After : Jul 8 10:51:13 2026 GMT
Subject: CN=C77987AA8727320898F953576137B4FBCF7391E6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:80:c6:34:8f:3c:96:8b:09:b3:69:5a:46:1d:
52:34:d9:82:4f:59:60:fd:57:4b:d4:98:34:b8:57:
ec:51:e9:b0:7c:73:f1:7c:83:c4:be:e4:34:a7:ff:
a5:6f:37:bd:e8:d6:13:26:4b:21:1b:5a:2a:f6:89:
9b:c6:8a:b0:fd:91:be:39:25:44:24:38:29:d5:c0:
33:c3:aa:46:3d:20:6e:36:0d:1a:42:00:b5:b8:5e:
c0:97:13:2c:ef:30:30:ff:03:28:d8:a2:52:38:e4:
27:11:c1:cf:b1:ed:7f:e0:95:93:5d:c8:8d:2a:f2:
35:52:04:41:07:f2:02:f8:3b:ed:ba:55:01:48:ca:
a4:f2:16:ab:7e:0f:ba:f1:53:13:a8:e6:fd:d7:27:
2c:f0:da:d0:f3:be:7f:58:78:10:c6:59:30:73:46:
c5:c6:2c:02:33:8e:d0:58:7e:7f:58:22:17:9c:be:
33:fb:2a:fa:1a:d5:0e:33:e9:ac:e4:6c:e1:b5:80:
7b:79:8a:72:6c:4a:69:16:6d:eb:d2:2b:6a:df:4e:
c6:a1:fe:cc:cd:70:16:0d:21:4c:79:f4:c7:c7:e5:
35:59:37:8c:eb:d5:90:92:b0:19:92:e4:7c:ce:c9:
2b:81:d6:94:40:4a:f4:0b:a9:8e:59:62:d2:4b:f0:
11:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:79:87:AA:87:27:32:08:98:F9:53:57:61:37:B4:FB:CF:73:91:E6
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3132352e302f32342d3234203d3e203332303433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.79.125.0/24
Signature Algorithm: sha256WithRSAEncryption
55:82:b6:21:40:f0:12:4f:60:68:3a:d0:a7:3f:67:a6:b5:7a:
c9:85:b2:72:cc:16:a4:44:59:12:36:a3:82:b4:aa:a2:af:df:
4b:d4:7f:cd:76:cc:fd:fd:6b:eb:2d:c4:6b:5e:16:75:7a:77:
2f:c2:34:a4:81:84:20:1f:38:93:f1:ac:42:9e:bd:a0:61:e2:
7f:16:91:39:6b:9b:9a:c0:cd:c6:68:ed:3f:c1:ba:11:77:6f:
74:9a:a1:a7:98:33:68:bd:0b:6b:dc:94:af:28:cb:7d:f7:90:
db:17:a7:5f:ef:c1:2f:d1:f3:cc:82:0b:aa:c3:68:4b:fc:7a:
65:09:2a:2a:21:5e:b9:b2:df:5c:82:3f:92:f4:a9:a5:fc:8b:
1c:76:b2:83:7a:42:14:f4:6a:96:04:79:c7:3c:e8:a9:6c:f4:
aa:8f:9f:4d:8e:80:4e:56:6f:dd:54:24:11:25:1b:fb:b8:14:
45:3e:4c:ca:c0:12:50:8b:2d:cd:a3:3f:80:da:c9:1e:f1:7b:
a5:8b:20:13:ce:64:ac:5e:78:ac:45:3c:83:2f:2c:45:47:4c:
87:20:9c:fa:59:75:08:cc:cc:e8:05:aa:9a:a0:c6:46:93:6b:
c8:bd:e2:74:32:72:07:36:25:22:92:3f:8c:73:fb:2e:cd:95:
4f:8d:df:7e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUMEpShau4ZkmHbN8POxWIRfAvNXMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA3MDkxMDQ2MTNaFw0yNjA3MDgxMDUxMTNaMDMxMTAvBgNV
BAMTKEM3Nzk4N0FBODcyNzMyMDg5OEY5NTM1NzYxMzdCNEZCQ0Y3MzkxRTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjgMY0jzyWiwmzaVpGHVI02YJP
WWD9V0vUmDS4V+xR6bB8c/F8g8S+5DSn/6VvN73o1hMmSyEbWir2iZvGirD9kb45
JUQkOCnVwDPDqkY9IG42DRpCALW4XsCXEyzvMDD/AyjYolI45CcRwc+x7X/glZNd
yI0q8jVSBEEH8gL4O+26VQFIyqTyFqt+D7rxUxOo5v3XJyzw2tDzvn9YeBDGWTBz
RsXGLAIzjtBYfn9YIhecvjP7Kvoa1Q4z6azkbOG1gHt5inJsSmkWbevSK2rfTsah
/szNcBYNIUx59MfH5TVZN4zr1ZCSsBmS5HzOySuB1pRASvQLqY5ZYtJL8BE5AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUx3mHqocnMgiY+VNXYTe0+89zkeYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzNzM5MmUzMTMy
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzMyMzAzNDMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
kU99MA0GCSqGSIb3DQEBCwUAA4IBAQBVgrYhQPAST2BoOtCnP2emtXrJhbJyzBak
RFkSNqOCtKqir99L1H/Ndsz9/WvrLcRrXhZ1encvwjSkgYQgHziT8axCnr2gYeJ/
FpE5a5uawM3GaO0/wboRd290mqGnmDNovQtr3JSvKMt995DbF6df78Ev0fPMgguq
w2hL/HplCSoqIV65st9cgj+S9Kml/IscdrKDekIU9GqWBHnHPOipbPSqj59NjoBO
Vm/dVCQRJRv7uBRFPkzKwBJQiy3Noz+A2ske8XuliyATzmSsXnisRTyDLyxFR0yH
IJz6WXUIzMzoBaqaoMZGk2vIveJ0MnIHNiUikj+Mc/suzZVPjd9+
-----END CERTIFICATE-----
Generated at Mon Jul 21 02:06:32 2025 by rpki-client