Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e36362e302f32342d3234203d3e20323136313531.roa
File: 3137362e3132362e36362e302f32342d3234203d3e20323136313531.roa (raw, json)
Hash identifier: 5oYWLlCIBHwSM7le45m8+Zk04h2qsZHyS7ZoKNC4Mbw=
Subject key identifier: 80:A7:93:25:FD:2C:A7:0F:D2:E5:68:C5:54:2A:12:68:C5:1D:69:AF
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1B0785B94AC0AE406987EF91D2B787613E7C9119
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e36362e302f32342d3234203d3e20323136313531.roa
Signing time: Fri 28 Mar 2025 09:19:17 +0000
ROA not before: Fri 28 Mar 2025 09:14:17 +0000
ROA not after: Fri 27 Mar 2026 09:19:17 +0000
asID: 216151
IP address blocks: 176.126.66.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:07:85:b9:4a:c0:ae:40:69:87:ef:91:d2:b7:87:61:3e:7c:91:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 28 09:14:17 2025 GMT
Not After : Mar 27 09:19:17 2026 GMT
Subject: CN=80A79325FD2CA70FD2E568C5542A1268C51D69AF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:08:5e:e9:3c:0e:d8:c8:f9:15:ba:d5:4f:33:
4d:8b:4c:78:ec:13:44:23:50:a4:a5:b1:85:12:05:
51:28:10:be:c2:d9:3f:04:07:e0:5d:98:0b:7e:e7:
7d:ec:ee:36:38:6f:1f:ea:94:3b:94:02:44:9b:24:
9c:d2:e9:96:07:e6:6a:72:90:b9:a2:9c:e0:46:d8:
8c:18:87:54:e6:52:d1:15:92:9b:e0:14:46:76:2c:
8c:56:3b:fd:83:95:60:92:9f:63:28:a3:38:a6:36:
88:98:6e:b9:e0:90:af:bf:0e:a6:ae:b0:f2:83:45:
f9:70:e5:aa:c0:fd:13:b9:3f:28:97:4d:2d:80:de:
76:6b:9f:a3:f6:b5:28:7d:db:31:14:b5:5a:12:e2:
74:ca:62:a4:47:c9:ed:c3:73:ef:e3:3f:eb:03:8e:
b9:c3:67:b2:8e:bd:ad:4c:79:23:0c:70:a0:61:ab:
8e:f5:01:67:7b:8f:27:c8:94:25:de:a0:86:d6:b6:
cf:a8:54:fe:f3:a1:ec:df:11:c0:34:38:4e:6f:25:
92:cc:0f:ce:5e:4d:6a:af:95:e2:0c:6b:e9:ed:db:
ce:a2:4e:dd:71:56:70:01:b7:1f:8b:35:05:96:ac:
0d:2a:b8:2e:f1:1a:95:77:57:88:97:3d:2c:4f:fb:
63:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:A7:93:25:FD:2C:A7:0F:D2:E5:68:C5:54:2A:12:68:C5:1D:69:AF
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e36362e302f32342d3234203d3e20323136313531.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.126.66.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:5e:bd:3c:cd:cb:81:ef:cc:ee:74:62:1e:7e:be:06:b3:18:
dc:90:83:d7:37:32:85:d5:31:d5:fe:92:2a:cb:14:21:b1:12:
c0:1c:a6:26:84:54:97:df:c1:97:e0:34:32:b4:7e:e1:d1:90:
94:af:e9:8d:94:d9:90:f6:21:69:9b:64:67:db:df:5e:9a:0f:
f0:6c:aa:05:eb:4c:26:bf:33:12:fb:47:b5:3b:76:3e:9d:04:
aa:db:b6:d2:ac:c5:13:17:f8:43:92:92:72:8a:93:10:58:5c:
da:38:98:f3:09:3d:b7:e0:2a:99:ca:a1:62:39:78:f2:d5:90:
f6:90:e1:23:0f:23:0d:cb:7d:97:af:d9:cd:b9:a9:ed:d4:64:
ec:39:34:71:ec:0a:e9:19:d0:ff:df:45:0a:3a:84:c9:36:e9:
11:6f:dd:00:80:56:33:bc:5a:f0:80:d4:7c:93:26:1a:dd:e4:
18:34:13:68:aa:35:77:ec:37:c3:f6:52:53:6a:8d:bb:42:6b:
96:a6:bb:dc:2c:83:eb:90:95:c9:75:e5:ea:81:6a:aa:da:a6:
58:c4:3e:7f:35:1a:19:c6:2b:9b:a1:94:d7:d0:9a:5d:a5:a2:
56:a0:78:11:e9:60:b7:4c:84:ea:fe:05:fe:9e:e2:ea:05:35:
80:55:ca:17
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUGweFuUrArkBph++R0reHYT58kRkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAzMjgwOTE0MTdaFw0yNjAzMjcwOTE5MTdaMDMxMTAvBgNV
BAMTKDgwQTc5MzI1RkQyQ0E3MEZEMkU1NjhDNTU0MkExMjY4QzUxRDY5QUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxCF7pPA7YyPkVutVPM02LTHjs
E0QjUKSlsYUSBVEoEL7C2T8EB+BdmAt+533s7jY4bx/qlDuUAkSbJJzS6ZYH5mpy
kLminOBG2IwYh1TmUtEVkpvgFEZ2LIxWO/2DlWCSn2MoozimNoiYbrngkK+/Dqau
sPKDRflw5arA/RO5PyiXTS2A3nZrn6P2tSh92zEUtVoS4nTKYqRHye3Dc+/jP+sD
jrnDZ7KOva1MeSMMcKBhq471AWd7jyfIlCXeoIbWts+oVP7zoezfEcA0OE5vJZLM
D85eTWqvleIMa+nt286iTt1xVnABtx+LNQWWrA0quC7xGpV3V4iXPSxP+2MNAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUgKeTJf0spw/S5WjFVCoSaMUdaa8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNzM2MmUzMTMyMzYyZTM2
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzYzMTM1MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACwfkIwDQYJKoZIhvcNAQELBQADggEBAD5evTzNy4HvzO50Yh5+vgazGNyQg9c3
MoXVMdX+kirLFCGxEsAcpiaEVJffwZfgNDK0fuHRkJSv6Y2U2ZD2IWmbZGfb316a
D/BsqgXrTCa/MxL7R7U7dj6dBKrbttKsxRMX+EOSknKKkxBYXNo4mPMJPbfgKpnK
oWI5ePLVkPaQ4SMPIw3LfZev2c25qe3UZOw5NHHsCukZ0P/fRQo6hMk26RFv3QCA
VjO8WvCA1HyTJhrd5Bg0E2iqNXfsN8P2UlNqjbtCa5amu9wsg+uQlcl15eqBaqra
pljEPn81GhnGK5uhlNfQml2lolageBHpYLdMhOr+Bf6e4uoFNYBVyhc=
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:03:27 2025 by rpki-client