Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e39372e302f32342d3234203d3e20323037313337.roa
File: 3138352e3231342e39372e302f32342d3234203d3e20323037313337.roa (raw, json)
Hash identifier: wao6rD9aZVYU91NGL67IO9JfS/26BjP3CPIiSTUb2Hw=
Subject key identifier: D6:98:C2:47:06:27:54:09:A4:14:E1:30:96:C8:6F:9E:10:60:67:88
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 331F05CDFAEA57EBABE028D442087F9CA78ACC86
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e39372e302f32342d3234203d3e20323037313337.roa
Signing time: Fri 16 May 2025 07:46:21 +0000
ROA not before: Fri 16 May 2025 07:41:21 +0000
ROA not after: Fri 15 May 2026 07:46:21 +0000
asID: 207137
IP address blocks: 185.214.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:1f:05:cd:fa:ea:57:eb:ab:e0:28:d4:42:08:7f:9c:a7:8a:cc:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 16 07:41:21 2025 GMT
Not After : May 15 07:46:21 2026 GMT
Subject: CN=D698C24706275409A414E13096C86F9E10606788
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:ce:7f:3d:73:f9:c4:b0:fc:c7:70:8b:86:b3:
b6:67:dc:2a:79:02:32:9c:e2:5a:dc:2d:b4:de:ae:
c9:76:d5:b4:72:98:a1:2f:df:2e:b7:5c:7b:d6:22:
50:eb:08:85:30:5b:a1:35:d1:ef:66:4a:d5:11:ff:
91:8f:91:08:4d:5e:09:d3:58:5b:33:bf:9f:0c:b2:
92:98:b5:70:3b:64:f5:76:d4:b1:e6:77:ef:55:c6:
04:57:9c:02:cc:2b:64:cc:d3:32:fb:67:a9:18:08:
d6:e1:ce:a3:16:8f:e3:a3:0b:71:9f:52:ba:7f:2c:
3d:37:2d:5d:a3:42:53:10:35:2b:9f:19:8f:95:66:
40:fe:bb:6b:27:d2:c0:dc:57:33:66:dd:9c:eb:7d:
e4:b8:8d:38:08:18:39:09:7a:c5:de:d1:55:a2:8b:
95:3c:e1:7e:80:ec:2f:d2:04:fc:05:c0:bc:41:28:
8e:b7:08:c8:bd:4d:4e:bb:a5:ed:42:a5:03:e9:42:
47:d1:da:fd:2d:48:be:72:41:e3:9e:3b:ef:ef:21:
31:57:56:e2:9c:1d:80:50:83:91:62:5d:10:e6:4a:
1b:07:dc:95:77:b5:fc:d5:7e:77:17:84:98:ca:48:
29:52:f5:6b:46:42:4d:17:8b:48:ce:36:3c:d5:e0:
44:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:98:C2:47:06:27:54:09:A4:14:E1:30:96:C8:6F:9E:10:60:67:88
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e39372e302f32342d3234203d3e20323037313337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.97.0/24
Signature Algorithm: sha256WithRSAEncryption
35:4c:06:1b:f0:cb:ad:ca:8a:c2:8e:f8:98:53:bf:e0:51:ad:
78:d3:16:0f:7f:7f:10:75:f2:a4:4e:05:48:65:c1:7f:bb:cc:
1f:86:0f:19:8d:da:fb:16:ed:db:58:d9:99:9f:c4:c7:d6:7d:
69:ca:b0:5e:b8:0a:a7:db:66:2c:2a:08:50:70:b6:cd:5e:2b:
7e:9c:bf:64:b9:f9:12:53:0a:4a:b0:24:b3:52:ec:15:0f:a4:
26:36:c6:d1:68:47:64:6e:2e:d1:50:18:73:b9:5c:d5:ef:76:
e8:d2:38:de:c5:d5:b9:36:d3:5c:9e:c9:87:82:c6:86:8c:5a:
c6:81:be:2a:25:d0:d8:27:64:2e:56:bf:e6:de:60:2c:4e:a7:
2a:21:05:37:2c:af:55:37:cc:29:61:81:2b:fb:b5:07:28:fa:
8e:a5:77:c5:52:97:01:12:01:36:8b:d7:81:aa:f6:42:53:5b:
16:3e:d4:3a:99:9b:7e:d3:35:6e:05:53:4c:f6:c0:9d:8e:64:
40:14:cc:7a:69:b4:91:cd:2e:1b:93:14:c0:23:19:bf:9d:67:
5a:67:85:60:e5:53:da:d4:a0:75:fe:54:cb:e7:33:72:ca:63:
a6:e7:3f:0d:76:33:8c:4c:43:2d:e4:51:ef:51:3f:12:9a:22:
b5:bf:e8:66
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMx8FzfrqV+ur4CjUQgh/nKeKzIYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA1MTYwNzQxMjFaFw0yNjA1MTUwNzQ2MjFaMDMxMTAvBgNV
BAMTKEQ2OThDMjQ3MDYyNzU0MDlBNDE0RTEzMDk2Qzg2RjlFMTA2MDY3ODgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkzn89c/nEsPzHcIuGs7Zn3Cp5
AjKc4lrcLbTersl21bRymKEv3y63XHvWIlDrCIUwW6E10e9mStUR/5GPkQhNXgnT
WFszv58MspKYtXA7ZPV21LHmd+9VxgRXnALMK2TM0zL7Z6kYCNbhzqMWj+OjC3Gf
Urp/LD03LV2jQlMQNSufGY+VZkD+u2sn0sDcVzNm3ZzrfeS4jTgIGDkJesXe0VWi
i5U84X6A7C/SBPwFwLxBKI63CMi9TU67pe1CpQPpQkfR2v0tSL5yQeOeO+/vITFX
VuKcHYBQg5FiXRDmShsH3JV3tfzVfncXhJjKSClS9WtGQk0Xi0jONjzV4ERBAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU1pjCRwYnVAmkFOEwlshvnhBgZ4gwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzQyZTM5
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzczMTMzMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC51mEwDQYJKoZIhvcNAQELBQADggEBADVMBhvwy63KisKO+JhTv+BRrXjTFg9/
fxB18qROBUhlwX+7zB+GDxmN2vsW7dtY2ZmfxMfWfWnKsF64CqfbZiwqCFBwts1e
K36cv2S5+RJTCkqwJLNS7BUPpCY2xtFoR2RuLtFQGHO5XNXvdujSON7F1bk201ye
yYeCxoaMWsaBviol0NgnZC5Wv+beYCxOpyohBTcsr1U3zClhgSv7tQco+o6ld8VS
lwESATaL14Gq9kJTWxY+1DqZm37TNW4FU0z2wJ2OZEAUzHpptJHNLhuTFMAjGb+d
Z1pnhWDlU9rUoHX+VMvnM3LKY6bnPw12M4xMQy3kUe9RPxKaIrW/6GY=
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:36:31 2025 by rpki-client