Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130342e302f32332d3332203d3e20313431393935.roa
File: 3135362e36372e3130342e302f32332d3332203d3e20313431393935.roa (raw, json)
Hash identifier: NER8AfxUrosr2HIPyUUjKdQyVabX8EDgeJFtD0YuSpY=
Subject key identifier: A9:80:70:65:FA:D1:7C:0B:CE:4F:71:C8:26:BF:AD:C0:B6:37:17:D9
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 415D050971C4089A686CEF2B5C8635F84411B248
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130342e302f32332d3332203d3e20313431393935.roa
Signing time: Mon 12 May 2025 11:46:13 +0000
ROA not before: Mon 12 May 2025 11:41:13 +0000
ROA not after: Mon 11 May 2026 11:46:13 +0000
asID: 141995
IP address blocks: 156.67.104.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 12:43:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:5d:05:09:71:c4:08:9a:68:6c:ef:2b:5c:86:35:f8:44:11:b2:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 12 11:41:13 2025 GMT
Not After : May 11 11:46:13 2026 GMT
Subject: CN=A9807065FAD17C0BCE4F71C826BFADC0B63717D9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ab:c0:8c:33:f1:15:27:4d:f9:03:61:7e:5a:
f1:c5:f0:71:a1:2c:a2:aa:17:29:62:65:cf:6f:de:
43:65:6b:de:bb:b3:94:fd:24:df:15:9f:4b:6e:d5:
be:ae:7d:01:4c:da:6a:a3:dc:05:7a:cd:9f:98:02:
56:9d:6e:7d:a4:a5:ec:0a:9c:5e:9b:27:cf:a7:89:
b6:51:5e:28:ea:0a:95:75:67:99:d4:8d:47:72:2f:
18:83:28:ee:c2:f1:7e:18:f8:9a:f2:18:a4:03:0f:
22:8e:79:05:ae:1a:b9:e3:fb:6e:d0:f4:d3:b5:40:
03:76:23:eb:46:21:c1:47:8e:9e:6c:cc:a1:4f:ef:
c0:4a:27:ea:67:ec:17:0c:fa:7b:3f:08:fe:6d:e6:
91:53:ec:f9:57:1d:b8:f5:a3:92:ec:95:3d:79:32:
0d:8c:0d:62:ee:ea:15:61:9c:2f:53:33:72:a2:ad:
11:e8:80:5a:3a:74:f3:98:71:b7:80:6e:d8:91:d5:
b7:20:62:b5:b6:ae:29:38:7e:2c:a2:3c:d9:da:0e:
d9:4d:6c:ad:10:c5:4d:f0:5f:fd:41:f6:fb:65:4c:
f5:1e:d8:15:51:b0:4f:1e:3f:ed:51:d7:21:0f:51:
3c:fd:02:7b:9b:41:3e:8f:8e:f0:49:e4:c2:15:be:
a8:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:80:70:65:FA:D1:7C:0B:CE:4F:71:C8:26:BF:AD:C0:B6:37:17:D9
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130342e302f32332d3332203d3e20313431393935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.104.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:4c:e5:f0:e2:ac:f0:82:e6:b8:0a:09:e9:d4:a4:d4:a1:14:
9e:5c:ff:41:1d:a1:c4:46:8b:a9:da:29:41:10:24:1b:67:78:
c9:31:d0:66:8b:12:70:72:b4:17:05:2a:5f:45:17:cf:62:41:
29:ba:fa:e2:da:40:76:61:81:84:3c:f3:10:60:0b:8b:74:4a:
05:45:ca:43:cf:83:1f:08:2d:c6:36:1c:7e:46:bf:0e:7c:e6:
e3:56:21:eb:fa:44:d2:77:76:18:9c:13:72:7f:89:05:e1:df:
8c:4d:94:f8:c2:d5:ee:2d:f4:ef:3c:e5:2e:0e:2d:a6:7f:4f:
da:09:e0:8a:fb:f2:79:e0:ee:6d:73:02:cc:27:04:ed:6c:b7:
7c:a2:f2:86:77:98:2f:9d:49:e9:34:8d:40:04:e5:ec:57:a2:
7d:de:2e:bb:ce:6b:19:5e:6c:59:14:40:d6:bb:be:f0:e7:d7:
27:ac:dc:2b:1c:b6:da:0e:0e:2d:12:05:3e:f0:97:34:63:ba:
83:25:b3:37:e0:8e:ec:75:10:6a:d5:03:83:09:cf:bc:62:a7:
69:bf:90:3c:05:80:db:79:2b:26:8d:b5:af:5c:2f:0a:89:af:
4d:99:3c:10:55:5f:b6:94:84:f9:fc:b4:af:f2:fd:8e:33:1e:
83:5e:4e:3b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQV0FCXHECJpobO8rXIY1+EQRskgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA1MTIxMTQxMTNaFw0yNjA1MTExMTQ2MTNaMDMxMTAvBgNV
BAMTKEE5ODA3MDY1RkFEMTdDMEJDRTRGNzFDODI2QkZBREMwQjYzNzE3RDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4q8CMM/EVJ035A2F+WvHF8HGh
LKKqFyliZc9v3kNla967s5T9JN8Vn0tu1b6ufQFM2mqj3AV6zZ+YAladbn2kpewK
nF6bJ8+nibZRXijqCpV1Z5nUjUdyLxiDKO7C8X4Y+JryGKQDDyKOeQWuGrnj+27Q
9NO1QAN2I+tGIcFHjp5szKFP78BKJ+pn7BcM+ns/CP5t5pFT7PlXHbj1o5LslT15
Mg2MDWLu6hVhnC9TM3KirRHogFo6dPOYcbeAbtiR1bcgYrW2rik4fiyiPNnaDtlN
bK0QxU3wX/1B9vtlTPUe2BVRsE8eP+1R1yEPUTz9AnubQT6PjvBJ5MIVvqjdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUqYBwZfrRfAvOT3HIJr+twLY3F9kwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzMTMw
MzQyZTMwMmYzMjMzMmQzMzMyMjAzZDNlMjAzMTM0MzEzOTM5MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAGcQ2gwDQYJKoZIhvcNAQELBQADggEBABpM5fDirPCC5rgKCenUpNShFJ5c/0Ed
ocRGi6naKUEQJBtneMkx0GaLEnBytBcFKl9FF89iQSm6+uLaQHZhgYQ88xBgC4t0
SgVFykPPgx8ILcY2HH5Gvw585uNWIev6RNJ3dhicE3J/iQXh34xNlPjC1e4t9O88
5S4OLaZ/T9oJ4Ir78nng7m1zAswnBO1st3yi8oZ3mC+dSek0jUAE5exXon3eLrvO
axlebFkUQNa7vvDn1yes3CscttoODi0SBT7wlzRjuoMlszfgjux1EGrVA4MJz7xi
p2m/kDwFgNt5KyaNta9cLwqJr02ZPBBVX7aUhPn8tK/y/Y4zHoNeTjs=
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:17:08 2025 by rpki-client