Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e38352e302f32342d3234203d3e203633343733.roa
File: 3137362e3132362e38352e302f32342d3234203d3e203633343733.roa (raw, json)
Hash identifier: KCN9LpQI2bH/v1rlGo2ixYv3fF7Q03Ee05twLJWwMf0=
Subject key identifier: D4:22:C1:0B:A3:AB:C9:36:FA:6A:9E:5D:3A:D1:DB:4F:3A:4D:B7:84
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 78D0B034197719BFAB5C47ABD8F0D172A3B46195
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e38352e302f32342d3234203d3e203633343733.roa
Signing time: Tue 04 Feb 2025 09:45:40 +0000
ROA not before: Tue 04 Feb 2025 09:40:40 +0000
ROA not after: Tue 03 Feb 2026 09:45:40 +0000
asID: 63473
IP address blocks: 176.126.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:d0:b0:34:19:77:19:bf:ab:5c:47:ab:d8:f0:d1:72:a3:b4:61:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 4 09:40:40 2025 GMT
Not After : Feb 3 09:45:40 2026 GMT
Subject: CN=D422C10BA3ABC936FA6A9E5D3AD1DB4F3A4DB784
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ea:ec:75:9c:53:1b:9b:cb:96:94:01:d5:b6:
73:a9:cd:ca:0b:23:c3:49:5f:8b:48:e8:d5:b0:4e:
ba:50:fe:df:57:9d:a6:ac:a3:96:8c:e9:16:e0:bf:
7a:8e:41:9f:cd:6b:95:c0:dd:b7:65:eb:11:de:85:
b4:06:d4:e0:11:22:05:a1:c9:06:b9:e2:d0:32:24:
bf:c8:88:68:8f:22:41:8c:e5:21:7e:2b:fe:81:23:
32:0f:ce:23:ea:24:3a:36:3c:4c:7b:50:8f:bd:63:
e0:12:e0:73:0a:ce:f4:56:80:6b:94:18:95:50:e2:
5c:fd:70:55:0b:41:0b:52:3a:b5:21:02:dc:73:3f:
af:85:dd:61:e4:40:c9:a0:87:a0:88:fc:3f:c3:f4:
2a:de:66:e7:29:a0:90:d4:ab:47:1b:e7:36:ea:5e:
d5:a3:4f:2e:b0:bc:7c:82:71:0a:87:22:bd:3a:b4:
ec:4c:7e:97:df:03:74:1e:de:4e:29:d7:59:5f:27:
ef:5d:98:66:e7:05:3a:8e:4d:d8:4b:d9:a4:21:d8:
42:f3:6c:34:17:b7:2a:63:03:21:52:4f:8f:ad:bd:
f2:93:44:49:4d:91:59:ae:23:8b:3b:7a:e3:bd:d5:
0a:08:0d:f7:77:ab:d5:9a:2d:01:cf:28:29:05:97:
17:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:22:C1:0B:A3:AB:C9:36:FA:6A:9E:5D:3A:D1:DB:4F:3A:4D:B7:84
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e38352e302f32342d3234203d3e203633343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.126.85.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:8d:31:14:f4:78:86:4c:43:28:ee:46:31:fa:9d:b0:27:53:
7c:cd:e6:14:3b:43:34:e9:83:09:c4:55:0a:72:57:7a:8f:03:
f4:e2:4a:c4:1b:13:f6:db:cb:90:48:85:1b:ec:1a:72:4b:ce:
fe:b0:48:af:c4:04:7d:3c:3c:66:10:af:40:7c:bd:2b:e8:e4:
70:57:43:40:cd:c6:e5:cc:06:68:9d:fc:57:0a:63:f1:c1:cb:
52:d6:c3:b0:bc:07:c2:78:e8:44:c2:10:d2:b6:8a:81:4f:19:
c0:bd:c3:81:07:42:5a:ac:50:1f:28:c9:78:6c:03:71:50:1f:
ac:9f:a4:4c:f7:73:9e:a4:14:dd:1c:32:a6:f5:f4:7f:aa:5b:
3e:f5:b3:fc:72:d9:4b:15:d3:b5:ca:c7:69:ab:68:e8:e8:e2:
75:d9:0e:f4:1d:14:a2:64:6c:de:16:1e:0f:a9:7e:12:74:a9:
97:be:65:9c:82:7e:8a:8f:d1:5f:16:bc:4b:b3:79:f8:37:e1:
8f:72:ce:01:b2:c5:2d:6f:7a:62:8c:1a:78:16:4e:84:a3:59:
43:25:6d:cf:d9:87:05:04:13:79:e9:4d:91:ed:c8:ea:c3:a4:
a0:03:32:1a:5b:0a:2a:8a:41:12:01:f5:61:f1:a7:93:cd:83:
18:ff:4e:97
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUeNCwNBl3Gb+rXEer2PDRcqO0YZUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAyMDQwOTQwNDBaFw0yNjAyMDMwOTQ1NDBaMDMxMTAvBgNV
BAMTKEQ0MjJDMTBCQTNBQkM5MzZGQTZBOUU1RDNBRDFEQjRGM0E0REI3ODQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDe6ux1nFMbm8uWlAHVtnOpzcoL
I8NJX4tI6NWwTrpQ/t9Xnaaso5aM6Rbgv3qOQZ/Na5XA3bdl6xHehbQG1OARIgWh
yQa54tAyJL/IiGiPIkGM5SF+K/6BIzIPziPqJDo2PEx7UI+9Y+AS4HMKzvRWgGuU
GJVQ4lz9cFULQQtSOrUhAtxzP6+F3WHkQMmgh6CI/D/D9CreZucpoJDUq0cb5zbq
XtWjTy6wvHyCcQqHIr06tOxMfpffA3Qe3k4p11lfJ+9dmGbnBTqOTdhL2aQh2ELz
bDQXtypjAyFST4+tvfKTRElNkVmuI4s7euO91QoIDfd3q9WaLQHPKCkFlxd/AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU1CLBC6OryTb6ap5dOtHbTzpNt4QwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNzM2MmUzMTMyMzYyZTM4
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMzMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
sH5VMA0GCSqGSIb3DQEBCwUAA4IBAQAsjTEU9HiGTEMo7kYx+p2wJ1N8zeYUO0M0
6YMJxFUKcld6jwP04krEGxP228uQSIUb7BpyS87+sEivxAR9PDxmEK9AfL0r6ORw
V0NAzcblzAZonfxXCmPxwctS1sOwvAfCeOhEwhDStoqBTxnAvcOBB0JarFAfKMl4
bANxUB+sn6RM93OepBTdHDKm9fR/qls+9bP8ctlLFdO1ysdpq2jo6OJ12Q70HRSi
ZGzeFh4PqX4SdKmXvmWcgn6Kj9FfFrxLs3n4N+GPcs4BssUtb3pijBp4Fk6Eo1lD
JW3P2YcFBBN56U2R7cjqw6SgAzIaWwoqikESAfVh8aeTzYMY/06X
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:01:34 2025 by rpki-client