Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139372e3234382e302f32342d3234203d3e20313336373837.roa
File: 3138352e3139372e3234382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: ElgU+EA3fr9GZp0m7ylVl4UDAhpR6EpXiQJH5OXIZOg=
Subject key identifier: 30:94:06:8E:3B:1B:DA:DC:41:8A:61:75:E0:92:0F:C7:46:6D:F0:2B
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4770361D23414C02DE9FE491CD869156B908C722
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139372e3234382e302f32342d3234203d3e20313336373837.roa
Signing time: Tue 27 May 2025 15:46:28 +0000
ROA not before: Tue 27 May 2025 15:41:28 +0000
ROA not after: Tue 26 May 2026 15:46:28 +0000
asID: 136787
IP address blocks: 185.197.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:70:36:1d:23:41:4c:02:de:9f:e4:91:cd:86:91:56:b9:08:c7:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 27 15:41:28 2025 GMT
Not After : May 26 15:46:28 2026 GMT
Subject: CN=3094068E3B1BDADC418A6175E0920FC7466DF02B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:9b:4d:c8:28:72:d1:9c:2c:41:b6:d9:c9:aa:
65:dc:e1:c2:2c:64:bd:51:87:4b:87:27:3f:5c:60:
e8:72:a5:3f:e1:73:0b:14:4a:6b:63:d4:2a:42:a6:
91:12:f7:7b:e5:75:f8:25:6d:23:d6:ba:2c:2f:98:
fa:2f:07:84:6e:8e:6d:a7:31:57:65:50:a1:20:a7:
9f:43:ae:cb:41:14:f1:c1:82:bf:f9:9a:cd:6f:d9:
3e:0b:c5:04:bd:b9:40:ee:d6:22:da:2a:d5:63:2d:
dd:e4:04:a5:90:ed:ab:a4:86:d8:57:6c:b7:a3:c1:
ab:e7:c1:c5:3f:75:4d:d5:e2:49:e1:0f:17:24:0b:
b5:96:86:5f:2a:71:75:c4:81:6b:bb:cc:85:84:dd:
d3:a9:87:52:4d:35:df:b2:7c:d2:ae:22:86:8b:56:
81:25:fb:02:6b:8f:2f:48:f4:c6:64:60:c0:96:ba:
81:b9:f4:1f:a3:91:21:d4:6b:65:93:5b:b9:a6:c0:
2a:b2:7a:36:11:d7:f5:a6:1b:4b:cd:e8:c3:8e:90:
96:cc:87:df:34:b7:02:ea:5c:cd:6a:9e:b1:7b:da:
09:2c:38:2a:60:15:75:54:d8:a0:ec:d7:ed:61:69:
3c:3e:9c:d8:00:0f:d0:cb:c1:e4:8f:ae:a9:07:f8:
1f:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:94:06:8E:3B:1B:DA:DC:41:8A:61:75:E0:92:0F:C7:46:6D:F0:2B
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139372e3234382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.248.0/24
Signature Algorithm: sha256WithRSAEncryption
44:00:f1:29:d2:01:4e:82:98:74:10:59:26:09:0d:d9:d6:57:
f2:d4:41:65:54:15:3b:9c:dd:60:36:f9:74:3f:d7:d2:4b:87:
c6:d6:26:b3:f9:a2:6d:fd:95:84:04:d4:d4:42:50:bf:35:dc:
fa:a4:f3:b4:7c:83:62:05:0c:c6:2b:4d:c6:f9:46:de:56:8a:
3f:8a:73:0f:fc:34:57:dd:d9:f3:44:88:f6:0c:0f:f0:69:0d:
0c:2d:f2:9b:22:d8:44:99:4f:e7:7b:52:9d:e7:ee:24:9e:17:
67:11:bb:d1:06:80:00:ca:0c:56:ac:05:1d:c5:e4:a8:9e:35:
f7:a7:80:eb:1b:4b:1d:86:84:2f:59:aa:60:26:b1:ad:b3:b8:
d6:6e:30:50:90:87:f7:d2:a4:06:94:db:f5:3c:f6:f7:39:85:
76:0d:6e:ef:95:a0:28:da:ee:d2:c1:60:30:2e:69:23:d5:42:
4b:0c:bb:54:5f:56:db:9a:ed:00:8b:eb:fb:bb:96:f3:e2:c3:
e9:7a:c4:d5:ff:7f:4d:fc:66:24:99:c5:5c:d2:47:0f:53:88:
c0:ba:da:70:74:07:94:04:27:c9:4f:42:ec:8b:99:4b:09:0e:
47:85:80:15:6d:94:55:9b:01:ea:0f:0c:ee:90:f6:c6:21:5f:
13:71:d6:a8
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUR3A2HSNBTALen+SRzYaRVrkIxyIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA1MjcxNTQxMjhaFw0yNjA1MjYxNTQ2MjhaMDMxMTAvBgNV
BAMTKDMwOTQwNjhFM0IxQkRBREM0MThBNjE3NUUwOTIwRkM3NDY2REYwMkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDwm03IKHLRnCxBttnJqmXc4cIs
ZL1Rh0uHJz9cYOhypT/hcwsUSmtj1CpCppES93vldfglbSPWuiwvmPovB4Rujm2n
MVdlUKEgp59DrstBFPHBgr/5ms1v2T4LxQS9uUDu1iLaKtVjLd3kBKWQ7aukhthX
bLejwavnwcU/dU3V4knhDxckC7WWhl8qcXXEgWu7zIWE3dOph1JNNd+yfNKuIoaL
VoEl+wJrjy9I9MZkYMCWuoG59B+jkSHUa2WTW7mmwCqyejYR1/WmG0vN6MOOkJbM
h980twLqXM1qnrF72gksOCpgFXVU2KDs1+1haTw+nNgAD9DLweSPrqkH+B+lAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUMJQGjjsb2txBimF14JIPx0Zt8CswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM5MzcyZTMy
MzQzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnF+DANBgkqhkiG9w0BAQsFAAOCAQEARADxKdIBToKYdBBZJgkN2dZX8tRB
ZVQVO5zdYDb5dD/X0kuHxtYms/mibf2VhATU1EJQvzXc+qTztHyDYgUMxitNxvlG
3laKP4pzD/w0V93Z80SI9gwP8GkNDC3ymyLYRJlP53tSnefuJJ4XZxG70QaAAMoM
VqwFHcXkqJ4196eA6xtLHYaEL1mqYCaxrbO41m4wUJCH99KkBpTb9Tz29zmFdg1u
75WgKNru0sFgMC5pI9VCSwy7VF9W25rtAIvr+7uW8+LD6XrE1f9/TfxmJJnFXNJH
D1OIwLracHQHlAQnyU9C7IuZSwkOR4WAFW2UVZsB6g8M7pD2xiFfE3HWqA==
-----END CERTIFICATE-----
Generated at Fri Jun 6 16:52:35 2025 by rpki-client