Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137382e31362e3133322e302f32322d3234203d3e203437353833.roa
File: 3137382e31362e3133322e302f32322d3234203d3e203437353833.roa (raw, json)
Hash identifier: k7rmv3STUU/wPbEuDYIW0YLGrQnzzUt6LmIvihoDSMw=
Subject key identifier: 64:75:80:CB:A0:73:81:C8:59:0E:2B:70:E5:F9:68:74:CC:41:81:59
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4D73B0A8A41C3CA21AB133D24500BE0C435D5B62
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137382e31362e3133322e302f32322d3234203d3e203437353833.roa
Signing time: Thu 15 May 2025 10:46:18 +0000
ROA not before: Thu 15 May 2025 10:41:18 +0000
ROA not after: Thu 14 May 2026 10:46:18 +0000
asID: 47583
IP address blocks: 178.16.132.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 12:43:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:73:b0:a8:a4:1c:3c:a2:1a:b1:33:d2:45:00:be:0c:43:5d:5b:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 15 10:41:18 2025 GMT
Not After : May 14 10:46:18 2026 GMT
Subject: CN=647580CBA07381C8590E2B70E5F96874CC418159
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:5d:f2:a2:c1:0e:c1:40:55:08:09:80:dd:f2:
09:84:8d:e9:41:5b:4f:ac:9c:c8:1a:6d:8a:bf:09:
e5:f3:77:b2:b1:7f:d4:cb:19:a0:42:44:8a:79:82:
c1:2b:b2:f5:4c:ce:2c:9c:0f:39:c8:0c:9c:d8:a3:
44:6c:45:0a:07:46:b2:60:32:df:83:e3:78:53:2f:
d0:ca:82:e7:d2:06:f4:aa:b2:83:f5:d1:dd:59:9d:
af:1a:0f:88:96:4b:10:4f:3d:38:2d:38:eb:56:47:
62:8f:18:55:87:59:25:4f:08:69:81:02:13:84:d1:
1b:41:2b:92:97:68:00:38:b9:25:ab:36:38:bb:e0:
b3:be:7e:71:74:b3:d3:53:05:a8:d2:c9:91:25:5f:
60:e7:fe:d7:24:21:46:1a:de:8b:1d:64:65:1d:c6:
bc:3f:37:3e:2e:79:ea:57:ae:f5:b5:b1:ef:29:95:
71:da:63:d2:3e:41:9d:96:19:fc:04:27:a0:fa:23:
36:8b:3d:b6:a9:9f:0a:e7:13:cc:45:3b:22:c9:d2:
ad:d4:7c:e1:88:23:e1:11:8e:b7:8f:64:ea:b6:2f:
7b:a0:a9:8d:ec:d2:1d:d0:47:45:af:4a:22:0a:f4:
38:90:f4:21:35:f1:a1:d9:10:e7:90:bc:b6:64:85:
3f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:75:80:CB:A0:73:81:C8:59:0E:2B:70:E5:F9:68:74:CC:41:81:59
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137382e31362e3133322e302f32322d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.16.132.0/22
Signature Algorithm: sha256WithRSAEncryption
16:3e:5a:6b:94:de:b9:df:1c:fe:39:6a:b6:43:e0:ca:4f:61:
bc:91:8c:42:ff:b2:d2:64:dd:f2:5a:e7:a4:46:80:da:a6:1f:
48:f5:5d:10:41:33:6d:b4:c3:7b:74:06:46:dc:fc:fe:55:13:
d0:0f:06:fb:f4:96:03:60:a1:4b:4b:1e:95:e7:59:a0:35:c8:
77:cb:dd:77:f1:53:c0:fb:f1:00:92:cc:27:45:fa:ba:2f:7a:
63:7c:e2:a4:e0:87:a2:be:d8:8a:05:33:53:b9:a6:1c:04:77:
a4:12:77:39:cd:be:d7:07:50:03:0d:03:d9:e0:88:24:8e:06:
c4:67:32:1f:dc:5d:7c:e8:bf:d3:6b:ee:ce:91:47:6c:3c:88:
3e:47:be:37:b3:3b:7a:1a:05:7a:e6:d6:a3:51:49:d8:9f:1b:
56:7b:ca:69:ca:77:38:91:cd:ba:74:91:87:ff:03:5e:11:92:
6d:75:8c:53:b4:35:8f:8d:5c:08:1d:4f:f2:ee:eb:92:8b:d1:
ba:d5:cd:fa:4e:cc:62:e1:49:98:d3:91:d0:7e:ff:9f:e1:d8:
2e:e8:d3:0c:62:c4:0b:ca:fb:b0:23:af:bf:25:57:5b:e0:1f:
d6:25:85:a5:48:b8:b8:29:b6:87:93:de:44:45:5e:e1:6c:ae:
89:ae:56:d4
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUTXOwqKQcPKIasTPSRQC+DENdW2IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA1MTUxMDQxMThaFw0yNjA1MTQxMDQ2MThaMDMxMTAvBgNV
BAMTKDY0NzU4MENCQTA3MzgxQzg1OTBFMkI3MEU1Rjk2ODc0Q0M0MTgxNTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8XfKiwQ7BQFUICYDd8gmEjelB
W0+snMgabYq/CeXzd7Kxf9TLGaBCRIp5gsErsvVMziycDznIDJzYo0RsRQoHRrJg
Mt+D43hTL9DKgufSBvSqsoP10d1Zna8aD4iWSxBPPTgtOOtWR2KPGFWHWSVPCGmB
AhOE0RtBK5KXaAA4uSWrNji74LO+fnF0s9NTBajSyZElX2Dn/tckIUYa3osdZGUd
xrw/Nz4ueepXrvW1se8plXHaY9I+QZ2WGfwEJ6D6IzaLPbapnwrnE8xFOyLJ0q3U
fOGII+ERjrePZOq2L3ugqY3s0h3QR0WvSiIK9DiQ9CE18aHZEOeQvLZkhT9nAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUZHWAy6BzgchZDitw5flodMxBgVkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNzM4MmUzMTM2MmUzMTMz
MzIyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
shCEMA0GCSqGSIb3DQEBCwUAA4IBAQAWPlprlN653xz+OWq2Q+DKT2G8kYxC/7LS
ZN3yWuekRoDaph9I9V0QQTNttMN7dAZG3Pz+VRPQDwb79JYDYKFLSx6V51mgNch3
y9138VPA+/EAkswnRfq6L3pjfOKk4IeivtiKBTNTuaYcBHekEnc5zb7XB1ADDQPZ
4IgkjgbEZzIf3F186L/Ta+7OkUdsPIg+R743szt6GgV65tajUUnYnxtWe8ppync4
kc26dJGH/wNeEZJtdYxTtDWPjVwIHU/y7uuSi9G61c36Tsxi4UmY05HQfv+f4dgu
6NMMYsQLyvuwI6+/JVdb4B/WJYWlSLi4KbaHk95ERV7hbK6JrlbU
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:10:58 2025 by rpki-client