Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3136342e35322e302f32342d3234203d3e20323134393134.roa
File: 3138352e3136342e35322e302f32342d3234203d3e20323134393134.roa (raw, json)
Hash identifier: DI0xBIFp6Lj9wEq6LzpZlP8e21ih0MNhmfeU1w3rZ0Q=
Subject key identifier: DD:FD:CC:53:B8:66:A7:7C:4F:2E:78:F6:25:CF:37:49:0C:D3:84:E0
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 36CAE8E7892A537BBF2A4A3A59D51CB821C0C704
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3136342e35322e302f32342d3234203d3e20323134393134.roa
Signing time: Tue 20 May 2025 06:42:31 +0000
ROA not before: Tue 20 May 2025 06:37:31 +0000
ROA not after: Tue 19 May 2026 06:42:31 +0000
asID: 214914
IP address blocks: 185.164.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 12:43:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:ca:e8:e7:89:2a:53:7b:bf:2a:4a:3a:59:d5:1c:b8:21:c0:c7:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 20 06:37:31 2025 GMT
Not After : May 19 06:42:31 2026 GMT
Subject: CN=DDFDCC53B866A77C4F2E78F625CF37490CD384E0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:18:da:c5:e4:f9:90:df:c7:95:9b:01:66:f0:
17:2e:c0:07:c9:9b:1e:95:5b:82:eb:76:0b:06:00:
9c:9f:9c:8f:f2:82:55:ed:76:10:41:3e:92:b4:31:
17:b1:76:e2:6f:61:8c:3e:47:71:fd:14:f1:d3:2a:
86:14:aa:eb:97:3d:ba:ad:b1:68:e3:ad:98:d0:f0:
db:9b:fa:34:a2:ff:be:4e:1f:3a:d7:f0:a7:86:b8:
b7:88:e6:b9:04:b2:36:9a:59:fb:8d:62:55:5b:e2:
67:24:a1:aa:81:79:be:48:0d:9a:68:13:39:45:86:
45:b5:5d:44:ae:e1:75:6e:13:bf:e8:cc:68:43:4d:
63:75:38:99:b3:75:a1:ad:1d:dc:a3:3f:ec:80:33:
ad:c8:b6:4b:6a:a8:fe:be:f6:3f:24:bf:db:12:33:
17:b4:d5:ba:4c:79:95:ff:b8:4e:c3:73:0f:cb:2e:
82:ef:b0:0e:a7:f7:f4:bf:e7:06:b1:6b:7e:9a:48:
66:b3:9f:66:a8:7c:4d:02:50:fd:de:d7:11:a9:c9:
04:8e:a6:4d:1a:57:bf:19:ca:3b:6a:b8:0c:d6:64:
a1:1f:bb:3d:b4:56:4e:96:8f:f9:7f:ad:99:fe:d0:
4e:f1:70:70:eb:ad:2e:a5:ed:fe:29:44:2c:55:87:
33:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:FD:CC:53:B8:66:A7:7C:4F:2E:78:F6:25:CF:37:49:0C:D3:84:E0
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3136342e35322e302f32342d3234203d3e20323134393134.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.52.0/24
Signature Algorithm: sha256WithRSAEncryption
05:6e:57:cb:a7:02:ed:58:c3:d9:f8:a4:b6:d5:9b:3c:8a:db:
af:c9:3a:5c:69:92:b7:f8:d1:ff:bf:ef:4e:1d:a3:b6:db:bc:
cb:8a:55:7c:e0:34:c3:f7:ee:bb:da:f0:91:e8:e9:46:9c:a0:
6c:0f:c9:9f:33:d1:62:43:a6:e5:6a:9c:a7:03:77:5b:36:88:
59:56:a2:fe:65:2b:a4:84:60:a9:06:36:fa:f0:49:a1:9f:34:
d1:f6:32:b4:cb:60:07:d9:cd:dc:c6:bb:04:34:07:9b:1c:45:
7b:45:27:5e:d2:ef:2c:c9:45:11:c6:36:87:fc:01:9d:77:cd:
eb:83:34:be:f9:b2:e9:64:18:58:9f:11:d2:02:4a:93:df:5e:
ed:9f:f5:fe:fe:9a:10:c3:f9:bd:55:f2:18:41:0e:72:e7:6d:
82:65:85:ac:71:1b:28:35:ed:52:05:59:9e:ad:ea:41:c8:63:
83:ca:b6:f9:e4:be:7c:d0:a0:7f:1b:45:2f:58:22:b0:9d:f5:
60:98:b1:d3:86:22:22:3d:21:b0:87:b5:2c:49:74:53:ef:05:
8c:a8:0b:bd:dc:37:6b:b2:60:43:f4:ca:81:67:76:c2:94:25:
f8:4e:b9:3f:81:55:c3:22:40:e4:67:c2:6d:82:a6:d8:ff:1c:
f9:48:47:db
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUNsro54kqU3u/Kko6WdUcuCHAxwQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA1MjAwNjM3MzFaFw0yNjA1MTkwNjQyMzFaMDMxMTAvBgNV
BAMTKERERkRDQzUzQjg2NkE3N0M0RjJFNzhGNjI1Q0YzNzQ5MENEMzg0RTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMGNrF5PmQ38eVmwFm8BcuwAfJ
mx6VW4LrdgsGAJyfnI/yglXtdhBBPpK0MRexduJvYYw+R3H9FPHTKoYUquuXPbqt
sWjjrZjQ8Nub+jSi/75OHzrX8KeGuLeI5rkEsjaaWfuNYlVb4mckoaqBeb5IDZpo
EzlFhkW1XUSu4XVuE7/ozGhDTWN1OJmzdaGtHdyjP+yAM63ItktqqP6+9j8kv9sS
Mxe01bpMeZX/uE7Dcw/LLoLvsA6n9/S/5waxa36aSGazn2aofE0CUP3e1xGpyQSO
pk0aV78ZyjtquAzWZKEfuz20Vk6Wj/l/rZn+0E7xcHDrrS6l7f4pRCxVhzOJAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU3f3MU7hmp3xPLnj2Jc83SQzThOAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM2MzQyZTM1
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzQzOTMxMzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5pDQwDQYJKoZIhvcNAQELBQADggEBAAVuV8unAu1Yw9n4pLbVmzyK26/JOlxp
krf40f+/704do7bbvMuKVXzgNMP37rva8JHo6UacoGwPyZ8z0WJDpuVqnKcDd1s2
iFlWov5lK6SEYKkGNvrwSaGfNNH2MrTLYAfZzdzGuwQ0B5scRXtFJ17S7yzJRRHG
Nof8AZ13zeuDNL75sulkGFifEdICSpPfXu2f9f7+mhDD+b1V8hhBDnLnbYJlhaxx
Gyg17VIFWZ6t6kHIY4PKtvnkvnzQoH8bRS9YIrCd9WCYsdOGIiI9IbCHtSxJdFPv
BYyoC73cN2uyYEP0yoFndsKUJfhOuT+BVcMiQORnwm2Cptj/HPlIR9s=
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:14:46 2025 by rpki-client