Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3132392e302f32342d3234203d3e20333935373933.roa
File: 3134352e37392e3132392e302f32342d3234203d3e20333935373933.roa (raw, json)
Hash identifier: UpgGpdo9JHyetrQU/8cS8ViWPkoeeWYmOOSX7ua/7AE=
Subject key identifier: 0D:29:E7:23:CF:2E:3C:3A:74:37:6A:B5:C3:D5:DD:D0:A2:2D:4C:0B
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1B5A8872D641E4DDFCCBB15CA9275E1CDD460279
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3132392e302f32342d3234203d3e20333935373933.roa
Signing time: Thu 29 May 2025 19:06:57 +0000
ROA not before: Thu 29 May 2025 19:01:57 +0000
ROA not after: Thu 28 May 2026 19:06:57 +0000
asID: 395793
IP address blocks: 145.79.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:5a:88:72:d6:41:e4:dd:fc:cb:b1:5c:a9:27:5e:1c:dd:46:02:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 29 19:01:57 2025 GMT
Not After : May 28 19:06:57 2026 GMT
Subject: CN=0D29E723CF2E3C3A74376AB5C3D5DDD0A22D4C0B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:93:da:17:42:ed:57:2e:8d:6f:46:e6:bd:e2:
bc:4b:fa:c2:be:2e:f9:de:3d:40:2a:2e:51:62:58:
25:df:b2:af:fb:dc:48:1d:76:0e:4d:f1:a6:e1:d3:
c5:5e:13:a2:5e:25:f2:9f:5e:d3:2f:3a:57:a4:d9:
5b:e1:0a:f8:24:ed:47:76:7d:a7:21:dc:b5:8b:09:
6f:4a:a1:18:2f:2d:df:c8:44:d8:c3:09:d8:9e:1d:
19:3f:03:b0:ff:ff:d7:3b:2a:3c:e1:74:9b:65:34:
a3:21:6a:0e:3f:29:b3:5a:f0:ec:a9:ae:86:84:02:
70:f5:57:f8:28:12:e2:3b:a9:d9:dc:81:a8:a5:f6:
22:b7:9e:c6:1b:70:43:2a:7f:26:20:0f:24:de:ec:
a7:bd:56:26:b6:ff:f7:4f:29:5d:39:82:0a:ce:13:
56:4f:db:1f:d4:79:8f:01:6a:64:7c:43:f6:5c:fc:
0d:0a:8d:d9:e8:54:fa:29:0b:49:c4:1e:e5:eb:50:
04:b4:00:f0:60:d7:cc:34:e1:81:cf:6f:5e:f5:06:
a1:6a:77:61:cf:94:c2:c4:73:cc:ee:3e:12:59:96:
51:19:c3:2c:38:f3:f5:d0:81:02:8e:dd:79:93:17:
b3:aa:bd:a7:0e:64:de:31:58:2c:0a:71:68:d5:d8:
1a:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:29:E7:23:CF:2E:3C:3A:74:37:6A:B5:C3:D5:DD:D0:A2:2D:4C:0B
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3132392e302f32342d3234203d3e20333935373933.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.79.129.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:1d:6e:19:b3:f9:6e:3f:82:5b:2b:ae:b2:a4:ad:0d:af:ae:
35:7b:3f:b1:78:9e:0c:cc:c2:b0:32:58:b3:41:2e:93:a3:7a:
72:8d:1c:62:c2:ef:fd:ed:bf:3f:9e:56:67:33:0f:2e:28:eb:
95:ef:ee:2f:1f:3b:53:23:cc:95:d1:b5:97:f6:bb:03:72:42:
dc:5b:87:5a:bd:aa:7f:a0:fd:81:5b:23:86:9f:87:a3:f4:e9:
ac:69:26:45:fa:68:bd:3c:a8:00:34:de:54:f1:d8:6e:86:67:
c8:61:51:46:56:2d:4d:0c:1f:c6:46:9e:ec:16:1e:13:01:a5:
d7:6c:c8:89:82:10:44:07:b2:6f:6d:ca:0f:74:7c:fc:91:22:
49:1f:09:32:6c:83:41:cd:4c:56:1a:1f:55:44:92:26:e7:44:
54:de:77:2c:47:75:20:54:1a:c6:26:c2:a4:dd:86:32:dd:30:
51:ff:6a:ab:a0:29:75:21:63:57:c1:bd:d9:18:fe:a0:7b:64:
66:52:6e:99:4d:65:c3:bf:da:82:2d:8b:92:bb:e1:e3:38:6d:
a0:7c:e4:41:e9:43:ea:2f:c6:ad:9d:cf:f1:53:bc:9f:9b:4c:
53:30:3e:09:f6:bd:97:56:0c:7b:96:44:26:08:64:3a:88:02:
61:7e:00:84
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUG1qIctZB5N38y7FcqSdeHN1GAnkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA1MjkxOTAxNTdaFw0yNjA1MjgxOTA2NTdaMDMxMTAvBgNV
BAMTKDBEMjlFNzIzQ0YyRTNDM0E3NDM3NkFCNUMzRDVEREQwQTIyRDRDMEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDck9oXQu1XLo1vRua94rxL+sK+
LvnePUAqLlFiWCXfsq/73Egddg5N8abh08VeE6JeJfKfXtMvOlek2VvhCvgk7Ud2
fach3LWLCW9KoRgvLd/IRNjDCdieHRk/A7D//9c7KjzhdJtlNKMhag4/KbNa8Oyp
roaEAnD1V/goEuI7qdncgail9iK3nsYbcEMqfyYgDyTe7Ke9Via2//dPKV05ggrO
E1ZP2x/UeY8BamR8Q/Zc/A0KjdnoVPopC0nEHuXrUAS0APBg18w04YHPb171BqFq
d2HPlMLEc8zuPhJZllEZwyw48/XQgQKO3XmTF7OqvacOZN4xWCwKcWjV2BqTAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUDSnnI88uPDp0N2q1w9Xd0KItTAswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzNzM5MmUzMTMy
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzUzNzM5MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACRT4EwDQYJKoZIhvcNAQELBQADggEBAI0dbhmz+W4/glsrrrKkrQ2vrjV7P7F4
ngzMwrAyWLNBLpOjenKNHGLC7/3tvz+eVmczDy4o65Xv7i8fO1MjzJXRtZf2uwNy
Qtxbh1q9qn+g/YFbI4afh6P06axpJkX6aL08qAA03lTx2G6GZ8hhUUZWLU0MH8ZG
nuwWHhMBpddsyImCEEQHsm9tyg90fPyRIkkfCTJsg0HNTFYaH1VEkibnRFTedyxH
dSBUGsYmwqTdhjLdMFH/aqugKXUhY1fBvdkY/qB7ZGZSbplNZcO/2oIti5K74eM4
baB85EHpQ+ovxq2dz/FTvJ+bTFMwPgn2vZdWDHuWRCYIZDqIAmF+AIQ=
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:32:57 2025 by rpki-client