Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3230332e3136382e302f32322d3234203d3e203437353833.roa
File: 3139332e3230332e3136382e302f32322d3234203d3e203437353833.roa (raw, json)
Hash identifier: dciqoaxw0Ndc7SlySsg0Syb2XkBCHSuvlGx3pbDckw8=
Subject key identifier: 94:6E:98:99:53:A3:29:1C:01:62:99:F1:44:0A:65:9E:CA:AD:30:44
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4468C46B21B93CB450E8E41E750DA9A48F96516B
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3230332e3136382e302f32322d3234203d3e203437353833.roa
Signing time: Fri 04 Jul 2025 11:46:48 +0000
ROA not before: Fri 04 Jul 2025 11:41:48 +0000
ROA not after: Fri 03 Jul 2026 11:46:48 +0000
asID: 47583
IP address blocks: 193.203.168.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:68:c4:6b:21:b9:3c:b4:50:e8:e4:1e:75:0d:a9:a4:8f:96:51:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 4 11:41:48 2025 GMT
Not After : Jul 3 11:46:48 2026 GMT
Subject: CN=946E989953A3291C016299F1440A659ECAAD3044
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:30:0d:22:db:5a:03:42:f0:1e:fd:10:57:4d:
3d:47:81:92:b0:a6:42:b0:f4:19:07:1b:e8:c1:39:
13:f5:71:c9:af:c1:d6:5e:1f:b6:58:79:05:46:d2:
82:2e:13:31:05:9a:17:30:8f:18:9d:c6:80:99:ee:
cb:19:d8:b4:8a:96:6a:23:fe:a8:4e:7f:fd:4b:3e:
4c:7d:9a:e6:c1:3c:83:4b:c1:57:bd:14:12:ce:f9:
55:70:ed:c2:2c:2b:b2:2b:1e:b0:dd:1a:91:41:f9:
d5:1e:24:c4:3f:80:4f:6a:26:37:c2:32:c5:2c:5b:
f0:d8:a8:63:34:a9:af:e9:ed:e4:aa:54:95:e6:f6:
4b:af:a2:a8:cf:d2:57:eb:b9:c0:43:2d:55:db:3d:
bb:98:47:7f:78:3c:57:75:87:f4:8b:ca:24:ff:0b:
47:fc:59:a8:c7:dc:bd:62:cb:d2:d4:e7:e5:9b:ab:
8a:ac:06:6b:3d:6b:35:e8:33:96:72:8f:c9:50:67:
d0:ef:a3:20:8c:92:5e:59:86:c8:c3:d6:7b:97:9d:
16:a6:56:a3:c5:37:d7:d5:25:7b:ad:85:9c:1e:6f:
54:32:b1:55:70:8e:6a:46:b1:0d:61:d1:a5:87:5f:
8a:42:1b:a2:19:cc:92:f0:71:70:98:f2:7c:e7:00:
a4:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:6E:98:99:53:A3:29:1C:01:62:99:F1:44:0A:65:9E:CA:AD:30:44
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3230332e3136382e302f32322d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.203.168.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:b7:28:fc:35:21:75:4e:9a:f7:87:ef:ca:2f:5f:73:19:a9:
6d:5d:21:4e:19:d2:1c:08:de:95:f1:c3:57:6d:5b:e5:95:02:
ab:c8:4a:2c:b3:6c:d1:03:22:0f:d0:53:21:d7:5c:af:4f:a4:
67:20:17:42:07:ab:0a:c6:42:2e:c7:e6:4b:48:1b:18:03:ac:
72:e6:a1:3a:ce:92:10:12:0a:3c:3d:91:80:69:55:8a:5a:a6:
88:37:97:06:43:f1:77:a1:75:0e:74:c2:d2:e5:7b:92:60:03:
91:1a:91:4a:74:a8:9a:cd:23:5d:e6:fc:8d:2f:69:9b:de:df:
4a:8f:cc:60:4d:05:04:f0:11:2b:72:fa:19:15:4a:e2:5f:a3:
7a:f7:8e:16:38:85:f4:e1:94:58:9f:91:c6:ac:8c:78:ea:ab:
b0:06:e8:4b:4b:0d:db:f1:b6:cd:7d:f2:c5:64:0a:98:0b:d2:
c4:79:30:fd:3f:ba:fc:ac:d8:72:3c:6a:42:eb:b8:ac:b9:28:
f3:ab:6e:f3:6d:c1:3f:fe:9e:29:cc:2b:89:0d:6f:4d:11:e5:
61:4f:ab:d5:a8:62:51:4b:e4:22:2d:c5:65:29:83:a1:0b:3e:
c5:44:1a:72:3b:5b:77:e8:37:c5:59:3b:18:82:e6:40:90:0a:
53:95:33:41
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIURGjEayG5PLRQ6OQedQ2ppI+WUWswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA3MDQxMTQxNDhaFw0yNjA3MDMxMTQ2NDhaMDMxMTAvBgNV
BAMTKDk0NkU5ODk5NTNBMzI5MUMwMTYyOTlGMTQ0MEE2NTlFQ0FBRDMwNDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBMA0i21oDQvAe/RBXTT1HgZKw
pkKw9BkHG+jBORP1ccmvwdZeH7ZYeQVG0oIuEzEFmhcwjxidxoCZ7ssZ2LSKlmoj
/qhOf/1LPkx9mubBPINLwVe9FBLO+VVw7cIsK7IrHrDdGpFB+dUeJMQ/gE9qJjfC
MsUsW/DYqGM0qa/p7eSqVJXm9kuvoqjP0lfrucBDLVXbPbuYR394PFd1h/SLyiT/
C0f8WajH3L1iy9LU5+Wbq4qsBms9azXoM5Zyj8lQZ9DvoyCMkl5ZhsjD1nuXnRam
VqPFN9fVJXuthZweb1QysVVwjmpGsQ1h0aWHX4pCG6IZzJLwcXCY8nznAKTjAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUlG6YmVOjKRwBYpnxRAplnsqtMEQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTMzMmUzMjMwMzMyZTMx
MzYzODJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BALBy6gwDQYJKoZIhvcNAQELBQADggEBAC63KPw1IXVOmveH78ovX3MZqW1dIU4Z
0hwI3pXxw1dtW+WVAqvISiyzbNEDIg/QUyHXXK9PpGcgF0IHqwrGQi7H5ktIGxgD
rHLmoTrOkhASCjw9kYBpVYpapog3lwZD8XehdQ50wtLle5JgA5EakUp0qJrNI13m
/I0vaZve30qPzGBNBQTwESty+hkVSuJfo3r3jhY4hfThlFifkcasjHjqq7AG6EtL
Ddvxts198sVkCpgL0sR5MP0/uvys2HI8akLruKy5KPOrbvNtwT/+ninMK4kNb00R
5WFPq9WoYlFL5CItxWUpg6ELPsVEGnI7W3foN8VZOxiC5kCQClOVM0E=
-----END CERTIFICATE-----
Generated at Fri Jul 25 17:17:22 2025 by rpki-client