Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3230332e3136342e302f32322d3234203d3e203437353833.roa
File: 3139332e3230332e3136342e302f32322d3234203d3e203437353833.roa (raw, json)
Hash identifier: oyzSPS4o7E4P76VWshwO9/jxxTTiZlROqTpBNTsw3nI=
Subject key identifier: 1C:AA:0A:8B:34:76:80:BF:40:FA:A8:5D:BF:71:F0:32:15:EE:1A:02
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 082F751CFC820F1AE71445CEE21F5459C3F04097
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3230332e3136342e302f32322d3234203d3e203437353833.roa
Signing time: Fri 04 Jul 2025 11:46:48 +0000
ROA not before: Fri 04 Jul 2025 11:41:48 +0000
ROA not after: Fri 03 Jul 2026 11:46:48 +0000
asID: 47583
IP address blocks: 193.203.164.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 20:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:2f:75:1c:fc:82:0f:1a:e7:14:45:ce:e2:1f:54:59:c3:f0:40:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 4 11:41:48 2025 GMT
Not After : Jul 3 11:46:48 2026 GMT
Subject: CN=1CAA0A8B347680BF40FAA85DBF71F03215EE1A02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:8b:24:d3:58:1e:37:2f:cb:f6:8f:78:3d:82:
d8:3a:93:30:24:5b:a3:19:7e:3d:b3:da:bf:59:0f:
56:e1:24:35:d8:0c:69:72:82:1c:d3:62:85:60:ac:
28:ec:eb:77:58:cd:11:bb:bc:1b:ee:e3:cc:3c:ef:
73:c3:42:e2:a3:c5:51:56:49:64:0f:3f:28:28:75:
e0:99:00:41:6b:96:57:44:03:51:2c:7b:f3:ea:7b:
93:9f:50:c2:0c:10:5c:5a:a0:2f:02:b4:4e:b6:03:
30:b6:f7:e3:76:0b:f3:79:3d:2e:c8:6e:b0:82:b0:
f2:7e:26:1a:0a:fa:0b:b9:5a:cd:b1:17:d1:75:90:
d1:02:0c:36:d3:ca:4b:f5:8b:be:f7:19:3e:92:3d:
c7:c4:57:94:98:34:a8:f7:f8:ee:dd:66:73:5c:27:
b6:cd:d0:2e:4b:2d:a1:85:61:f3:c9:6e:08:55:3d:
e6:3f:13:51:50:cc:cc:3b:4b:f4:a9:8c:25:d0:e4:
df:3c:72:50:21:9e:4a:0c:3c:2d:5e:b6:59:2c:cf:
eb:da:7a:36:d9:c6:c1:23:36:cc:fb:05:0b:a4:d8:
0a:30:76:b1:32:3a:20:de:50:44:05:f2:13:c5:c2:
8b:da:6c:26:75:15:7b:63:42:b2:10:6c:6f:51:48:
52:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:AA:0A:8B:34:76:80:BF:40:FA:A8:5D:BF:71:F0:32:15:EE:1A:02
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3230332e3136342e302f32322d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.203.164.0/22
Signature Algorithm: sha256WithRSAEncryption
78:b8:24:c2:39:62:e5:16:e3:00:d7:ff:44:a3:96:8e:a4:b8:
aa:5c:5c:19:d7:2b:08:bb:43:77:13:a1:ae:a2:85:14:39:12:
22:7f:40:9a:4f:be:9a:c9:b5:38:78:25:6c:a4:15:d6:e4:c9:
e2:39:4a:53:28:4d:62:63:69:39:af:95:02:6e:45:33:0e:4e:
7c:e6:0e:98:5a:24:56:61:03:0b:32:e5:88:12:50:69:7e:0c:
49:b3:47:78:32:01:ba:bc:16:95:bb:60:8d:93:be:d0:9d:84:
b2:bd:67:df:de:84:5f:44:32:5f:b3:6f:66:98:9b:ce:2b:83:
ef:d7:cf:b6:c8:52:12:1d:33:a9:f3:d5:59:f2:66:7c:29:ac:
75:68:9d:92:54:c0:56:fd:f2:c2:7b:ab:46:9a:44:93:ab:30:
39:85:2b:7c:0c:c7:a6:73:ad:1d:6d:95:28:b5:e8:29:f8:37:
c5:91:b9:9a:c0:a7:46:3c:3d:31:50:e6:6f:70:92:69:aa:b3:
b0:21:50:ea:54:65:a9:4e:f7:07:89:14:47:3e:7c:c4:bf:07:
fa:76:6c:f6:9b:8a:e7:f3:74:13:a2:8f:cd:fc:52:5c:0a:ef:
34:af:17:44:be:eb:2c:d6:50:ad:46:33:93:df:ae:66:8e:10:
59:ba:83:77
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUCC91HPyCDxrnFEXO4h9UWcPwQJcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA3MDQxMTQxNDhaFw0yNjA3MDMxMTQ2NDhaMDMxMTAvBgNV
BAMTKDFDQUEwQThCMzQ3NjgwQkY0MEZBQTg1REJGNzFGMDMyMTVFRTFBMDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTiyTTWB43L8v2j3g9gtg6kzAk
W6MZfj2z2r9ZD1bhJDXYDGlyghzTYoVgrCjs63dYzRG7vBvu48w873PDQuKjxVFW
SWQPPygodeCZAEFrlldEA1Ese/Pqe5OfUMIMEFxaoC8CtE62AzC29+N2C/N5PS7I
brCCsPJ+JhoK+gu5Ws2xF9F1kNECDDbTykv1i773GT6SPcfEV5SYNKj3+O7dZnNc
J7bN0C5LLaGFYfPJbghVPeY/E1FQzMw7S/SpjCXQ5N88clAhnkoMPC1etlksz+va
ejbZxsEjNsz7BQuk2AowdrEyOiDeUEQF8hPFwovabCZ1FXtjQrIQbG9RSFKpAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUHKoKizR2gL9A+qhdv3HwMhXuGgIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTMzMmUzMjMwMzMyZTMx
MzYzNDJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BALBy6QwDQYJKoZIhvcNAQELBQADggEBAHi4JMI5YuUW4wDX/0Sjlo6kuKpcXBnX
Kwi7Q3cToa6ihRQ5EiJ/QJpPvprJtTh4JWykFdbkyeI5SlMoTWJjaTmvlQJuRTMO
TnzmDphaJFZhAwsy5YgSUGl+DEmzR3gyAbq8FpW7YI2TvtCdhLK9Z9/ehF9EMl+z
b2aYm84rg+/Xz7bIUhIdM6nz1VnyZnwprHVonZJUwFb98sJ7q0aaRJOrMDmFK3wM
x6ZzrR1tlSi16Cn4N8WRuZrAp0Y8PTFQ5m9wkmmqs7AhUOpUZalO9weJFEc+fMS/
B/p2bPabiufzdBOij838UlwK7zSvF0S+6yzWUK1GM5PfrmaOEFm6g3c=
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:59:48 2025 by rpki-client