Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3137312e302f32342d3234203d3e20333935373933.roa
File: 3134352e37392e3137312e302f32342d3234203d3e20333935373933.roa (raw, json)
Hash identifier: NCG4VVMjBIWZllZpBLJbMGJloGQoLj8drW8VOukTQXc=
Subject key identifier: 14:59:9E:8C:F5:3F:E7:D2:D6:66:83:3C:27:D1:B0:B5:4F:F0:89:6C
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 446755BF92A948B6AC7463504B2F59B381DF259D
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3137312e302f32342d3234203d3e20333935373933.roa
Signing time: Thu 29 May 2025 19:06:52 +0000
ROA not before: Thu 29 May 2025 19:01:52 +0000
ROA not after: Thu 28 May 2026 19:06:52 +0000
asID: 395793
IP address blocks: 145.79.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:67:55:bf:92:a9:48:b6:ac:74:63:50:4b:2f:59:b3:81:df:25:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 29 19:01:52 2025 GMT
Not After : May 28 19:06:52 2026 GMT
Subject: CN=14599E8CF53FE7D2D666833C27D1B0B54FF0896C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:d7:35:8c:38:f2:99:96:58:6e:7d:fb:f3:c0:
46:27:73:2e:3b:60:8c:5e:b6:68:a1:88:77:96:c5:
e3:33:3d:ef:3a:f2:fb:f9:c9:68:b0:15:6c:12:0b:
43:0c:f1:36:dc:31:dc:32:89:be:60:7c:b7:81:2a:
c9:78:4e:64:b1:4c:b9:eb:2c:d4:f1:8a:04:29:55:
40:a3:34:9d:44:a6:66:0f:a3:c4:09:0d:13:55:e8:
d7:22:c1:1b:dc:77:d0:25:d5:25:f2:f8:8d:b3:4f:
ae:cd:9a:ac:d1:08:41:03:0d:ad:66:d8:5b:8b:c9:
c9:a5:cf:f6:49:3c:f6:ca:92:73:7b:1a:10:88:1a:
11:75:cd:14:a0:c2:21:68:e9:56:98:87:40:0f:9b:
11:6c:89:af:ad:db:7c:fa:24:6b:54:c1:18:44:06:
d6:35:7a:a2:dc:86:e2:62:a4:f7:85:ce:e6:65:2d:
b7:39:a9:46:a4:cf:34:67:2d:79:57:7a:d3:3e:ef:
4f:60:2d:f4:ce:76:33:3a:d3:2a:e2:c6:f1:66:d6:
cb:20:d4:7b:98:41:e6:fb:b8:42:05:bf:0d:40:1e:
81:d0:f9:3e:01:8e:ba:e7:9e:05:84:5f:c8:c1:60:
70:2e:4f:75:7b:40:ff:65:c6:8b:16:17:1c:26:67:
40:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:59:9E:8C:F5:3F:E7:D2:D6:66:83:3C:27:D1:B0:B5:4F:F0:89:6C
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3137312e302f32342d3234203d3e20333935373933.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.79.171.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:b1:f9:d0:f2:52:55:4c:47:f7:d3:1b:64:bd:e9:92:07:bd:
0a:2b:97:2d:6d:00:ff:b4:42:70:89:4a:b5:c4:08:44:46:62:
70:75:74:1d:f9:5a:39:af:64:d8:d3:3c:ff:22:ee:68:a3:05:
cc:49:18:05:4c:da:bf:42:14:e2:be:6b:50:11:d5:fb:62:eb:
27:e0:e9:9a:88:80:5d:52:07:06:5b:71:d3:e1:80:ac:ad:b4:
9a:c6:e8:a5:ca:cf:19:b9:ba:2c:df:46:a2:1f:b2:12:48:80:
21:03:68:a0:39:a2:5d:dc:94:55:aa:45:6a:85:11:29:2f:29:
6c:29:9e:e0:06:a8:e8:cc:7e:06:ff:f0:4a:32:a5:a5:95:e5:
ce:f1:52:1a:74:13:8c:67:ed:64:25:36:5a:ad:fd:a1:8e:ec:
99:c2:ec:2b:ce:50:ec:60:31:05:db:d5:6c:3f:77:42:1f:4f:
1f:4f:38:e3:79:53:02:72:ec:cb:3d:f3:32:49:40:81:22:0b:
c8:2b:2c:60:95:94:69:a6:57:07:f9:e3:9b:9f:1e:64:02:d3:
ad:d3:17:ea:5b:72:77:12:b4:f9:24:37:3f:82:0b:ee:2d:13:
3d:93:ee:cf:b7:f8:94:fe:7b:24:2a:52:58:dd:ab:1e:19:c2:
18:6c:20:44
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIURGdVv5KpSLasdGNQSy9Zs4HfJZ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA1MjkxOTAxNTJaFw0yNjA1MjgxOTA2NTJaMDMxMTAvBgNV
BAMTKDE0NTk5RThDRjUzRkU3RDJENjY2ODMzQzI3RDFCMEI1NEZGMDg5NkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDk1zWMOPKZllhuffvzwEYncy47
YIxetmihiHeWxeMzPe868vv5yWiwFWwSC0MM8TbcMdwyib5gfLeBKsl4TmSxTLnr
LNTxigQpVUCjNJ1EpmYPo8QJDRNV6NciwRvcd9Al1SXy+I2zT67NmqzRCEEDDa1m
2FuLycmlz/ZJPPbKknN7GhCIGhF1zRSgwiFo6VaYh0APmxFsia+t23z6JGtUwRhE
BtY1eqLchuJipPeFzuZlLbc5qUakzzRnLXlXetM+709gLfTOdjM60yrixvFm1ssg
1HuYQeb7uEIFvw1AHoHQ+T4BjrrnngWEX8jBYHAuT3V7QP9lxosWFxwmZ0C9AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUFFmejPU/59LWZoM8J9GwtU/wiWwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzNzM5MmUzMTM3
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzUzNzM5MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACRT6swDQYJKoZIhvcNAQELBQADggEBAJyx+dDyUlVMR/fTG2S96ZIHvQorly1t
AP+0QnCJSrXECERGYnB1dB35WjmvZNjTPP8i7mijBcxJGAVM2r9CFOK+a1AR1fti
6yfg6ZqIgF1SBwZbcdPhgKyttJrG6KXKzxm5uizfRqIfshJIgCEDaKA5ol3clFWq
RWqFESkvKWwpnuAGqOjMfgb/8EoypaWV5c7xUhp0E4xn7WQlNlqt/aGO7JnC7CvO
UOxgMQXb1Ww/d0IfTx9POON5UwJy7Ms98zJJQIEiC8grLGCVlGmmVwf545ufHmQC
063TF+pbcncStPkkNz+CC+4tEz2T7s+3+JT+eyQqUljdqx4ZwhhsIEQ=
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:30:15 2025 by rpki-client