Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3133372e37372e302f32342d3234203d3e20323132323338.roa
File: 34352e3133372e37372e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: nFiYi/0Plx9Hn8MlsEDSWEnpNqCg4GfIRg2CzJS5Ras=
Subject key identifier: F5:E0:53:24:D8:4C:FD:E2:F7:6F:55:0A:54:BE:B9:57:6C:4C:C6:EB
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1A74F4E7AD927789601B47D578555C9CD20AA870
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3133372e37372e302f32342d3234203d3e20323132323338.roa
Signing time: Mon 30 Jun 2025 21:30:40 +0000
ROA not before: Mon 30 Jun 2025 21:25:40 +0000
ROA not after: Mon 29 Jun 2026 21:30:40 +0000
asID: 212238
IP address blocks: 45.137.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 04:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:74:f4:e7:ad:92:77:89:60:1b:47:d5:78:55:5c:9c:d2:0a:a8:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 30 21:25:40 2025 GMT
Not After : Jun 29 21:30:40 2026 GMT
Subject: CN=F5E05324D84CFDE2F76F550A54BEB9576C4CC6EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:3d:c5:f0:ea:ea:64:b5:e4:3e:1a:1b:5c:a4:
6a:39:fc:dc:02:c1:42:f5:ae:1c:f4:6d:65:2e:98:
3d:d5:b0:33:f2:31:12:9f:3e:47:e4:d7:b7:e0:65:
fe:6e:19:da:b0:c0:39:03:ff:50:4f:21:d0:b5:49:
c2:fc:51:14:aa:9c:09:42:3d:1c:59:6b:84:3f:99:
2a:43:d0:61:53:ca:af:4b:13:5e:17:13:30:5b:e1:
5a:5e:5e:ed:d8:16:cd:c7:9c:d0:2c:37:88:9d:69:
c4:17:ef:ab:94:5c:df:92:ac:85:7a:1e:74:70:87:
62:06:d0:b6:4d:b8:7e:e9:37:84:b8:f4:1c:ca:71:
68:b0:c4:94:47:71:41:c7:c4:f6:7d:1b:0c:50:1c:
0d:89:a5:fa:d2:00:5f:7d:d6:3e:ce:cd:60:d0:9f:
c4:04:9c:5f:f1:dc:e6:88:04:a1:52:c5:75:9c:b7:
36:a7:af:02:35:65:11:37:96:22:6b:42:e4:80:55:
d9:ef:6a:55:bb:0c:7a:dd:53:13:15:1b:f8:2e:af:
47:bf:c0:b7:0e:60:a8:30:8e:ff:e4:0d:2c:bc:1d:
0c:17:ea:3c:c1:40:1b:ef:39:f9:76:32:76:17:6f:
58:1a:42:d4:7e:1d:af:c1:a3:a2:62:2b:96:ad:51:
8e:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:E0:53:24:D8:4C:FD:E2:F7:6F:55:0A:54:BE:B9:57:6C:4C:C6:EB
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3133372e37372e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.77.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:52:e5:11:c5:3e:e6:e5:b3:f3:95:27:00:80:ed:ae:15:7e:
2a:2b:d0:72:e4:37:7e:67:61:07:92:51:76:76:48:e1:d8:a9:
72:d8:70:82:0f:d8:a3:49:60:9d:f2:aa:8a:79:9a:34:a4:02:
38:94:50:57:5a:b0:6c:b1:fa:50:db:05:be:15:7d:95:fc:43:
41:d4:c6:0c:61:b8:a2:ed:95:80:bf:22:61:2c:29:59:7c:36:
65:22:5c:33:72:1b:ef:88:ae:d0:88:6f:19:aa:d0:3b:53:73:
00:89:ee:75:42:35:82:e8:9d:f7:a1:e6:38:26:2d:be:11:83:
85:ad:be:47:3d:fe:fb:15:ac:9a:d9:03:d6:75:bb:c8:65:8e:
84:52:59:7f:2f:43:94:20:39:88:bf:b3:ec:e6:06:3a:da:bf:
2b:98:0e:fc:3e:ae:5e:dd:b5:4e:4f:a2:3a:f4:8f:8d:8c:1d:
b7:4b:35:8a:97:b1:08:db:e1:ab:a6:ae:8c:a9:cc:3e:22:d7:
f0:01:3e:0a:cd:fc:4e:62:d3:81:02:71:57:ba:7c:b6:9a:c2:
83:ae:e6:02:65:ba:1f:a4:c0:43:5a:7f:3f:3c:d9:50:58:fd:
e9:ce:eb:9d:fc:5f:cf:81:a2:4b:b6:0a:c1:9d:c6:41:53:f3:
1d:ef:0a:09
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUGnT0562Sd4lgG0fVeFVcnNIKqHAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA2MzAyMTI1NDBaFw0yNjA2MjkyMTMwNDBaMDMxMTAvBgNV
BAMTKEY1RTA1MzI0RDg0Q0ZERTJGNzZGNTUwQTU0QkVCOTU3NkM0Q0M2RUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+PcXw6upkteQ+GhtcpGo5/NwC
wUL1rhz0bWUumD3VsDPyMRKfPkfk17fgZf5uGdqwwDkD/1BPIdC1ScL8URSqnAlC
PRxZa4Q/mSpD0GFTyq9LE14XEzBb4VpeXu3YFs3HnNAsN4idacQX76uUXN+SrIV6
HnRwh2IG0LZNuH7pN4S49BzKcWiwxJRHcUHHxPZ9GwxQHA2JpfrSAF991j7OzWDQ
n8QEnF/x3OaIBKFSxXWctzanrwI1ZRE3liJrQuSAVdnvalW7DHrdUxMVG/gur0e/
wLcOYKgwjv/kDSy8HQwX6jzBQBvvOfl2MnYXb1gaQtR+Ha/Bo6JiK5atUY5HAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU9eBTJNhM/eL3b1UKVL65V2xMxuswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzEzMzM3MmUzNzM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzIzMzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LYlNMA0GCSqGSIb3DQEBCwUAA4IBAQAeUuURxT7m5bPzlScAgO2uFX4qK9By5Dd+
Z2EHklF2dkjh2Kly2HCCD9ijSWCd8qqKeZo0pAI4lFBXWrBssfpQ2wW+FX2V/ENB
1MYMYbii7ZWAvyJhLClZfDZlIlwzchvviK7QiG8ZqtA7U3MAie51QjWC6J33oeY4
Ji2+EYOFrb5HPf77Faya2QPWdbvIZY6EUll/L0OUIDmIv7Ps5gY62r8rmA78Pq5e
3bVOT6I69I+NjB23SzWKl7EI2+Grpq6Mqcw+ItfwAT4KzfxOYtOBAnFXuny2msKD
ruYCZbofpMBDWn8/PNlQWP3pzuud/F/PgaJLtgrBncZBU/Md7woJ
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:30:13 2025 by rpki-client