Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e39312e302f32342d3234203d3e20323134313433.roa
File: 3134352e37392e39312e302f32342d3234203d3e20323134313433.roa (raw, json)
Hash identifier: tqOG7zHqH8w5cTLqy5pPyOKrecUoj7xu3Lie3MxC9eQ=
Subject key identifier: 58:BB:2E:CC:55:F2:E9:A8:9A:0F:65:2D:4F:BB:41:21:96:55:5B:F0
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 32B02BF080704BEE99B4FCBD0CA93A925963B683
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e39312e302f32342d3234203d3e20323134313433.roa
Signing time: Thu 04 Sep 2025 12:23:50 +0000
ROA not before: Thu 04 Sep 2025 12:18:50 +0000
ROA not after: Thu 03 Sep 2026 12:23:50 +0000
asID: 214143
IP address blocks: 145.79.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 01:27:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:b0:2b:f0:80:70:4b:ee:99:b4:fc:bd:0c:a9:3a:92:59:63:b6:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 4 12:18:50 2025 GMT
Not After : Sep 3 12:23:50 2026 GMT
Subject: CN=58BB2ECC55F2E9A89A0F652D4FBB412196555BF0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a9:bf:65:47:c5:e5:48:fc:96:ef:e4:2b:44:
85:dc:3d:dc:d0:c1:d2:ae:22:dd:ca:8a:53:4e:a2:
cf:4a:c3:08:ed:94:63:18:4c:db:25:61:0c:95:1f:
3d:48:f3:d0:db:cd:7c:09:5e:c9:3e:59:8d:79:c3:
cb:9d:78:10:0c:e9:f1:94:73:e4:9a:29:6c:2e:e8:
46:42:69:db:4d:a2:37:51:f0:d9:84:8e:ae:e6:0b:
97:86:1a:c3:f6:5f:83:44:3f:c4:ba:74:a1:f5:44:
52:2f:71:ee:3b:fc:22:84:03:33:9f:ff:24:d0:05:
ce:94:63:2d:5a:f3:fa:f6:0c:2c:1b:a4:4d:78:b9:
9a:71:06:5d:d8:9b:b3:85:1f:09:c7:1e:0d:13:56:
0b:c3:6f:8d:57:e1:1c:f7:3d:4c:32:c8:15:7b:be:
2c:5c:59:29:b5:3f:26:41:76:af:03:2e:49:6a:3d:
1c:fe:28:d9:ab:5a:38:27:cf:f2:f6:9f:92:94:0f:
fe:52:0f:b9:9d:5d:4b:36:83:c6:18:09:5e:72:c6:
5b:8c:91:d4:3c:04:5b:77:78:b4:0b:0b:af:4a:5b:
4f:2f:84:42:d3:b3:3e:31:7d:d6:70:f3:b7:20:a1:
3d:c2:83:92:4d:29:bd:50:2b:b5:94:8e:75:dc:48:
52:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:BB:2E:CC:55:F2:E9:A8:9A:0F:65:2D:4F:BB:41:21:96:55:5B:F0
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e39312e302f32342d3234203d3e20323134313433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.79.91.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:dc:95:c4:4c:bc:8e:0b:31:65:a0:68:83:ed:c2:25:e9:e1:
ad:ee:5a:18:7f:fc:a8:f1:41:7d:b9:70:e0:c7:eb:0e:f6:d3:
8b:59:eb:50:99:72:6f:28:ca:9c:4f:e0:13:5f:bd:95:30:bf:
aa:ee:ff:88:35:02:cc:63:eb:55:e4:d4:73:da:58:b8:7a:31:
c5:42:02:f3:68:3f:cb:56:35:35:1d:13:80:ca:26:aa:a9:1f:
f7:bb:77:a9:62:a3:26:42:5a:72:0c:17:17:f4:42:6e:71:b1:
40:e3:66:37:e9:5d:e7:cb:1a:fc:24:c2:f2:06:95:39:ec:48:
81:b6:67:ce:9c:13:44:b3:ad:7c:36:f8:d5:d4:ee:4d:f2:a2:
a0:3d:2d:58:b1:41:d3:bb:99:75:8a:28:4e:84:59:c2:ff:9d:
e8:c1:81:83:af:b2:56:ff:10:0d:ba:45:bc:11:7b:f9:ec:bf:
2a:ef:a6:5e:af:1c:84:f9:87:1c:95:70:0f:6a:18:4d:12:fa:
0e:df:5f:1e:57:b4:cb:6b:51:30:1e:84:29:98:fe:02:b9:85:
0c:a7:db:e6:66:08:66:aa:d0:08:15:64:8a:0f:cc:9e:19:f8:
2e:f4:97:0d:f1:c2:12:90:a0:94:ee:a1:f4:a7:ac:ca:36:d7:
58:54:be:cd
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUMrAr8IBwS+6ZtPy9DKk6klljtoMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA5MDQxMjE4NTBaFw0yNjA5MDMxMjIzNTBaMDMxMTAvBgNV
BAMTKDU4QkIyRUNDNTVGMkU5QTg5QTBGNjUyRDRGQkI0MTIxOTY1NTVCRjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwqb9lR8XlSPyW7+QrRIXcPdzQ
wdKuIt3KilNOos9KwwjtlGMYTNslYQyVHz1I89DbzXwJXsk+WY15w8udeBAM6fGU
c+SaKWwu6EZCadtNojdR8NmEjq7mC5eGGsP2X4NEP8S6dKH1RFIvce47/CKEAzOf
/yTQBc6UYy1a8/r2DCwbpE14uZpxBl3Ym7OFHwnHHg0TVgvDb41X4Rz3PUwyyBV7
vixcWSm1PyZBdq8DLklqPRz+KNmrWjgnz/L2n5KUD/5SD7mdXUs2g8YYCV5yxluM
kdQ8BFt3eLQLC69KW08vhELTsz4xfdZw87cgoT3Cg5JNKb1QK7WUjnXcSFLrAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUWLsuzFXy6aiaD2UtT7tBIZZVW/AwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzNzM5MmUzOTMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM0MzEzNDMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
kU9bMA0GCSqGSIb3DQEBCwUAA4IBAQAP3JXETLyOCzFloGiD7cIl6eGt7loYf/yo
8UF9uXDgx+sO9tOLWetQmXJvKMqcT+ATX72VML+q7v+INQLMY+tV5NRz2li4ejHF
QgLzaD/LVjU1HROAyiaqqR/3u3epYqMmQlpyDBcX9EJucbFA42Y36V3nyxr8JMLy
BpU57EiBtmfOnBNEs618NvjV1O5N8qKgPS1YsUHTu5l1iihOhFnC/53owYGDr7JW
/xANukW8EXv57L8q76ZerxyE+YcclXAPahhNEvoO318eV7TLa1EwHoQpmP4CuYUM
p9vmZghmqtAIFWSKD8yeGfgu9JcN8cISkKCU7qH0p6zKNtdYVL7N
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:35:29 2025 by rpki-client