Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3134302e3230302e302f32322d3232203d3e20323031333431.roa
File: 34352e3134302e3230302e302f32322d3232203d3e20323031333431.roa (raw, json)
Hash identifier: uBxjcLKxc0QzY5f8Ohx+wybvpmXgEco10OuNiIDbseY=
Subject key identifier: DE:E3:BC:15:C9:32:5D:83:45:57:96:4A:C6:B2:41:AB:21:92:D0:F3
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7E5FD376856F35782DDCF2ED5DE1FA34334BED0F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3134302e3230302e302f32322d3232203d3e20323031333431.roa
Signing time: Thu 03 Jul 2025 15:46:47 +0000
ROA not before: Thu 03 Jul 2025 15:41:47 +0000
ROA not after: Thu 02 Jul 2026 15:46:47 +0000
asID: 201341
IP address blocks: 45.140.200.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:5f:d3:76:85:6f:35:78:2d:dc:f2:ed:5d:e1:fa:34:33:4b:ed:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 3 15:41:47 2025 GMT
Not After : Jul 2 15:46:47 2026 GMT
Subject: CN=DEE3BC15C9325D834557964AC6B241AB2192D0F3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e5:fc:69:f6:3c:ab:f2:93:ae:4a:3a:28:5e:
5f:c1:32:fa:0c:5d:bd:1d:a4:a7:9d:a1:93:77:03:
ac:66:f0:8b:dc:d7:fd:00:72:ee:f0:60:39:c2:83:
e8:fa:b9:cf:5b:bb:a0:28:83:62:49:6c:18:15:4d:
6a:66:01:f9:da:d0:b8:54:71:50:9e:db:39:eb:2c:
a9:b4:86:e4:7c:fb:4b:59:af:86:4d:10:db:1d:e2:
92:33:67:18:ca:ab:e2:5d:7e:c9:45:c0:82:5a:e3:
d6:47:ac:c9:d8:65:97:e0:b8:85:6d:2e:66:b6:21:
90:dc:16:fb:fd:27:47:0e:6d:1b:c0:60:8a:73:0e:
b6:b2:39:fd:da:db:19:d5:4a:08:0b:c4:bd:5c:2e:
c5:84:be:1a:de:1f:b4:11:07:0c:4c:62:20:f7:62:
ff:55:eb:a1:1a:92:90:39:81:16:e2:3e:69:dc:c0:
be:a7:70:03:b8:0d:6a:b4:13:1a:a6:d8:d3:9f:f7:
2a:59:a6:34:49:6a:d0:45:9c:df:19:b8:7b:35:09:
a9:a9:94:a5:51:58:3d:fc:51:ea:74:71:e8:e3:10:
23:7f:df:4c:38:bc:eb:3e:1a:7d:44:7f:be:99:54:
38:49:e1:1a:5d:69:08:e8:76:a7:12:a6:a3:94:9d:
47:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:E3:BC:15:C9:32:5D:83:45:57:96:4A:C6:B2:41:AB:21:92:D0:F3
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3134302e3230302e302f32322d3232203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.200.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:27:c7:72:e5:91:a4:34:8e:58:68:38:ce:95:59:11:95:d8:
50:96:c7:92:f6:33:30:e3:9d:31:d5:01:92:67:7a:9e:38:3f:
27:b6:76:fe:76:70:31:de:1b:8f:55:25:c4:cc:90:69:ad:f7:
e9:75:2a:52:6c:e8:19:6c:1c:76:00:73:85:bc:27:f8:47:ee:
a9:d1:8c:5f:85:a4:ad:8d:cf:53:38:c6:55:55:0c:c9:12:06:
ca:72:c9:ce:55:ba:24:49:61:6c:5f:00:f3:c6:f5:09:0a:a9:
ad:e4:d9:50:09:c4:9b:9a:c5:e4:af:0a:21:f3:49:f6:6b:d9:
51:7b:f2:d6:7e:22:9f:6e:02:09:c6:49:70:ef:d3:77:b6:e3:
26:96:2b:2f:d1:ed:ee:02:e7:2a:06:5b:ac:24:1f:e8:b7:d7:
a5:4c:48:5e:78:d2:d5:83:ae:3c:63:47:c2:c9:1f:dd:bd:9d:
c0:5d:23:dd:d8:21:5a:2c:1c:b9:5f:17:5e:61:7e:91:39:98:
2f:af:88:94:1f:20:a0:03:39:49:e4:4d:82:ee:57:44:0f:fc:
b7:57:33:20:68:a3:a7:f8:7a:56:36:ba:4d:b5:0f:48:3d:eb:
e9:23:9f:8d:86:bd:e6:d0:38:57:d3:9e:7c:fd:85:e1:24:71:
f9:5a:88:f8
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUfl/TdoVvNXgt3PLtXeH6NDNL7Q8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA3MDMxNTQxNDdaFw0yNjA3MDIxNTQ2NDdaMDMxMTAvBgNV
BAMTKERFRTNCQzE1QzkzMjVEODM0NTU3OTY0QUM2QjI0MUFCMjE5MkQwRjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/5fxp9jyr8pOuSjooXl/BMvoM
Xb0dpKedoZN3A6xm8Ivc1/0Acu7wYDnCg+j6uc9bu6Aog2JJbBgVTWpmAfna0LhU
cVCe2znrLKm0huR8+0tZr4ZNENsd4pIzZxjKq+JdfslFwIJa49ZHrMnYZZfguIVt
Lma2IZDcFvv9J0cObRvAYIpzDrayOf3a2xnVSggLxL1cLsWEvhreH7QRBwxMYiD3
Yv9V66EakpA5gRbiPmncwL6ncAO4DWq0Exqm2NOf9ypZpjRJatBFnN8ZuHs1Camp
lKVRWD38Uep0cejjECN/30w4vOs+Gn1Ef76ZVDhJ4RpdaQjodqcSpqOUnUe7AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU3uO8FckyXYNFV5ZKxrJBqyGS0PMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzEzNDMwMmUzMjMw
MzAyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMjMwMzEzMzM0MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAItjMgwDQYJKoZIhvcNAQELBQADggEBAH4nx3LlkaQ0jlhoOM6VWRGV2FCWx5L2
MzDjnTHVAZJnep44Pye2dv52cDHeG49VJcTMkGmt9+l1KlJs6BlsHHYAc4W8J/hH
7qnRjF+FpK2Nz1M4xlVVDMkSBspyyc5VuiRJYWxfAPPG9QkKqa3k2VAJxJuaxeSv
CiHzSfZr2VF78tZ+Ip9uAgnGSXDv03e24yaWKy/R7e4C5yoGW6wkH+i316VMSF54
0tWDrjxjR8LJH929ncBdI93YIVosHLlfF15hfpE5mC+viJQfIKADOUnkTYLuV0QP
/LdXMyBoo6f4elY2uk21D0g96+kjn42GvebQOFfTnnz9heEkcflaiPg=
-----END CERTIFICATE-----
Generated at Fri Jul 25 17:23:46 2025 by rpki-client