Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3135362e3135312e302f32342d3234203d3e20323037313337.roa
File: 39342e3135362e3135312e302f32342d3234203d3e20323037313337.roa (raw, json)
Hash identifier: uhww2gqH3xaSqkVqGGeCZmhQC0WvUJi/AF4QS7y6S1Q=
Subject key identifier: AB:74:B7:2C:9C:DB:71:18:AF:91:90:CD:C1:E2:B1:71:B5:75:1A:F5
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3978C37D24A5958E2E403C9EAFDAF00CF612E883
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3135362e3135312e302f32342d3234203d3e20323037313337.roa
Signing time: Wed 03 Sep 2025 09:47:30 +0000
ROA not before: Wed 03 Sep 2025 09:42:30 +0000
ROA not after: Wed 02 Sep 2026 09:47:30 +0000
asID: 207137
IP address blocks: 94.156.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 01:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:78:c3:7d:24:a5:95:8e:2e:40:3c:9e:af:da:f0:0c:f6:12:e8:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 3 09:42:30 2025 GMT
Not After : Sep 2 09:47:30 2026 GMT
Subject: CN=AB74B72C9CDB7118AF9190CDC1E2B171B5751AF5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:94:7b:1c:2b:e2:a9:46:27:53:e6:07:83:88:
4b:ec:10:bb:f3:1d:42:d1:83:57:e3:ed:aa:71:65:
f7:ee:eb:04:9f:56:62:6d:ca:89:8d:90:48:e8:e7:
b9:90:e3:82:fa:97:90:3b:81:8a:0a:ef:e3:53:5a:
08:63:34:1f:c1:51:f2:67:5b:67:8c:35:8f:41:d1:
91:63:e2:a9:f9:4d:3e:69:1e:a8:9d:b9:86:d2:3e:
dc:7b:83:39:02:dd:4b:65:e2:aa:a3:f8:b7:fc:fd:
22:f0:66:8f:72:a7:c4:55:8e:29:ae:66:ce:a9:84:
da:e8:d2:51:ab:be:00:1b:f2:43:ca:39:f4:28:56:
01:97:a2:03:72:21:0b:b7:90:af:af:a3:1e:fe:43:
97:b3:7b:7b:33:eb:e3:8a:25:f9:86:17:6d:86:d0:
8a:e9:60:b3:96:d8:ba:85:3d:ed:78:68:16:20:21:
fb:30:09:8c:33:bd:00:85:8b:31:93:39:9f:8f:66:
23:7b:ba:29:c4:b5:e9:95:7c:ee:fb:3e:c4:cd:c3:
51:4c:41:73:d6:8d:89:89:5f:2b:fa:6d:98:e8:a1:
46:a4:0d:e3:da:b0:40:a7:8d:a0:d6:b8:98:2f:61:
9a:0f:62:cf:61:25:a5:4c:ef:bd:51:98:de:3d:ad:
5b:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:74:B7:2C:9C:DB:71:18:AF:91:90:CD:C1:E2:B1:71:B5:75:1A:F5
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3135362e3135312e302f32342d3234203d3e20323037313337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.156.151.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:85:10:5e:ff:92:38:b8:45:9e:8f:81:d0:0b:94:70:8f:74:
93:5d:f9:84:15:ad:85:9b:f5:8c:cf:a4:ac:41:95:2f:71:e3:
24:7d:eb:73:95:21:a4:89:2e:6c:f2:46:77:92:40:4d:76:bc:
81:37:88:61:85:a5:ad:25:1d:d4:65:c7:f8:ea:f1:6e:d1:40:
38:fc:a8:ca:1e:bc:81:5b:a6:91:22:2e:a0:e4:d8:e4:b5:b6:
8a:62:a9:8a:a6:4c:63:00:f1:95:7a:e0:0a:3b:ea:ca:b2:c5:
fa:04:2e:9f:31:9d:77:11:d9:10:99:1f:6d:11:4f:03:86:59:
77:05:03:f9:3d:8f:e7:75:0a:a4:54:09:21:c8:9d:dd:ff:1f:
6e:29:dd:94:1e:06:f3:fd:14:3f:ab:74:59:1d:16:83:ce:c8:
53:8d:54:3a:91:81:2e:8c:82:f2:3a:69:9f:7a:da:2d:e1:4d:
03:d0:7c:54:13:79:a0:ba:50:f0:4a:1e:75:27:19:84:e6:7a:
59:36:9a:f3:4d:ef:fe:f3:88:6d:fb:67:68:f3:fc:8a:53:d7:
78:bf:fb:cc:00:71:20:c0:a9:d9:eb:12:4b:04:fa:21:46:c6:
40:d3:6c:d2:31:fd:26:f1:a3:ec:5e:37:4a:6e:b2:14:e5:2b:
16:0e:c4:0a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUOXjDfSSllY4uQDyer9rwDPYS6IMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA5MDMwOTQyMzBaFw0yNjA5MDIwOTQ3MzBaMDMxMTAvBgNV
BAMTKEFCNzRCNzJDOUNEQjcxMThBRjkxOTBDREMxRTJCMTcxQjU3NTFBRjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2lHscK+KpRidT5geDiEvsELvz
HULRg1fj7apxZffu6wSfVmJtyomNkEjo57mQ44L6l5A7gYoK7+NTWghjNB/BUfJn
W2eMNY9B0ZFj4qn5TT5pHqiduYbSPtx7gzkC3Utl4qqj+Lf8/SLwZo9yp8RVjimu
Zs6phNro0lGrvgAb8kPKOfQoVgGXogNyIQu3kK+vox7+Q5eze3sz6+OKJfmGF22G
0IrpYLOW2LqFPe14aBYgIfswCYwzvQCFizGTOZ+PZiN7uinEtemVfO77PsTNw1FM
QXPWjYmJXyv6bZjooUakDePasECnjaDWuJgvYZoPYs9hJaVM771RmN49rVsFAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUq3S3LJzbcRivkZDNweKxcbV1GvUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzkzNDJlMzEzNTM2MmUzMTM1
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzczMTMzMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABenJcwDQYJKoZIhvcNAQELBQADggEBAD6FEF7/kji4RZ6PgdALlHCPdJNd+YQV
rYWb9YzPpKxBlS9x4yR963OVIaSJLmzyRneSQE12vIE3iGGFpa0lHdRlx/jq8W7R
QDj8qMoevIFbppEiLqDk2OS1topiqYqmTGMA8ZV64Ao76sqyxfoELp8xnXcR2RCZ
H20RTwOGWXcFA/k9j+d1CqRUCSHInd3/H24p3ZQeBvP9FD+rdFkdFoPOyFONVDqR
gS6MgvI6aZ962i3hTQPQfFQTeaC6UPBKHnUnGYTmelk2mvNN7/7ziG37Z2jz/IpT
13i/+8wAcSDAqdnrEksE+iFGxkDTbNIx/Sbxo+xeN0pushTlKxYOxAo=
-----END CERTIFICATE-----
Generated at Mon Sep 8 08:43:35 2025 by rpki-client