Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3137362e3132362e3130352e302f32342d3234203d3e20313532363732.roa
File: 3137362e3132362e3130352e302f32342d3234203d3e20313532363732.roa (raw, json)
Hash identifier: ds/1M3gFH31reCXMtWJtKut2HrejgsPE/Ioz8CidATY=
Subject key identifier: 12:33:A4:D4:E3:0F:7C:97:F5:DB:D0:42:66:B5:CD:51:BC:5C:89:2A
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 2A931299D214968587E3EE92287D986708EDEB71
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3137362e3132362e3130352e302f32342d3234203d3e20313532363732.roa
Signing time: Mon 30 Jun 2025 06:02:42 +0000
ROA not before: Mon 30 Jun 2025 05:57:42 +0000
ROA not after: Mon 29 Jun 2026 06:02:42 +0000
asID: 152672
IP address blocks: 176.126.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 Aug 2025 22:26:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:93:12:99:d2:14:96:85:87:e3:ee:92:28:7d:98:67:08:ed:eb:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Jun 30 05:57:42 2025 GMT
Not After : Jun 29 06:02:42 2026 GMT
Subject: CN=1233A4D4E30F7C97F5DBD04266B5CD51BC5C892A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:24:82:24:5e:bd:36:75:b6:a3:66:f1:4b:05:
16:18:05:bc:42:49:fa:ee:28:a0:1b:f9:9f:7e:55:
cb:81:df:0b:11:25:24:b4:3e:29:08:5a:db:21:0e:
a0:fa:b3:42:37:9f:90:8f:13:5f:d0:5a:ea:8a:9b:
bc:8b:dd:f8:e0:82:e9:58:d9:40:b9:1f:97:0a:8f:
a3:54:41:bc:23:ff:b9:3d:ee:46:aa:d2:bb:20:e0:
a4:76:57:f2:4d:ff:44:77:3f:5f:83:a8:aa:81:57:
57:82:35:e6:ac:50:da:e6:f9:12:42:ba:47:f9:94:
16:a1:f0:f0:d6:0f:9f:6f:4e:50:b9:6c:b2:b7:c4:
25:34:dc:3c:c1:08:c7:1b:80:9b:6b:55:98:1d:25:
0a:61:8c:79:ac:17:4e:85:fc:f5:1d:38:25:1a:43:
7b:ef:29:d1:92:f4:79:19:e8:f7:15:5c:ea:ab:a0:
0a:b4:f1:e1:36:fa:7a:ff:cb:3c:8d:af:6e:c3:8d:
26:29:cf:fc:45:42:1d:c9:04:e1:7c:34:12:b0:34:
b9:0f:6d:cb:54:9b:4f:e6:9f:6a:33:c3:4d:ac:bb:
b8:e5:c5:a5:e6:d7:ab:d0:b1:ec:c8:c2:86:e4:e0:
ac:8a:93:2e:22:03:9a:80:c4:0d:93:c0:44:62:00:
84:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:33:A4:D4:E3:0F:7C:97:F5:DB:D0:42:66:B5:CD:51:BC:5C:89:2A
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3137362e3132362e3130352e302f32342d3234203d3e20313532363732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.126.105.0/24
Signature Algorithm: sha256WithRSAEncryption
68:fd:40:fa:0a:55:74:8d:ce:59:d7:f1:ca:55:1d:0f:6c:99:
59:39:16:10:bb:f4:d1:31:cb:e5:21:ee:e4:7b:b5:28:83:6f:
12:41:23:53:0a:83:d8:49:a4:66:ea:a3:56:1c:3b:7f:0d:bf:
37:87:d2:7d:99:3a:b4:23:64:6c:d8:55:cb:eb:80:94:73:89:
a6:07:df:7e:ab:0c:bb:ac:e1:8d:8b:46:26:93:c3:d4:3f:14:
fc:d1:11:94:4e:97:f4:60:c1:ff:b2:6c:92:c4:9c:34:d5:6d:
35:7f:28:14:8b:76:68:1c:43:ae:60:9c:e0:08:4c:a2:3f:09:
88:c0:72:43:e5:08:97:b6:1f:45:04:5d:df:ff:97:78:3d:a9:
b0:a8:18:f0:e5:be:7c:2a:2d:46:fa:10:36:37:b5:40:3f:d5:
95:95:8d:f1:53:cd:4a:bf:a0:43:43:aa:07:b0:d8:93:cc:60:
12:b5:44:45:f8:49:42:96:76:05:1a:39:75:d7:38:06:9d:a9:
5c:01:54:3e:01:12:56:26:eb:11:84:2b:27:58:4b:33:b6:c9:
77:37:66:78:0d:cd:16:c2:0a:c8:d3:fc:a9:4c:91:e7:22:34:
f9:2b:ea:5b:0f:b7:44:bf:f5:4d:f4:06:06:d1:d7:bd:2d:9e:
6a:a8:cb:d9
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUKpMSmdIUloWH4+6SKH2YZwjt63EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNTA2MzAwNTU3NDJaFw0yNjA2MjkwNjAyNDJaMDMxMTAvBgNV
BAMTKDEyMzNBNEQ0RTMwRjdDOTdGNURCRDA0MjY2QjVDRDUxQkM1Qzg5MkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPJIIkXr02dbajZvFLBRYYBbxC
SfruKKAb+Z9+VcuB3wsRJSS0PikIWtshDqD6s0I3n5CPE1/QWuqKm7yL3fjggulY
2UC5H5cKj6NUQbwj/7k97kaq0rsg4KR2V/JN/0R3P1+DqKqBV1eCNeasUNrm+RJC
ukf5lBah8PDWD59vTlC5bLK3xCU03DzBCMcbgJtrVZgdJQphjHmsF06F/PUdOCUa
Q3vvKdGS9HkZ6PcVXOqroAq08eE2+nr/yzyNr27DjSYpz/xFQh3JBOF8NBKwNLkP
bctUm0/mn2ozw02su7jlxaXm16vQsezIwobk4KyKky4iA5qAxA2TwERiAITFAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUEjOk1OMPfJf129BCZrXNUbxciSowHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzEzNzM2MmUzMTMyMzYyZTMx
MzAzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzUzMjM2MzczMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALB+aTANBgkqhkiG9w0BAQsFAAOCAQEAaP1A+gpVdI3OWdfxylUdD2yZWTkW
ELv00THL5SHu5Hu1KINvEkEjUwqD2EmkZuqjVhw7fw2/N4fSfZk6tCNkbNhVy+uA
lHOJpgfffqsMu6zhjYtGJpPD1D8U/NERlE6X9GDB/7JsksScNNVtNX8oFIt2aBxD
rmCc4AhMoj8JiMByQ+UIl7YfRQRd3/+XeD2psKgY8OW+fCotRvoQNje1QD/VlZWN
8VPNSr+gQ0OqB7DYk8xgErVERfhJQpZ2BRo5ddc4Bp2pXAFUPgESVibrEYQrJ1hL
M7bJdzdmeA3NFsIKyNP8qUyR5yI0+SvqWw+3RL/1TfQGBtHXvS2eaqjL2Q==
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:01:55 2025 by rpki-client