Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3136312e3230332e302f32342d3234203d3e20323037313337.roa
File: 3138352e3136312e3230332e302f32342d3234203d3e20323037313337.roa (raw, json)
Hash identifier: iUFZNA1chYdl9n/0U7/+OG28Y2SkwsW2aa3efGUnxrE=
Subject key identifier: 45:B1:17:AB:0D:00:09:DA:52:72:CA:60:2B:E7:83:11:9F:C6:73:71
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 70F5F0F29AC00C17FE1AD3C888CC7B8444477EFC
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3136312e3230332e302f32342d3234203d3e20323037313337.roa
Signing time: Fri 28 Mar 2025 13:45:55 +0000
ROA not before: Fri 28 Mar 2025 13:40:55 +0000
ROA not after: Fri 27 Mar 2026 13:45:55 +0000
asID: 207137
IP address blocks: 185.161.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:f5:f0:f2:9a:c0:0c:17:fe:1a:d3:c8:88:cc:7b:84:44:47:7e:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 28 13:40:55 2025 GMT
Not After : Mar 27 13:45:55 2026 GMT
Subject: CN=45B117AB0D0009DA5272CA602BE783119FC67371
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:91:1f:b8:f6:ee:57:a9:8e:ec:33:dd:8c:a5:
28:0d:60:06:e6:3c:40:4c:9a:7d:1a:45:da:a8:45:
d2:00:cc:22:34:f8:ad:30:90:db:c7:5d:64:2a:1f:
a4:84:cd:63:6f:be:0a:7e:76:93:cc:f4:67:03:01:
03:77:ad:cb:7c:0c:7a:d6:ad:8b:49:55:f6:a5:38:
e5:24:34:c9:f1:ba:fe:10:1c:ad:bc:93:a7:6c:7a:
8a:eb:b0:eb:e3:e8:8e:f1:26:d7:ca:e1:70:05:71:
e1:0d:7d:9e:9e:88:70:a6:a4:e4:b6:24:de:93:c8:
a6:9d:08:4a:44:7d:ad:bb:cf:96:06:83:ac:53:9f:
98:10:b6:94:53:e8:cd:6c:99:4f:f2:ff:e5:1d:0f:
fd:23:ee:b6:91:df:a1:b0:4d:06:21:f6:e3:7f:a7:
5a:18:77:e2:af:a5:4e:70:fa:6b:5f:46:c3:03:11:
3c:9c:d1:0d:76:97:fc:2f:44:82:b0:ba:e1:f5:ac:
3d:c3:03:67:02:9f:91:61:e8:9d:34:f8:e4:14:d1:
c1:6e:e3:5f:2c:5d:5a:df:d4:b6:dc:3b:c2:e9:60:
ff:39:23:75:99:3f:a8:5c:2f:f6:14:28:70:de:f4:
cf:f7:1b:3e:cf:4b:77:0c:af:33:34:10:4b:85:93:
c5:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:B1:17:AB:0D:00:09:DA:52:72:CA:60:2B:E7:83:11:9F:C6:73:71
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3136312e3230332e302f32342d3234203d3e20323037313337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.203.0/24
Signature Algorithm: sha256WithRSAEncryption
81:bb:15:65:71:ce:28:76:6f:5a:f1:bb:a0:19:c7:ce:0d:fe:
58:ad:fa:98:f9:36:57:c1:e8:16:7f:fe:15:57:50:ab:cd:0a:
fc:cd:9e:cb:9c:1e:30:9c:7b:0d:6a:a3:1f:d1:7e:1f:b1:e7:
b5:aa:56:c1:2e:dd:91:c8:80:67:ac:16:db:52:7c:2c:99:42:
88:3d:18:78:b3:76:2c:b0:9d:1f:05:37:3f:7f:ca:85:3e:5e:
5a:93:72:a5:d2:d3:77:40:d2:a2:60:bd:21:08:c2:6b:2a:11:
c3:77:28:22:53:87:ec:66:0f:f3:d5:15:9b:79:40:86:9b:ea:
7e:ff:20:45:1b:63:c8:54:33:9c:d6:d8:f1:5f:09:86:e4:19:
41:e3:8d:75:c5:a2:08:64:ed:61:6d:39:65:91:2d:00:0c:98:
56:f1:6c:d9:60:9b:c0:26:bd:4f:d9:75:5d:e8:dc:7b:20:d4:
67:aa:fd:8f:f3:97:7d:81:8b:6c:f2:cd:72:eb:cb:42:13:e0:
ef:8f:4d:14:cb:1a:c3:ff:fe:1b:02:ff:0b:c2:67:2e:4c:da:
58:d8:25:59:6f:a1:71:f1:0b:eb:71:d1:b2:5b:8b:2c:a6:aa:
5f:80:0a:7f:19:a5:81:63:e8:ff:17:d9:0b:3f:ff:03:b5:2c:
9e:0e:96:98
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUcPXw8prADBf+GtPIiMx7hERHfvwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAzMjgxMzQwNTVaFw0yNjAzMjcxMzQ1NTVaMDMxMTAvBgNV
BAMTKDQ1QjExN0FCMEQwMDA5REE1MjcyQ0E2MDJCRTc4MzExOUZDNjczNzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEkR+49u5XqY7sM92MpSgNYAbm
PEBMmn0aRdqoRdIAzCI0+K0wkNvHXWQqH6SEzWNvvgp+dpPM9GcDAQN3rct8DHrW
rYtJVfalOOUkNMnxuv4QHK28k6dseorrsOvj6I7xJtfK4XAFceENfZ6eiHCmpOS2
JN6TyKadCEpEfa27z5YGg6xTn5gQtpRT6M1smU/y/+UdD/0j7raR36GwTQYh9uN/
p1oYd+KvpU5w+mtfRsMDETyc0Q12l/wvRIKwuuH1rD3DA2cCn5Fh6J00+OQU0cFu
418sXVrf1LbcO8LpYP85I3WZP6hcL/YUKHDe9M/3Gz7PS3cMrzM0EEuFk8UrAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQURbEXqw0ACdpScspgK+eDEZ/Gc3EwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM2MzEyZTMy
MzAzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNzMxMzMzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALmhyzANBgkqhkiG9w0BAQsFAAOCAQEAgbsVZXHOKHZvWvG7oBnHzg3+WK36
mPk2V8HoFn/+FVdQq80K/M2ey5weMJx7DWqjH9F+H7HntapWwS7dkciAZ6wW21J8
LJlCiD0YeLN2LLCdHwU3P3/KhT5eWpNypdLTd0DSomC9IQjCayoRw3coIlOH7GYP
89UVm3lAhpvqfv8gRRtjyFQznNbY8V8JhuQZQeONdcWiCGTtYW05ZZEtAAyYVvFs
2WCbwCa9T9l1XejceyDUZ6r9j/OXfYGLbPLNcuvLQhPg749NFMsaw//+GwL/C8Jn
LkzaWNglWW+hcfEL63HRsluLLKaqX4AKfxmlgWPo/xfZCz//A7Usng6WmA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:22:20 2025 by rpki-client