Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3135302e302f32342d3234203d3e203134343435.roa
File: 3134352e37392e3135302e302f32342d3234203d3e203134343435.roa (raw, json)
Hash identifier: yzdQqjx+xJqSxZZY7EVdIrRX2TPPLqapvX7T8g8LXXo=
Subject key identifier: F1:F6:7E:9D:16:B9:23:AD:D8:FF:06:78:F2:53:94:76:C9:67:0E:31
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2A947D07C1F65B73F1BEE54A0367138313FE4B45
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3135302e302f32342d3234203d3e203134343435.roa
Signing time: Thu 28 Aug 2025 20:45:44 +0000
ROA not before: Thu 28 Aug 2025 20:40:44 +0000
ROA not after: Thu 27 Aug 2026 20:45:44 +0000
asID: 14445
IP address blocks: 145.79.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 01:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:94:7d:07:c1:f6:5b:73:f1:be:e5:4a:03:67:13:83:13:fe:4b:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 28 20:40:44 2025 GMT
Not After : Aug 27 20:45:44 2026 GMT
Subject: CN=F1F67E9D16B923ADD8FF0678F2539476C9670E31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b7:7f:65:b3:a8:f3:96:ac:28:15:77:ff:d4:
7e:34:0a:72:5a:6f:c6:7e:60:f2:d1:3c:07:a2:da:
01:f5:b2:34:e8:be:ce:91:d9:3f:ce:ec:99:c6:b9:
79:be:97:21:35:52:18:19:c5:e7:de:ca:8b:6e:01:
2c:b6:98:5e:6d:5e:c6:30:c6:73:d6:ba:f9:da:8c:
a4:a6:45:d6:ab:0b:19:e3:9a:04:65:ca:1b:ce:6e:
3f:4b:ce:76:58:59:97:9a:f0:0a:7d:bb:65:38:c2:
ab:36:12:bc:1f:d2:b4:5d:f8:31:e6:a8:3f:9a:a6:
e4:a8:91:a6:37:08:bb:ec:97:b5:34:d8:9b:34:43:
81:01:ca:ee:c5:34:bb:35:35:9a:60:b8:c5:39:0f:
12:7d:6e:f6:20:24:8b:a9:ea:3d:30:ec:54:73:d6:
d7:7d:14:b3:75:15:61:26:7f:c0:ec:1a:4e:e8:0a:
43:a8:91:27:4a:95:18:99:fb:0b:08:ff:e0:4c:b1:
1b:3b:c7:0d:dc:e5:08:de:05:68:da:5f:87:9b:a4:
9a:f8:85:6b:db:2c:c8:50:f0:b7:6d:f0:e2:eb:25:
de:91:26:4b:87:c1:c8:3c:fd:af:46:84:0a:39:37:
3e:e3:01:60:6b:ee:0a:ec:d0:46:15:f1:86:3c:ca:
d9:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:F6:7E:9D:16:B9:23:AD:D8:FF:06:78:F2:53:94:76:C9:67:0E:31
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3135302e302f32342d3234203d3e203134343435.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.79.150.0/24
Signature Algorithm: sha256WithRSAEncryption
51:76:01:44:76:f8:40:89:bd:a0:ca:06:47:f0:66:dd:7e:37:
15:da:9e:95:8a:b1:db:b6:bc:86:7a:85:ac:70:ec:11:24:65:
73:6e:0c:7a:27:a5:a6:94:5a:aa:dc:f0:2f:8a:71:46:ec:66:
a6:08:2f:a9:6f:5d:ca:f5:45:6f:c4:e9:09:72:89:2d:e2:85:
f2:be:d1:84:26:55:1c:ef:1b:65:1c:bc:69:5e:34:91:53:c9:
cc:e0:f6:05:15:c8:93:30:71:1a:ad:de:15:0b:71:6d:39:9e:
e4:4b:0b:ee:7c:08:b5:8e:78:06:a5:a6:19:14:10:a9:fb:cc:
a3:51:ba:35:aa:e3:eb:34:11:24:95:11:3a:25:b7:b6:e1:79:
4d:27:e7:8b:75:11:62:6f:98:21:4a:ab:1d:4d:2a:0a:49:cc:
ab:f8:be:fd:d6:7c:39:dc:69:28:78:5e:35:17:b9:24:ef:f4:
43:2c:07:cb:ec:b8:3e:b9:34:00:f5:1d:85:52:46:bd:7d:fa:
b2:f4:19:62:9f:d6:0d:19:b4:84:70:8a:d5:9b:f3:fb:8a:b9:
3d:a9:71:73:dd:42:57:a8:8c:3e:37:a8:b5:b9:65:75:bb:8d:
e3:b0:d6:61:7e:91:82:4d:8b:5d:24:75:17:c2:ad:37:6d:98:
c5:79:21:5f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUKpR9B8H2W3PxvuVKA2cTgxP+S0UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjgyMDQwNDRaFw0yNjA4MjcyMDQ1NDRaMDMxMTAvBgNV
BAMTKEYxRjY3RTlEMTZCOTIzQUREOEZGMDY3OEYyNTM5NDc2Qzk2NzBFMzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCt39ls6jzlqwoFXf/1H40CnJa
b8Z+YPLRPAei2gH1sjTovs6R2T/O7JnGuXm+lyE1UhgZxefeyotuASy2mF5tXsYw
xnPWuvnajKSmRdarCxnjmgRlyhvObj9LznZYWZea8Ap9u2U4wqs2Erwf0rRd+DHm
qD+apuSokaY3CLvsl7U02Js0Q4EByu7FNLs1NZpguMU5DxJ9bvYgJIup6j0w7FRz
1td9FLN1FWEmf8DsGk7oCkOokSdKlRiZ+wsI/+BMsRs7xw3c5QjeBWjaX4ebpJr4
hWvbLMhQ8Ldt8OLrJd6RJkuHwcg8/a9GhAo5Nz7jAWBr7grs0EYV8YY8ytlHAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU8fZ+nRa5I63Y/wZ48lOUdslnDjEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzNzM5MmUzMTM1
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM0MzQzNDM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
kU+WMA0GCSqGSIb3DQEBCwUAA4IBAQBRdgFEdvhAib2gygZH8GbdfjcV2p6VirHb
tryGeoWscOwRJGVzbgx6J6WmlFqq3PAvinFG7GamCC+pb13K9UVvxOkJcokt4oXy
vtGEJlUc7xtlHLxpXjSRU8nM4PYFFciTMHEard4VC3FtOZ7kSwvufAi1jngGpaYZ
FBCp+8yjUbo1quPrNBEklRE6Jbe24XlNJ+eLdRFib5ghSqsdTSoKScyr+L791nw5
3GkoeF41F7kk7/RDLAfL7Lg+uTQA9R2FUka9ffqy9Blin9YNGbSEcIrVm/P7irk9
qXFz3UJXqIw+N6i1uWV1u43jsNZhfpGCTYtdJHUXwq03bZjFeSFf
-----END CERTIFICATE-----
Generated at Mon Sep 8 08:44:30 2025 by rpki-client