Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e39362e302f32342d3234203d3e20323037313337.roa
File: 3138352e3231342e39362e302f32342d3234203d3e20323037313337.roa (raw, json)
Hash identifier: BcGNCOxlUY1zJX5iPdMZLkRKbmDfJNnJ1+kf/gfh/zc=
Subject key identifier: 47:87:C9:F1:44:F0:05:92:B1:86:FE:67:38:58:87:8E:61:F8:2E:86
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5C6B16DB7DD21ECBC6F40FBBAE0BA3D5DD05C162
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e39362e302f32342d3234203d3e20323037313337.roa
Signing time: Fri 16 May 2025 07:46:21 +0000
ROA not before: Fri 16 May 2025 07:41:21 +0000
ROA not after: Fri 15 May 2026 07:46:21 +0000
asID: 207137
IP address blocks: 185.214.96.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:6b:16:db:7d:d2:1e:cb:c6:f4:0f:bb:ae:0b:a3:d5:dd:05:c1:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 16 07:41:21 2025 GMT
Not After : May 15 07:46:21 2026 GMT
Subject: CN=4787C9F144F00592B186FE673858878E61F82E86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:7d:d5:4e:2f:f6:a6:cd:07:79:fc:9b:58:ff:
18:c2:95:7b:2e:1d:1b:00:c8:02:fc:0e:26:5b:40:
70:a8:b5:b5:49:34:e9:fb:d4:6c:f2:9e:d8:7a:fb:
42:8b:e2:98:ca:35:23:29:23:4d:06:8e:8d:07:27:
79:14:2c:e2:2c:88:86:d9:45:a3:e6:90:03:5a:59:
83:0c:87:44:ec:e7:44:78:81:2a:d5:b5:00:70:8f:
12:8e:44:4a:31:2a:9e:a9:d4:24:71:29:f2:ee:c5:
9a:66:4b:1f:c8:2d:32:56:86:91:7f:06:db:84:d6:
bd:dc:95:03:9d:e5:7d:cd:3e:55:2e:fd:1e:00:9c:
fc:e2:f8:45:f8:c5:1b:a0:69:4d:31:5b:18:87:e6:
96:19:fb:a6:1a:66:49:0e:c6:18:26:74:d9:9a:b3:
5c:64:d9:16:ef:a5:f5:0b:ab:5b:c7:3a:70:b0:1b:
b4:49:34:d8:8e:a5:c7:08:c5:6f:d9:57:a2:07:84:
9a:a4:6f:bc:4a:f3:bc:f9:e1:65:d6:54:b2:d5:e5:
87:a9:b3:67:47:4c:92:70:26:6c:3a:1e:39:26:12:
63:f4:a1:48:83:ce:87:87:b5:28:1c:0b:76:21:e8:
47:63:b5:29:ab:cf:30:9a:14:b4:e8:13:86:90:85:
ac:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:87:C9:F1:44:F0:05:92:B1:86:FE:67:38:58:87:8E:61:F8:2E:86
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e39362e302f32342d3234203d3e20323037313337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.96.0/24
Signature Algorithm: sha256WithRSAEncryption
09:de:be:35:5c:25:1c:98:2e:32:e6:16:31:26:4d:5c:ac:36:
3e:a5:50:b5:3b:77:0e:4d:f2:37:1c:8b:b0:bd:61:42:33:65:
d8:b3:3c:bd:8b:a4:4b:57:fa:ed:90:60:ab:43:90:e0:70:bc:
b9:81:c4:1f:1b:5d:59:3f:aa:ed:2b:5b:1f:f8:86:7a:64:ce:
d3:fe:9b:8a:bc:bf:e0:f7:ee:82:af:89:fd:48:9a:67:31:71:
54:7c:90:1d:ab:72:c8:d0:ad:7f:78:9f:00:66:84:08:68:5e:
62:8d:bd:da:f1:5a:fb:aa:0d:b4:62:6f:80:7f:1f:46:50:26:
a1:fb:6f:8f:a6:d6:63:3b:47:fd:58:bb:83:dd:bd:8a:a5:2a:
98:88:2a:f6:e9:ba:0c:3b:7b:c9:8d:59:d2:65:d7:e9:60:f5:
cb:3b:88:7a:97:bf:74:11:52:32:c6:31:35:1f:05:7a:e8:ad:
2f:0f:aa:f5:99:86:5c:bd:c8:ec:0e:ae:6a:29:a9:6b:3c:fe:
71:f8:ad:9c:c5:1f:c0:fc:16:7a:70:cb:ac:38:86:ae:19:78:
b7:9d:c3:e7:f6:9d:3a:09:ed:d1:42:43:c1:2f:34:fe:ce:3b:
f6:b7:fa:be:9e:78:77:6f:05:e2:52:73:5f:ba:99:78:e4:09:
f9:6c:1c:89
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUXGsW233SHsvG9A+7rguj1d0FwWIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA1MTYwNzQxMjFaFw0yNjA1MTUwNzQ2MjFaMDMxMTAvBgNV
BAMTKDQ3ODdDOUYxNDRGMDA1OTJCMTg2RkU2NzM4NTg4NzhFNjFGODJFODYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzfdVOL/amzQd5/JtY/xjClXsu
HRsAyAL8DiZbQHCotbVJNOn71Gzynth6+0KL4pjKNSMpI00Gjo0HJ3kULOIsiIbZ
RaPmkANaWYMMh0Ts50R4gSrVtQBwjxKOREoxKp6p1CRxKfLuxZpmSx/ILTJWhpF/
BtuE1r3clQOd5X3NPlUu/R4AnPzi+EX4xRugaU0xWxiH5pYZ+6YaZkkOxhgmdNma
s1xk2RbvpfULq1vHOnCwG7RJNNiOpccIxW/ZV6IHhJqkb7xK87z54WXWVLLV5Yep
s2dHTJJwJmw6HjkmEmP0oUiDzoeHtSgcC3Yh6EdjtSmrzzCaFLToE4aQhay3AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUR4fJ8UTwBZKxhv5nOFiHjmH4LoYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzQyZTM5
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzczMTMzMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC51mAwDQYJKoZIhvcNAQELBQADggEBAAnevjVcJRyYLjLmFjEmTVysNj6lULU7
dw5N8jcci7C9YUIzZdizPL2LpEtX+u2QYKtDkOBwvLmBxB8bXVk/qu0rWx/4hnpk
ztP+m4q8v+D37oKvif1ImmcxcVR8kB2rcsjQrX94nwBmhAhoXmKNvdrxWvuqDbRi
b4B/H0ZQJqH7b4+m1mM7R/1Yu4PdvYqlKpiIKvbpugw7e8mNWdJl1+lg9cs7iHqX
v3QRUjLGMTUfBXrorS8PqvWZhly9yOwOrmopqWs8/nH4rZzFH8D8Fnpwy6w4hq4Z
eLedw+f2nToJ7dFCQ8EvNP7OO/a3+r6eeHdvBeJSc1+6mXjkCflsHIk=
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:40:00 2025 by rpki-client