Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e322e302f32342d3234203d3e20323134313433.roa
File: 3135392e3235332e322e302f32342d3234203d3e20323134313433.roa (raw, json)
Hash identifier: qmuf0vkLJtyYNBk6lONse3deUisFPtDCWrL9dDMaewk=
Subject key identifier: 2F:FA:F0:EB:71:8E:04:01:A3:57:DB:47:8F:E2:3D:EF:B5:B5:A0:6F
Certificate issuer: /CN=4c189e42f35c944d463d9ea6501f093eb62ba785
Certificate serial: 5C8166E25FF949FE4A325A15482566B4D407029E
Authority key identifier: 4C:18:9E:42:F3:5C:94:4D:46:3D:9E:A6:50:1F:09:3E:B6:2B:A7:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e322e302f32342d3234203d3e20323134313433.roa
Signing time: Mon 01 Sep 2025 06:17:40 +0000
ROA not before: Mon 01 Sep 2025 06:12:40 +0000
ROA not after: Mon 31 Aug 2026 06:17:40 +0000
asID: 214143
IP address blocks: 159.253.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.crl
rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.mft
rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:81:66:e2:5f:f9:49:fe:4a:32:5a:15:48:25:66:b4:d4:07:02:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c189e42f35c944d463d9ea6501f093eb62ba785
Validity
Not Before: Sep 1 06:12:40 2025 GMT
Not After : Aug 31 06:17:40 2026 GMT
Subject: CN=2FFAF0EB718E0401A357DB478FE23DEFB5B5A06F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:bb:fb:f6:51:c5:ca:89:e1:6c:e0:0c:73:f8:
6c:09:96:4f:52:4c:6c:c5:55:51:0b:01:d0:7f:f1:
64:06:60:a6:c1:f7:29:25:cf:e5:49:09:0e:f3:d1:
dd:1c:2d:16:6e:9d:b6:ec:a4:76:58:c6:8d:d9:47:
d9:ce:71:61:3a:3f:99:78:e1:7c:f6:08:2a:91:ed:
5d:93:67:28:cb:01:9a:1b:49:80:2e:68:9d:d4:9b:
7d:49:36:1b:a3:54:77:28:5e:aa:eb:73:20:8f:b2:
2f:f1:f4:97:94:82:13:c0:ee:4b:b7:9a:bc:b7:c9:
1d:29:a7:68:e1:ba:eb:40:af:1a:30:9b:8e:d9:05:
d0:8d:7e:f0:42:4d:8d:26:c0:c5:89:85:f9:a9:3d:
3d:2d:ea:24:80:e7:75:28:a1:09:34:9d:68:86:57:
ea:27:08:6a:69:f1:f3:27:63:bd:19:5e:9d:fd:1d:
bd:73:c3:9a:1a:7b:78:0f:d5:dc:c8:9a:6d:2a:6e:
87:00:c9:54:14:ea:74:59:ca:1c:c0:a4:b6:89:f5:
5d:af:65:3a:f2:4a:2e:ce:c0:15:46:83:b4:ef:34:
87:a4:78:e9:98:75:b0:78:37:61:be:fb:0f:45:df:
22:c7:7a:59:16:d3:60:68:62:b1:9e:f0:c6:9f:16:
e4:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:FA:F0:EB:71:8E:04:01:A3:57:DB:47:8F:E2:3D:EF:B5:B5:A0:6F
X509v3 Authority Key Identifier:
keyid:4C:18:9E:42:F3:5C:94:4D:46:3D:9E:A6:50:1F:09:3E:B6:2B:A7:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e322e302f32342d3234203d3e20323134313433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.253.2.0/24
Signature Algorithm: sha256WithRSAEncryption
78:21:99:56:f5:86:1d:e6:b1:a3:ef:a9:2c:24:7c:cf:60:f1:
d8:2b:8d:1a:82:76:81:b4:a8:18:60:b2:1d:c4:ea:91:58:2d:
68:96:bc:60:57:33:08:d6:19:1c:4a:f4:6f:4a:ec:a4:ab:f4:
5d:b0:0c:fc:fc:70:3b:aa:18:c2:b3:e0:c1:ba:b7:86:ab:4b:
09:58:e1:4d:89:c1:b2:7f:1a:9a:de:b1:1f:09:19:51:ea:e6:
d1:af:7b:9d:57:28:4c:14:fc:c6:65:40:10:47:4f:27:cb:71:
87:f4:1a:b1:6a:fd:18:d1:1f:65:4f:96:ba:d1:29:8b:d5:f8:
26:2e:3f:7a:2b:45:1a:fa:cb:9f:34:48:9c:af:be:01:61:c8:
fc:ba:4f:88:60:e4:e6:4d:ea:d2:78:4e:25:e4:fb:4d:d5:da:
87:c2:eb:0f:b7:74:8a:e3:c0:3f:35:1e:a3:e5:13:8a:e4:e5:
52:81:56:70:2b:c4:01:b5:8f:7f:6a:30:1c:3d:62:e1:41:9f:
48:3d:56:6a:79:d3:72:44:27:42:81:d5:b6:08:cc:d3:6f:66:
b6:39:d7:05:75:f2:4c:27:ab:e6:61:2a:71:6c:d9:9d:47:6e:
b8:86:60:54:49:69:41:ed:c1:b8:59:e1:96:8c:14:4d:be:ed:
9f:9a:7f:ee
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUXIFm4l/5Sf5KMloVSCVmtNQHAp4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGMxODllNDJmMzVjOTQ0ZDQ2M2Q5ZWE2NTAxZjA5M2Vi
NjJiYTc4NTAeFw0yNTA5MDEwNjEyNDBaFw0yNjA4MzEwNjE3NDBaMDMxMTAvBgNV
BAMTKDJGRkFGMEVCNzE4RTA0MDFBMzU3REI0NzhGRTIzREVGQjVCNUEwNkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQu/v2UcXKieFs4Axz+GwJlk9S
TGzFVVELAdB/8WQGYKbB9yklz+VJCQ7z0d0cLRZunbbspHZYxo3ZR9nOcWE6P5l4
4Xz2CCqR7V2TZyjLAZobSYAuaJ3Um31JNhujVHcoXqrrcyCPsi/x9JeUghPA7ku3
mry3yR0pp2jhuutArxowm47ZBdCNfvBCTY0mwMWJhfmpPT0t6iSA53UooQk0nWiG
V+onCGpp8fMnY70ZXp39Hb1zw5oae3gP1dzImm0qbocAyVQU6nRZyhzApLaJ9V2v
ZTrySi7OwBVGg7TvNIekeOmYdbB4N2G++w9F3yLHelkW02BoYrGe8MafFuSFAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUL/rw63GOBAGjV9tHj+I977W1oG8wHwYDVR0j
BBgwFoAUTBieQvNclE1GPZ6mUB8JPrYrp4UwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2U1MTBlMTctMzFmYS00MTRiLTk4OWUtMDI2ZGJiNmZk
ZjUxLzAvNEMxODlFNDJGMzVDOTQ0RDQ2M0Q5RUE2NTAxRjA5M0VCNjJCQTc4NS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RCaWVRdk5jbEUxR1BaNm1VQjhKUHJZ
cnA0VS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2U1MTBlMTct
MzFmYS00MTRiLTk4OWUtMDI2ZGJiNmZkZjUxLzAvMzEzNTM5MmUzMjM1MzMyZTMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM0MzEzNDMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
n/0CMA0GCSqGSIb3DQEBCwUAA4IBAQB4IZlW9YYd5rGj76ksJHzPYPHYK40agnaB
tKgYYLIdxOqRWC1olrxgVzMI1hkcSvRvSuykq/RdsAz8/HA7qhjCs+DBureGq0sJ
WOFNicGyfxqa3rEfCRlR6ubRr3udVyhMFPzGZUAQR08ny3GH9Bqxav0Y0R9lT5a6
0SmL1fgmLj96K0Ua+sufNEicr74BYcj8uk+IYOTmTerSeE4l5PtN1dqHwusPt3SK
48A/NR6j5ROK5OVSgVZwK8QBtY9/ajAcPWLhQZ9IPVZqedNyRCdCgdW2CMzTb2a2
OdcFdfJMJ6vmYSpxbNmdR264hmBUSWlB7cG4WeGWjBRNvu2fmn/u
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:42:14 2025 by rpki-client