Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139322e3134352e38312e302f32342d3234203d3e20323034313730.roa
File: 3139322e3134352e38312e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: JkOII0CNOGrIc8PFqyuj4TlFM/X5oGcU4Ri75Zicx60=
Subject key identifier: EE:1C:C2:A2:80:EB:BC:23:3C:69:4E:93:26:9D:49:A5:92:73:2D:E3
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2A1227876001F5A37FF8E8C94FC5BFEF575B6C37
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139322e3134352e38312e302f32342d3234203d3e20323034313730.roa
Signing time: Tue 27 May 2025 22:46:29 +0000
ROA not before: Tue 27 May 2025 22:41:29 +0000
ROA not after: Tue 26 May 2026 22:46:29 +0000
asID: 204170
IP address blocks: 192.145.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 12:43:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:12:27:87:60:01:f5:a3:7f:f8:e8:c9:4f:c5:bf:ef:57:5b:6c:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 27 22:41:29 2025 GMT
Not After : May 26 22:46:29 2026 GMT
Subject: CN=EE1CC2A280EBBC233C694E93269D49A592732DE3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:23:80:e3:4e:7b:95:b9:dc:eb:ca:57:ca:e6:
17:c4:4d:6a:83:f3:3f:87:8c:1c:1f:aa:9d:f6:20:
60:90:b8:28:9f:7c:c3:75:fa:b6:0a:73:7a:79:b4:
46:0a:21:66:5d:02:6e:62:34:fb:1b:9a:49:5d:fa:
9b:79:89:c6:9c:03:1a:25:35:4b:c0:ed:d5:bd:b4:
c6:ba:53:ef:d6:2a:80:7a:58:53:11:8e:35:a4:b4:
6d:5e:77:50:e4:8b:2f:8e:13:8b:fe:3b:f3:f0:5d:
73:4f:6b:31:c3:da:2e:88:15:87:16:83:91:22:4b:
ec:58:64:a4:ad:41:9b:bc:4e:b8:1e:8b:8d:d6:11:
43:f3:4b:67:e4:95:5d:06:06:6a:6f:e7:60:09:32:
68:a6:c6:c8:bb:de:a2:62:81:45:79:e0:29:92:b7:
e6:75:a7:c0:aa:3b:be:fb:65:61:72:f7:69:13:4f:
fe:42:e5:9e:64:c5:a8:bc:d1:c1:b8:32:62:ef:ff:
9d:ce:14:96:fa:24:b0:f0:ba:2c:4e:55:ea:e9:68:
2b:28:1d:4d:8b:78:42:c9:5e:6b:6a:ed:55:cc:57:
db:2f:1e:54:90:43:92:60:43:0c:6f:bf:3c:70:43:
85:7a:03:75:4e:a0:f4:c1:81:22:61:6a:43:31:06:
72:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:1C:C2:A2:80:EB:BC:23:3C:69:4E:93:26:9D:49:A5:92:73:2D:E3
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139322e3134352e38312e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.81.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:5c:92:b9:2e:35:da:67:7b:eb:64:42:f7:d7:d5:d0:a8:63:
c4:ea:d1:eb:ba:e3:50:d1:00:a1:b4:a8:4f:52:d1:1c:87:40:
97:40:b2:70:d0:21:75:b2:cf:0d:60:42:8c:c2:86:59:37:b2:
d6:d0:1f:ea:09:e9:2e:3f:38:13:fc:a1:bf:51:72:b8:63:3e:
4e:31:43:b1:9e:4f:49:0d:61:5b:f8:f6:29:6a:80:ea:3b:59:
d7:0d:42:cb:0e:df:d9:6d:51:64:02:47:73:a2:2d:3f:ef:8d:
6b:43:cf:e5:cc:69:b5:3c:d0:0b:5d:04:d9:7d:c3:2a:12:22:
01:62:22:b7:9c:5e:16:f6:60:82:3b:4b:08:b6:38:d5:1e:d2:
e3:1c:92:ee:fd:d5:5d:b1:bb:39:e5:79:8d:75:72:09:6e:3c:
d2:91:b6:2f:a2:f1:ec:16:18:b7:b8:c5:b7:86:58:4a:5e:da:
fa:79:5b:09:54:8f:3d:37:2f:85:d7:62:fb:c3:9e:57:53:d0:
cd:a9:ef:3c:d2:b0:f9:dd:6b:b3:92:84:7d:ec:99:cc:39:07:
ca:f7:a6:8b:c2:f8:f7:e2:61:a0:22:ab:f3:e4:28:cd:c4:7c:
fd:c1:ef:f3:05:4a:29:53:dd:56:ad:bd:88:84:e7:1d:f7:25:
29:60:77:2a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUKhInh2AB9aN/+OjJT8W/71dbbDcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA1MjcyMjQxMjlaFw0yNjA1MjYyMjQ2MjlaMDMxMTAvBgNV
BAMTKEVFMUNDMkEyODBFQkJDMjMzQzY5NEU5MzI2OUQ0OUE1OTI3MzJERTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDI4DjTnuVudzrylfK5hfETWqD
8z+HjBwfqp32IGCQuCiffMN1+rYKc3p5tEYKIWZdAm5iNPsbmkld+pt5icacAxol
NUvA7dW9tMa6U+/WKoB6WFMRjjWktG1ed1Dkiy+OE4v+O/PwXXNPazHD2i6IFYcW
g5EiS+xYZKStQZu8Trgei43WEUPzS2fklV0GBmpv52AJMmimxsi73qJigUV54CmS
t+Z1p8CqO777ZWFy92kTT/5C5Z5kxai80cG4MmLv/53OFJb6JLDwuixOVerpaCso
HU2LeELJXmtq7VXMV9svHlSQQ5JgQwxvvzxwQ4V6A3VOoPTBgSJhakMxBnJNAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU7hzCooDrvCM8aU6TJp1JpZJzLeMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTMyMmUzMTM0MzUyZTM4
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzQzMTM3MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADAkVEwDQYJKoZIhvcNAQELBQADggEBAJ5ckrkuNdpne+tkQvfX1dCoY8Tq0eu6
41DRAKG0qE9S0RyHQJdAsnDQIXWyzw1gQozChlk3stbQH+oJ6S4/OBP8ob9Rcrhj
Pk4xQ7GeT0kNYVv49ilqgOo7WdcNQssO39ltUWQCR3OiLT/vjWtDz+XMabU80Atd
BNl9wyoSIgFiIrecXhb2YII7Swi2ONUe0uMcku791V2xuznleY11cgluPNKRti+i
8ewWGLe4xbeGWEpe2vp5WwlUjz03L4XXYvvDnldT0M2p7zzSsPnda7OShH3smcw5
B8r3povC+PfiYaAiq/PkKM3EfP3B7/MFSilT3VatvYiE5x33JSlgdyo=
-----END CERTIFICATE-----
Generated at Fri Jun 6 19:35:24 2025 by rpki-client