Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e38392e302f32342d3234203d3e20323134313433.roa
File: 3134352e37392e38392e302f32342d3234203d3e20323134313433.roa (raw, json)
Hash identifier: pxwXiXKE1kJDR1vtqKmiNwSjKOSQOEdL85I9NJYsgho=
Subject key identifier: 87:18:E9:72:B3:49:EF:BE:BF:D3:05:DB:EA:71:93:DC:69:80:D9:3D
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2C3315CBD9BC2CFCADFCC604937CB525EA8CBC18
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e38392e302f32342d3234203d3e20323134313433.roa
Signing time: Thu 04 Sep 2025 12:23:49 +0000
ROA not before: Thu 04 Sep 2025 12:18:49 +0000
ROA not after: Thu 03 Sep 2026 12:23:49 +0000
asID: 214143
IP address blocks: 145.79.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 01:27:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:33:15:cb:d9:bc:2c:fc:ad:fc:c6:04:93:7c:b5:25:ea:8c:bc:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 4 12:18:49 2025 GMT
Not After : Sep 3 12:23:49 2026 GMT
Subject: CN=8718E972B349EFBEBFD305DBEA7193DC6980D93D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:01:99:61:de:70:9b:d5:a9:d7:23:b7:56:d6:
80:af:14:c2:4d:13:8e:1d:33:17:f3:02:39:3c:b5:
bb:b9:47:0f:eb:d4:6a:fd:7e:27:f9:2a:a9:da:bc:
11:3f:cf:9b:e3:42:40:30:e3:2f:42:cf:f6:4d:a5:
a6:9d:fa:ee:ec:60:2b:4a:ef:ac:7a:eb:b5:31:5b:
d6:54:b7:64:ef:92:2b:05:89:0f:54:4f:fc:ff:f6:
7d:d1:6e:26:04:84:14:0d:77:8f:76:66:62:1a:dd:
14:9c:fe:4e:39:23:38:37:0b:00:ec:37:a0:77:6e:
17:79:6f:75:af:1b:c8:80:8e:d4:ee:38:11:ed:57:
63:9c:f0:8d:b7:24:43:41:31:f7:fd:e1:bf:d1:fa:
32:2e:14:e7:a0:84:eb:86:ac:09:a7:57:6b:f2:f7:
8f:1f:54:43:8c:f8:ff:4a:f7:ca:ec:3b:3a:e6:aa:
8e:6f:60:ab:53:ad:c3:75:25:d6:71:39:e5:0c:4b:
1e:5c:21:cd:d3:c9:9a:d0:8a:f5:98:1f:cd:80:e9:
2e:72:65:8f:d1:a4:c6:99:7b:4f:9f:dc:44:ee:6d:
ee:be:5e:5b:9f:ac:12:15:96:e0:11:83:a8:44:62:
91:ec:35:e9:68:5c:c6:bc:58:73:07:23:e2:e1:70:
e5:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:18:E9:72:B3:49:EF:BE:BF:D3:05:DB:EA:71:93:DC:69:80:D9:3D
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e38392e302f32342d3234203d3e20323134313433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.79.89.0/24
Signature Algorithm: sha256WithRSAEncryption
63:8c:6c:e7:11:2f:56:74:ff:84:a9:aa:13:78:0e:26:5c:99:
99:6e:61:20:f0:b5:2c:ee:4f:b7:ac:b3:f3:5b:5b:cd:b1:63:
1f:07:b1:53:84:be:c1:b3:1f:1c:0b:07:52:5a:2c:e1:48:6e:
9a:fc:bf:81:8b:87:41:40:86:bc:22:f9:95:1c:1f:c3:d3:27:
46:69:18:f4:62:4f:73:20:4f:e4:f6:29:36:10:3d:cf:64:02:
48:da:b4:5e:4f:92:a7:61:f8:3f:e2:d2:6e:4e:27:45:8e:fb:
ce:48:37:06:21:82:bc:5f:f5:60:6e:aa:6a:d5:44:ea:e6:cc:
2e:a1:78:67:8b:53:88:87:47:cf:78:06:9e:34:dd:0d:db:b8:
12:31:0d:46:17:83:d8:a1:ce:ed:d8:85:24:43:ce:e2:64:66:
58:59:44:07:fe:21:84:67:cb:80:91:38:29:a9:91:bf:cd:18:
7f:1f:c1:a8:4d:f4:15:5a:51:12:e5:30:2f:7a:fc:c4:31:ba:
46:6a:80:ea:7e:d1:9c:d4:d0:07:60:3d:2b:8b:c1:e1:b8:58:
d0:e5:b9:15:81:3f:c3:21:67:d0:ca:85:cb:14:ba:f9:98:ba:
a4:23:a2:bd:5b:2a:59:90:78:d9:71:2d:f8:89:1a:36:e5:1d:
7c:17:8a:f1
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIULDMVy9m8LPyt/MYEk3y1JeqMvBgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA5MDQxMjE4NDlaFw0yNjA5MDMxMjIzNDlaMDMxMTAvBgNV
BAMTKDg3MThFOTcyQjM0OUVGQkVCRkQzMDVEQkVBNzE5M0RDNjk4MEQ5M0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6AZlh3nCb1anXI7dW1oCvFMJN
E44dMxfzAjk8tbu5Rw/r1Gr9fif5KqnavBE/z5vjQkAw4y9Cz/ZNpaad+u7sYCtK
76x667UxW9ZUt2TvkisFiQ9UT/z/9n3RbiYEhBQNd492ZmIa3RSc/k45Izg3CwDs
N6B3bhd5b3WvG8iAjtTuOBHtV2Oc8I23JENBMff94b/R+jIuFOeghOuGrAmnV2vy
948fVEOM+P9K98rsOzrmqo5vYKtTrcN1JdZxOeUMSx5cIc3TyZrQivWYH82A6S5y
ZY/RpMaZe0+f3ETube6+XlufrBIVluARg6hEYpHsNeloXMa8WHMHI+LhcOW1AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUhxjpcrNJ776/0wXb6nGT3GmA2T0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzNzM5MmUzODM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM0MzEzNDMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
kU9ZMA0GCSqGSIb3DQEBCwUAA4IBAQBjjGznES9WdP+EqaoTeA4mXJmZbmEg8LUs
7k+3rLPzW1vNsWMfB7FThL7Bsx8cCwdSWizhSG6a/L+Bi4dBQIa8IvmVHB/D0ydG
aRj0Yk9zIE/k9ik2ED3PZAJI2rReT5KnYfg/4tJuTidFjvvOSDcGIYK8X/Vgbqpq
1UTq5swuoXhni1OIh0fPeAaeNN0N27gSMQ1GF4PYoc7t2IUkQ87iZGZYWUQH/iGE
Z8uAkTgpqZG/zRh/H8GoTfQVWlES5TAvevzEMbpGaoDqftGc1NAHYD0ri8HhuFjQ
5bkVgT/DIWfQyoXLFLr5mLqkI6K9WypZkHjZcS34iRo25R18F4rx
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:35:27 2025 by rpki-client