Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3135362e302f32322d3234203d3e203133333437.roa
File: 3134352e37392e3135362e302f32322d3234203d3e203133333437.roa (raw, json)
Hash identifier: bRTLKfNZImcHn2JoadOyZSy5J1i7MkBiprpfHMhka/8=
Subject key identifier: 89:51:3F:18:DC:FA:B3:64:EC:73:CB:9E:41:7F:15:F5:93:BE:2A:93
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4A41E6F9235CB10B37B44C8E19308F09763BF6D6
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3135362e302f32322d3234203d3e203133333437.roa
Signing time: Wed 28 May 2025 10:28:42 +0000
ROA not before: Wed 28 May 2025 10:23:42 +0000
ROA not after: Wed 27 May 2026 10:28:42 +0000
asID: 13347
IP address blocks: 145.79.156.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 05:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:41:e6:f9:23:5c:b1:0b:37:b4:4c:8e:19:30:8f:09:76:3b:f6:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 28 10:23:42 2025 GMT
Not After : May 27 10:28:42 2026 GMT
Subject: CN=89513F18DCFAB364EC73CB9E417F15F593BE2A93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:60:f3:6a:09:e9:62:aa:80:f8:90:3a:bf:16:
90:9c:a6:a5:c8:a1:4d:62:ee:ca:6c:94:a3:aa:01:
71:6e:ff:85:79:ff:e0:4f:c3:ff:11:dc:35:7a:37:
63:c3:48:ee:1f:f7:54:30:53:82:5e:4e:aa:7e:a5:
f0:f3:84:d1:14:28:b1:1d:19:08:d6:dd:45:02:a1:
e8:a5:e8:ca:bb:57:eb:78:70:8c:b6:fd:e9:f5:da:
77:67:2a:d3:59:4d:3a:0b:41:f9:83:9c:56:98:82:
2c:65:85:ee:2d:09:b6:bc:a1:61:77:32:4b:d9:a9:
22:9c:72:99:f8:ad:ae:39:1b:f8:e4:af:79:9e:b0:
9e:23:81:c6:93:40:63:43:53:aa:6c:12:5e:75:28:
44:cc:08:cd:79:b3:b4:d9:ac:98:d3:12:81:1f:a5:
5f:5d:f7:93:8f:cd:70:3f:66:27:1f:ce:05:dd:b7:
44:28:20:9c:e4:7e:fb:5c:29:08:fa:23:10:45:39:
54:ee:f3:22:93:9d:b9:62:cf:08:bf:2d:48:5f:94:
c5:0d:66:fc:a7:30:01:cb:c6:df:52:83:f8:dc:69:
4c:65:53:b2:a0:7f:05:50:a8:45:35:92:5f:61:41:
de:b4:a3:5f:c0:71:36:97:72:e9:43:f8:03:63:90:
56:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:51:3F:18:DC:FA:B3:64:EC:73:CB:9E:41:7F:15:F5:93:BE:2A:93
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3135362e302f32322d3234203d3e203133333437.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.79.156.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:94:0e:e9:5d:08:68:e5:11:ee:55:5f:bd:6c:e8:38:90:6a:
03:f1:a7:43:a5:a6:60:d1:7f:52:76:d1:1b:59:ff:7f:83:1a:
9e:5e:5f:78:37:d4:5d:81:65:04:60:fb:4d:6a:0f:15:27:4c:
71:24:0d:f9:02:25:83:ea:2c:6d:8d:d6:05:0c:65:2c:c0:07:
9a:38:9e:25:9a:ec:ec:f8:d4:29:f0:cc:cb:26:1a:05:d9:40:
0d:08:99:c7:26:5e:82:39:06:3d:96:49:0f:4b:29:24:39:da:
6d:df:91:5e:75:72:bf:d4:c0:25:94:a6:32:67:b5:8a:25:87:
e9:e1:4e:85:76:b4:2f:7e:af:8b:10:6e:9d:e6:20:79:48:01:
1d:58:b8:55:8b:51:ae:c3:4d:3d:e2:6a:b4:4d:91:43:60:48:
81:e2:51:0b:20:28:e8:73:15:ec:8a:79:e3:76:cf:67:8d:4d:
b0:b5:a9:81:d5:22:a3:d0:22:a0:8f:d5:c7:f3:e0:fd:5e:71:
34:fa:58:a7:04:da:d2:b6:8e:76:e1:61:ff:9b:66:b3:a6:22:
3f:2e:d9:00:12:1b:a9:30:0b:74:c0:94:25:56:df:8e:39:9a:
ce:61:02:2b:d7:43:55:11:3c:6a:bd:39:36:40:91:d4:32:97:
f8:42:06:48
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUSkHm+SNcsQs3tEyOGTCPCXY79tYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA1MjgxMDIzNDJaFw0yNjA1MjcxMDI4NDJaMDMxMTAvBgNV
BAMTKDg5NTEzRjE4RENGQUIzNjRFQzczQ0I5RTQxN0YxNUY1OTNCRTJBOTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYYPNqCeliqoD4kDq/FpCcpqXI
oU1i7spslKOqAXFu/4V5/+BPw/8R3DV6N2PDSO4f91QwU4JeTqp+pfDzhNEUKLEd
GQjW3UUCoeil6Mq7V+t4cIy2/en12ndnKtNZTToLQfmDnFaYgixlhe4tCba8oWF3
MkvZqSKccpn4ra45G/jkr3mesJ4jgcaTQGNDU6psEl51KETMCM15s7TZrJjTEoEf
pV9d95OPzXA/ZicfzgXdt0QoIJzkfvtcKQj6IxBFOVTu8yKTnblizwi/LUhflMUN
ZvynMAHLxt9Sg/jcaUxlU7KgfwVQqEU1kl9hQd60o1/AcTaXculD+ANjkFbVAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUiVE/GNz6s2Tsc8ueQX8V9ZO+KpMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzNzM5MmUzMTM1
MzYyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMTMzMzMzNDM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
kU+cMA0GCSqGSIb3DQEBCwUAA4IBAQBPlA7pXQho5RHuVV+9bOg4kGoD8adDpaZg
0X9SdtEbWf9/gxqeXl94N9RdgWUEYPtNag8VJ0xxJA35AiWD6ixtjdYFDGUswAea
OJ4lmuzs+NQp8MzLJhoF2UANCJnHJl6COQY9lkkPSykkOdpt35FedXK/1MAllKYy
Z7WKJYfp4U6FdrQvfq+LEG6d5iB5SAEdWLhVi1Guw0094mq0TZFDYEiB4lELICjo
cxXsinnjds9njU2wtamB1SKj0CKgj9XH8+D9XnE0+linBNrSto524WH/m2azpiI/
LtkAEhupMAt0wJQlVt+OOZrOYQIr10NVETxqvTk2QJHUMpf4QgZI
-----END CERTIFICATE-----
Generated at Sat Jun 7 11:53:05 2025 by rpki-client