Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3137362e3132362e3130352e302f32342d3234203d3e20313432313131.roa
File: 3137362e3132362e3130352e302f32342d3234203d3e20313432313131.roa (raw, json)
Hash identifier: BtY1Y1S506xUDGL3HPYJouh8HE8Bfu5LiAut28ETk7w=
Subject key identifier: 22:A8:24:14:E9:95:3C:D2:70:E9:E4:B8:26:C1:9E:34:DB:09:36:41
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 2748C32E2D2C368026484CCD172B27D90833FD34
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3137362e3132362e3130352e302f32342d3234203d3e20313432313131.roa
Signing time: Mon 30 Jun 2025 21:08:27 +0000
ROA not before: Mon 30 Jun 2025 21:03:27 +0000
ROA not after: Mon 29 Jun 2026 21:08:27 +0000
asID: 142111
IP address blocks: 176.126.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 31 Jul 2025 14:55:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:48:c3:2e:2d:2c:36:80:26:48:4c:cd:17:2b:27:d9:08:33:fd:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Jun 30 21:03:27 2025 GMT
Not After : Jun 29 21:08:27 2026 GMT
Subject: CN=22A82414E9953CD270E9E4B826C19E34DB093641
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:98:6b:e9:c7:cf:2a:fe:aa:bf:3b:cf:29:3d:
fd:23:aa:2c:bd:53:01:a8:4c:e2:49:2b:53:11:0c:
88:73:37:60:4c:00:42:c0:b4:38:a0:fa:c4:86:2e:
df:f1:c0:1a:80:19:26:ac:b4:1a:1e:db:bd:18:55:
75:ce:86:d6:44:f6:3b:6f:23:78:6b:a3:7d:95:2a:
0d:61:82:c9:6e:a9:1a:b3:bf:fa:c0:89:a7:fe:55:
e5:9d:a4:aa:29:43:4b:09:56:b7:8c:e0:08:7c:c1:
c5:32:5a:ea:8e:7a:5f:72:42:c7:eb:68:5d:53:71:
7a:f7:57:f1:52:cf:e9:bd:c8:70:af:84:f3:7a:32:
e8:6f:06:b5:d4:5c:7a:71:73:aa:a1:85:d3:ad:2e:
40:fe:30:e7:75:66:96:97:bf:c6:c2:82:8c:0d:be:
49:fc:01:90:1c:3e:2d:af:94:9e:69:4a:9a:e7:ea:
db:d5:59:84:eb:14:52:f3:b4:5c:ce:aa:db:0e:a3:
da:69:1e:8e:74:18:ce:8d:39:42:e4:fa:a2:4d:5c:
61:41:8b:9f:bb:08:3c:3e:ae:b0:4d:4f:c7:6b:29:
98:40:b6:24:33:1f:5f:9e:22:47:70:b6:86:80:49:
4d:22:b1:b4:16:a2:e7:88:19:3a:81:e8:db:60:f7:
ef:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:A8:24:14:E9:95:3C:D2:70:E9:E4:B8:26:C1:9E:34:DB:09:36:41
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3137362e3132362e3130352e302f32342d3234203d3e20313432313131.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.126.105.0/24
Signature Algorithm: sha256WithRSAEncryption
78:c3:d2:d6:99:2c:1e:d0:ee:70:ab:11:30:77:02:14:cb:13:
8a:49:79:84:54:d0:20:43:64:03:00:5c:3b:65:78:ee:3f:fa:
7d:f4:3e:aa:e8:4a:86:ab:2e:4b:60:ff:85:8a:be:22:b1:1e:
d1:f5:5f:3e:e0:92:fd:c4:2f:61:30:bf:27:73:84:d3:bb:5f:
41:ea:38:f7:07:39:cd:cc:34:a1:f6:68:eb:8d:a4:5b:52:09:
30:74:6c:b0:87:fa:86:54:26:e3:1a:33:f0:c2:5c:0e:03:25:
18:39:db:1b:f8:83:d9:f6:d6:95:8e:1f:d8:63:8c:0c:b1:d4:
72:c5:57:a5:1e:bb:2e:81:8d:b4:77:32:24:79:cf:f5:b5:4a:
bc:66:8e:f1:b1:af:49:dc:65:49:a8:8f:43:ab:5d:29:5c:a0:
9a:f5:db:cc:23:75:c5:4c:5f:46:19:1b:b0:82:de:e6:98:81:
dc:b7:cc:39:e8:c9:36:07:44:54:04:23:4f:bc:45:e9:14:0d:
82:2d:43:c2:81:95:8a:0b:e9:dc:1f:d3:27:45:72:fb:d7:37:
77:87:13:bc:f8:fa:11:48:03:f1:cd:50:c8:54:4a:34:f4:01:
48:55:b7:dc:31:53:82:42:5e:bf:b8:b2:4d:76:76:2b:2b:94:
51:8c:26:dc
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUJ0jDLi0sNoAmSEzNFysn2Qgz/TQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNTA2MzAyMTAzMjdaFw0yNjA2MjkyMTA4MjdaMDMxMTAvBgNV
BAMTKDIyQTgyNDE0RTk5NTNDRDI3MEU5RTRCODI2QzE5RTM0REIwOTM2NDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDemGvpx88q/qq/O88pPf0jqiy9
UwGoTOJJK1MRDIhzN2BMAELAtDig+sSGLt/xwBqAGSastBoe270YVXXOhtZE9jtv
I3hro32VKg1hgsluqRqzv/rAiaf+VeWdpKopQ0sJVreM4Ah8wcUyWuqOel9yQsfr
aF1TcXr3V/FSz+m9yHCvhPN6MuhvBrXUXHpxc6qhhdOtLkD+MOd1ZpaXv8bCgowN
vkn8AZAcPi2vlJ5pSprn6tvVWYTrFFLztFzOqtsOo9ppHo50GM6NOULk+qJNXGFB
i5+7CDw+rrBNT8drKZhAtiQzH1+eIkdwtoaASU0isbQWoueIGTqB6Ntg9+8dAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUIqgkFOmVPNJw6eS4JsGeNNsJNkEwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzEzNzM2MmUzMTMyMzYyZTMx
MzAzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzMjMxMzEzMS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALB+aTANBgkqhkiG9w0BAQsFAAOCAQEAeMPS1pksHtDucKsRMHcCFMsTikl5
hFTQIENkAwBcO2V47j/6ffQ+quhKhqsuS2D/hYq+IrEe0fVfPuCS/cQvYTC/J3OE
07tfQeo49wc5zcw0ofZo642kW1IJMHRssIf6hlQm4xoz8MJcDgMlGDnbG/iD2fbW
lY4f2GOMDLHUcsVXpR67LoGNtHcyJHnP9bVKvGaO8bGvSdxlSaiPQ6tdKVygmvXb
zCN1xUxfRhkbsILe5piB3LfMOejJNgdEVAQjT7xF6RQNgi1DwoGVigvp3B/TJ0Vy
+9c3d4cTvPj6EUgD8c1QyFRKNPQBSFW33DFTgkJev7iyTXZ2KyuUUYwm3A==
-----END CERTIFICATE-----
Generated at Wed Jul 30 19:04:10 2025 by rpki-client