Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e35332e3137372e302f32342d3234203d3e20323132323338.roa
File: 3137362e35332e3137372e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: xzgBUZnREGdYbsqCOMJFNVbsWxDW4+vCjdxkDdqM3ik=
Subject key identifier: DC:40:E2:3F:AE:8F:35:B2:F7:DC:25:C1:29:36:9E:0C:B6:DF:17:D8
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 089ACF3719705811EF9DA05A3AEAD7DEF850D358
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e35332e3137372e302f32342d3234203d3e20323132323338.roa
Signing time: Thu 28 Aug 2025 20:49:57 +0000
ROA not before: Thu 28 Aug 2025 20:44:57 +0000
ROA not after: Thu 27 Aug 2026 20:49:57 +0000
asID: 212238
IP address blocks: 176.53.177.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 01:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:9a:cf:37:19:70:58:11:ef:9d:a0:5a:3a:ea:d7:de:f8:50:d3:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 28 20:44:57 2025 GMT
Not After : Aug 27 20:49:57 2026 GMT
Subject: CN=DC40E23FAE8F35B2F7DC25C129369E0CB6DF17D8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:26:44:34:0c:2e:03:1b:b7:45:47:0d:92:3b:
5d:cd:de:74:c9:99:ff:b4:8b:2f:e5:46:2a:c5:2b:
dd:77:ec:16:21:6b:85:66:18:88:07:cc:de:a5:b2:
3d:a0:a0:2b:7c:e8:b2:ad:ab:1b:d0:43:ea:7a:3d:
12:04:38:9c:bf:f7:d3:4b:09:81:51:9f:fa:8c:78:
08:ac:5a:a9:ba:7b:c0:e5:66:e0:e2:2a:45:3a:34:
86:f5:a9:f7:5b:15:4f:b1:fe:ff:52:83:b1:8d:cf:
85:60:a1:92:9b:63:9e:6f:f1:79:28:76:da:a8:d2:
33:22:be:74:6a:cc:3f:cc:f4:68:09:19:82:4f:a4:
90:61:8a:65:52:33:d9:82:22:b6:39:d6:94:2b:74:
69:bc:d8:33:83:d7:a7:08:69:d2:e4:d6:f3:ce:ca:
bb:25:4a:bd:58:3f:0c:4b:54:fe:4b:8e:e8:1e:e7:
66:a9:c0:bc:b7:b6:36:b1:43:91:8f:5a:b7:68:e7:
f7:5a:c9:02:41:9a:af:f3:2e:0a:0b:ff:1c:04:40:
d8:91:1a:a2:b4:bf:98:2b:bd:17:0d:2c:64:fb:f3:
68:fc:1b:4e:ef:7a:19:e6:81:6e:67:bc:8e:84:cd:
65:33:1b:a3:a8:a7:07:93:53:f7:f5:f7:3f:ff:27:
5c:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:40:E2:3F:AE:8F:35:B2:F7:DC:25:C1:29:36:9E:0C:B6:DF:17:D8
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e35332e3137372e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.53.177.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:76:fc:9e:fc:1f:65:8c:5e:01:f8:34:df:a6:10:8b:94:f1:
49:d4:c6:76:94:8a:bb:12:58:af:fd:93:cc:4a:10:ca:a1:f2:
4a:ab:23:a9:ba:05:60:d4:ae:27:d0:d5:83:f1:08:ce:f7:c3:
62:b2:ca:a4:43:69:a3:fe:79:57:fc:be:16:d0:b0:cf:3a:85:
92:94:ef:3b:7b:dc:7f:d1:bb:b4:84:76:05:0d:a8:21:8f:a3:
14:d7:63:70:d0:a3:75:42:6e:eb:22:af:b7:64:91:d5:83:a1:
90:93:3a:29:c0:c0:33:02:06:f7:85:63:4a:4c:28:6c:31:2b:
e1:50:eb:f6:64:9a:5c:d8:87:45:b8:4c:da:85:70:cc:58:f4:
7d:68:eb:24:5d:49:76:86:fe:b3:62:30:46:0c:55:4f:c9:3c:
24:dc:d7:1c:5c:e2:52:66:65:5d:2a:53:e5:38:52:65:70:f6:
55:f0:e6:6e:c1:dc:d7:de:e6:4c:9d:35:be:82:52:ff:22:b8:
f9:e2:8f:42:0b:a2:56:b5:c7:37:13:f5:52:c6:9e:4c:d3:1e:
1e:99:2c:aa:50:79:f4:f3:bd:75:cc:de:8d:08:bc:06:42:9c:
53:c0:fe:67:4c:b5:38:b5:11:8e:c8:28:91:a2:87:d2:5f:06:
33:9f:a8:e2
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUCJrPNxlwWBHvnaBaOurX3vhQ01gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjgyMDQ0NTdaFw0yNjA4MjcyMDQ5NTdaMDMxMTAvBgNV
BAMTKERDNDBFMjNGQUU4RjM1QjJGN0RDMjVDMTI5MzY5RTBDQjZERjE3RDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfJkQ0DC4DG7dFRw2SO13N3nTJ
mf+0iy/lRirFK9137BYha4VmGIgHzN6lsj2goCt86LKtqxvQQ+p6PRIEOJy/99NL
CYFRn/qMeAisWqm6e8DlZuDiKkU6NIb1qfdbFU+x/v9Sg7GNz4VgoZKbY55v8Xko
dtqo0jMivnRqzD/M9GgJGYJPpJBhimVSM9mCIrY51pQrdGm82DOD16cIadLk1vPO
yrslSr1YPwxLVP5Ljuge52apwLy3tjaxQ5GPWrdo5/dayQJBmq/zLgoL/xwEQNiR
GqK0v5grvRcNLGT782j8G07vehnmgW5nvI6EzWUzG6OopweTU/f19z//J1xZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU3EDiP66PNbL33CXBKTaeDLbfF9gwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNzM2MmUzNTMzMmUzMTM3
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMjMzMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACwNbEwDQYJKoZIhvcNAQELBQADggEBAKB2/J78H2WMXgH4NN+mEIuU8UnUxnaU
irsSWK/9k8xKEMqh8kqrI6m6BWDUrifQ1YPxCM73w2KyyqRDaaP+eVf8vhbQsM86
hZKU7zt73H/Ru7SEdgUNqCGPoxTXY3DQo3VCbusir7dkkdWDoZCTOinAwDMCBveF
Y0pMKGwxK+FQ6/ZkmlzYh0W4TNqFcMxY9H1o6yRdSXaG/rNiMEYMVU/JPCTc1xxc
4lJmZV0qU+U4UmVw9lXw5m7B3Nfe5kydNb6CUv8iuPnij0ILola1xzcT9VLGnkzT
Hh6ZLKpQefTzvXXM3o0IvAZCnFPA/mdMtTi1EY7IKJGih9JfBjOfqOI=
-----END CERTIFICATE-----
Generated at Fri Sep 5 07:52:59 2025 by rpki-client