Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3133332e3234382e302f32332d3332203d3e203531313637.roa
File: 3138352e3133332e3234382e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: ZLj5381ZjanHDz1ZkM15L9cPxugjQ03TruqLJww+yN8=
Subject key identifier: 5D:F1:31:6C:77:A8:A7:63:BD:94:3C:42:C8:FB:B1:A6:28:DB:AB:18
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0E358DFA9D26B1692C05BBD12965FF968BF46B53
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3133332e3234382e302f32332d3332203d3e203531313637.roa
Signing time: Wed 14 May 2025 10:46:15 +0000
ROA not before: Wed 14 May 2025 10:41:15 +0000
ROA not after: Wed 13 May 2026 10:46:15 +0000
asID: 51167
IP address blocks: 185.133.248.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 05:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:35:8d:fa:9d:26:b1:69:2c:05:bb:d1:29:65:ff:96:8b:f4:6b:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 14 10:41:15 2025 GMT
Not After : May 13 10:46:15 2026 GMT
Subject: CN=5DF1316C77A8A763BD943C42C8FBB1A628DBAB18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a8:3a:c4:f6:3e:e4:a6:d0:32:81:87:29:c5:
7c:a8:dc:98:d6:88:0e:0f:14:43:61:fa:7e:22:99:
42:ab:e7:41:d8:dd:5e:7e:ae:0d:ba:18:39:3e:cf:
10:39:66:92:0f:37:71:9f:2a:d2:ff:04:68:e5:21:
f6:78:2f:d4:4e:5d:17:f8:1d:d2:8d:af:99:f6:07:
76:62:09:10:ba:7d:8d:7b:07:dd:ab:96:9d:46:bc:
53:94:b6:b0:24:ef:7e:65:9e:dc:07:71:15:96:61:
ce:96:7b:0a:3c:da:dd:4e:f3:0b:7a:2f:6f:5a:23:
db:ae:86:df:1d:a7:a9:7e:3d:d5:b2:2f:d9:8d:d6:
bc:d4:26:54:09:c4:02:ba:c6:f0:e5:df:dc:2a:6c:
05:53:f2:53:6d:84:f5:07:77:a8:00:88:18:38:87:
df:a7:ff:02:e9:4c:e5:4e:8d:d0:f4:0f:c0:61:5d:
01:e4:68:b8:2f:ec:ee:8a:61:c4:1a:f0:dc:11:73:
07:b0:a8:d0:1f:83:35:8d:22:59:5d:86:cd:2b:5b:
4d:7b:cd:c9:76:72:c4:da:d0:cb:1e:c7:22:bf:1f:
61:ae:25:2b:67:e3:1e:70:c9:07:2f:a2:82:13:08:
db:b6:c9:3a:db:2e:45:99:2a:bd:10:a8:d9:23:42:
4c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:F1:31:6C:77:A8:A7:63:BD:94:3C:42:C8:FB:B1:A6:28:DB:AB:18
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3133332e3234382e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.248.0/23
Signature Algorithm: sha256WithRSAEncryption
76:f8:da:64:51:84:9a:a3:3b:51:0b:49:89:53:50:c5:48:13:
bb:c7:3b:93:cf:7f:0b:94:fa:63:24:0d:14:5f:ea:9a:7e:8d:
7a:c5:1f:3e:50:48:e8:b8:77:48:58:2e:00:84:d8:43:37:03:
96:9e:3b:52:a8:42:95:f2:49:a3:a6:a2:7d:68:90:72:fd:65:
bf:12:4e:b0:8c:34:73:74:24:f5:54:d7:ee:68:53:5e:78:99:
1f:46:36:9a:b7:0a:56:22:db:75:f8:37:92:0d:a7:70:3a:9d:
74:27:92:7f:b7:96:c7:df:70:2d:10:b1:23:c3:fd:a0:16:cd:
eb:74:01:41:c1:0a:98:46:86:cc:6d:da:2b:84:0d:b6:44:75:
bf:b9:f4:6e:55:c4:11:b8:88:7b:41:de:aa:97:26:58:bc:2c:
23:5b:04:db:6a:64:03:9b:e2:4a:82:0b:d5:62:7d:6a:58:0c:
fc:41:d1:a3:f6:67:19:10:1d:f7:bf:78:74:d9:40:70:0a:3e:
80:6f:e5:20:b0:5e:13:35:09:1e:5f:7f:32:f8:0e:3b:89:7f:
69:d1:df:f0:0b:54:36:74:6b:cb:47:5a:ed:f9:7f:b0:67:0e:
bd:dc:b7:5d:47:1c:3d:4d:96:7f:db:60:0c:f9:e7:75:66:4e:
fe:32:56:72
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUDjWN+p0msWksBbvRKWX/lov0a1MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA1MTQxMDQxMTVaFw0yNjA1MTMxMDQ2MTVaMDMxMTAvBgNV
BAMTKDVERjEzMTZDNzdBOEE3NjNCRDk0M0M0MkM4RkJCMUE2MjhEQkFCMTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJqDrE9j7kptAygYcpxXyo3JjW
iA4PFENh+n4imUKr50HY3V5+rg26GDk+zxA5ZpIPN3GfKtL/BGjlIfZ4L9ROXRf4
HdKNr5n2B3ZiCRC6fY17B92rlp1GvFOUtrAk735lntwHcRWWYc6Wewo82t1O8wt6
L29aI9uuht8dp6l+PdWyL9mN1rzUJlQJxAK6xvDl39wqbAVT8lNthPUHd6gAiBg4
h9+n/wLpTOVOjdD0D8BhXQHkaLgv7O6KYcQa8NwRcwewqNAfgzWNIlldhs0rW017
zcl2csTa0MsexyK/H2GuJStn4x5wyQcvooITCNu2yTrbLkWZKr0QqNkjQkxdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUXfExbHeop2O9lDxCyPuxpijbqxgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTMzMzMyZTMy
MzQzODJlMzAyZjMyMzMyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG5hfgwDQYJKoZIhvcNAQELBQADggEBAHb42mRRhJqjO1ELSYlTUMVIE7vHO5PP
fwuU+mMkDRRf6pp+jXrFHz5QSOi4d0hYLgCE2EM3A5aeO1KoQpXySaOmon1okHL9
Zb8STrCMNHN0JPVU1+5oU154mR9GNpq3ClYi23X4N5INp3A6nXQnkn+3lsffcC0Q
sSPD/aAWzet0AUHBCphGhsxt2iuEDbZEdb+59G5VxBG4iHtB3qqXJli8LCNbBNtq
ZAOb4kqCC9VifWpYDPxB0aP2ZxkQHfe/eHTZQHAKPoBv5SCwXhM1CR5ffzL4DjuJ
f2nR3/ALVDZ0a8tHWu35f7BnDr3ct11HHD1Nln/bYAz553VmTv4yVnI=
-----END CERTIFICATE-----
Generated at Sat Jun 7 17:02:40 2025 by rpki-client