Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3230332e3138302e302f32322d3234203d3e203437353833.roa
File: 3139332e3230332e3138302e302f32322d3234203d3e203437353833.roa (raw, json)
Hash identifier: cbBzAH1IasXHETu8oxe6ki+BOX3HDNxfogrUdjSfWCo=
Subject key identifier: E7:54:1B:F7:16:61:3E:4D:14:9E:FA:05:1A:E2:CC:48:D4:5C:F0:A4
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1F51305D7A4DCD54AE388477F71F5F041222DF8A
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3230332e3138302e302f32322d3234203d3e203437353833.roa
Signing time: Mon 14 Jul 2025 17:46:51 +0000
ROA not before: Mon 14 Jul 2025 17:41:51 +0000
ROA not after: Mon 13 Jul 2026 17:46:51 +0000
asID: 47583
IP address blocks: 193.203.180.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 14:17:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:51:30:5d:7a:4d:cd:54:ae:38:84:77:f7:1f:5f:04:12:22:df:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 14 17:41:51 2025 GMT
Not After : Jul 13 17:46:51 2026 GMT
Subject: CN=E7541BF716613E4D149EFA051AE2CC48D45CF0A4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:89:02:8e:c4:ec:9b:be:1c:e9:bd:58:f1:3a:
10:f5:5c:77:6e:00:55:cc:0e:28:4c:bc:73:f5:03:
4f:5f:e1:a6:2c:22:5b:e8:78:55:40:8c:42:c4:e0:
c2:b2:49:42:65:fa:08:b8:c7:24:aa:8b:be:fe:d1:
e9:cf:96:31:3d:63:8d:9f:8a:c0:73:78:f8:7a:00:
9f:e9:c9:13:4d:89:2b:0f:e3:29:04:6b:a3:50:76:
dd:26:3a:52:5f:f4:a0:39:cb:d3:7b:54:92:2f:ec:
19:45:58:e8:23:24:7f:f7:31:e0:47:c8:ec:ac:a2:
79:1b:87:8e:7b:4d:7a:8d:df:05:fb:f4:f2:e6:07:
f7:be:8f:36:5b:cb:2c:e2:86:4d:07:74:e4:8e:b5:
f2:46:d8:82:67:1e:fa:9f:5e:80:5e:ed:7e:3b:fb:
a7:64:e2:6f:3c:64:7e:3b:b3:ad:fd:aa:72:19:cb:
c5:56:19:17:21:9e:91:d7:10:7e:1b:9c:72:d8:e8:
59:1e:a6:5c:9d:2b:33:9f:b3:39:a8:ba:e8:a6:62:
b6:34:b7:5a:87:c5:ae:62:3a:1c:89:0a:6f:c2:74:
6f:aa:85:84:60:80:df:42:d4:aa:2f:e7:28:ff:42:
67:91:86:36:50:c3:ae:f5:a7:9f:91:ce:c9:db:7a:
a5:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:54:1B:F7:16:61:3E:4D:14:9E:FA:05:1A:E2:CC:48:D4:5C:F0:A4
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3230332e3138302e302f32322d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.203.180.0/22
Signature Algorithm: sha256WithRSAEncryption
07:b4:a4:15:1a:55:17:eb:77:b9:d2:d4:a0:e4:45:17:86:8d:
0c:56:e2:5a:41:0e:3f:cd:db:2b:79:06:46:5a:34:9e:87:5b:
b2:1f:c2:2e:0a:98:3e:5c:af:16:a9:7e:9d:eb:50:0b:54:70:
38:df:be:35:67:34:99:a7:67:ab:99:37:9b:00:dc:cd:dd:a0:
a4:ec:34:fe:6b:12:67:8e:07:1b:0f:83:4b:09:8a:10:88:2a:
9a:21:40:6f:c2:c0:d7:65:4b:e4:6e:5a:d4:20:55:aa:31:d2:
9a:fd:38:19:59:07:e9:df:b4:7a:76:f3:82:20:1b:3f:d0:b2:
28:26:e0:1d:44:02:1b:93:20:45:ef:cc:3f:b5:e1:38:a0:7c:
c3:27:6d:75:62:13:0c:2a:0d:7b:1c:98:40:e3:1e:d3:c0:80:
41:2b:8c:43:9c:e0:cc:93:fb:2b:50:a3:6a:72:85:98:88:9a:
55:be:86:2b:bd:2c:38:a9:81:17:56:94:93:01:fc:75:44:ab:
2b:fa:aa:31:87:54:48:9e:9a:0e:d2:67:4b:ef:04:f9:2a:64:
18:96:f5:29:de:67:4e:6a:e8:3e:1b:6d:d1:58:c7:41:12:89:
20:80:05:06:6b:1d:a8:15:1a:60:a4:c4:4f:ab:f0:56:d1:a6:
3d:83:6e:61
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUH1EwXXpNzVSuOIR39x9fBBIi34owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA3MTQxNzQxNTFaFw0yNjA3MTMxNzQ2NTFaMDMxMTAvBgNV
BAMTKEU3NTQxQkY3MTY2MTNFNEQxNDlFRkEwNTFBRTJDQzQ4RDQ1Q0YwQTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQiQKOxOybvhzpvVjxOhD1XHdu
AFXMDihMvHP1A09f4aYsIlvoeFVAjELE4MKySUJl+gi4xySqi77+0enPljE9Y42f
isBzePh6AJ/pyRNNiSsP4ykEa6NQdt0mOlJf9KA5y9N7VJIv7BlFWOgjJH/3MeBH
yOysonkbh457TXqN3wX79PLmB/e+jzZbyyzihk0HdOSOtfJG2IJnHvqfXoBe7X47
+6dk4m88ZH47s639qnIZy8VWGRchnpHXEH4bnHLY6FkeplydKzOfszmouuimYrY0
t1qHxa5iOhyJCm/CdG+qhYRggN9C1Kov5yj/QmeRhjZQw671p5+RzsnbeqVbAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU51Qb9xZhPk0UnvoFGuLMSNRc8KQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTMzMmUzMjMwMzMyZTMx
MzgzMDJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BALBy7QwDQYJKoZIhvcNAQELBQADggEBAAe0pBUaVRfrd7nS1KDkRReGjQxW4lpB
Dj/N2yt5BkZaNJ6HW7Ifwi4KmD5crxapfp3rUAtUcDjfvjVnNJmnZ6uZN5sA3M3d
oKTsNP5rEmeOBxsPg0sJihCIKpohQG/CwNdlS+RuWtQgVaox0pr9OBlZB+nftHp2
84IgGz/Qsigm4B1EAhuTIEXvzD+14TigfMMnbXViEwwqDXscmEDjHtPAgEErjEOc
4MyT+ytQo2pyhZiImlW+hiu9LDipgRdWlJMB/HVEqyv6qjGHVEiemg7SZ0vvBPkq
ZBiW9SneZ05q6D4bbdFYx0ESiSCABQZrHagVGmCkxE+r8FbRpj2DbmE=
-----END CERTIFICATE-----
Generated at Mon Jul 21 23:23:46 2025 by rpki-client