Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3135302e302f32332d3233203d3e203230343733.roa
File: 3134352e37392e3135302e302f32332d3233203d3e203230343733.roa (raw, json)
Hash identifier: PN9hIa2wXWPrbFEaikcZamX/jlGLefumjG1BI0zTvmk=
Subject key identifier: 26:8F:9D:30:0C:BE:E5:8E:52:B1:77:44:91:CD:EA:D1:4F:43:21:42
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4D5D97D2902C3010F1734BEEF9FEFF5615821134
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3135302e302f32332d3233203d3e203230343733.roa
Signing time: Tue 10 Jun 2025 11:36:35 +0000
ROA not before: Tue 10 Jun 2025 11:31:35 +0000
ROA not after: Tue 09 Jun 2026 11:36:35 +0000
asID: 20473
IP address blocks: 145.79.150.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 15:10:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:5d:97:d2:90:2c:30:10:f1:73:4b:ee:f9:fe:ff:56:15:82:11:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 10 11:31:35 2025 GMT
Not After : Jun 9 11:36:35 2026 GMT
Subject: CN=268F9D300CBEE58E52B1774491CDEAD14F432142
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:07:5d:b6:06:aa:c3:ab:5f:43:05:d2:b9:fe:
4e:64:cd:50:46:8f:68:25:1e:1a:b8:1a:e9:39:5b:
c2:46:54:85:28:ab:8b:ef:e1:d6:fb:dc:9c:92:d3:
3d:c0:e8:1e:97:67:9c:0b:a0:a7:b3:61:23:51:0e:
0e:69:3a:eb:ae:bf:c4:8b:a9:66:15:68:4a:63:de:
e5:30:94:a6:4d:45:98:da:43:5d:fc:cd:1f:a1:4f:
82:65:3c:84:47:08:ef:ed:d9:63:ed:8b:53:05:79:
6f:c9:f4:d1:42:d9:c5:b3:d1:cd:d5:d5:68:d2:53:
54:1d:21:18:92:42:01:71:c8:05:43:28:3f:d6:86:
cb:a2:fe:98:c7:28:ea:e0:41:65:7e:a5:ff:8b:00:
41:66:47:c3:cc:69:7e:fe:3c:c7:a2:96:57:6b:d5:
33:96:f7:1f:95:3d:b8:73:d4:78:4a:3f:6c:2c:c9:
d9:25:61:a4:12:9c:44:5f:65:6f:84:1b:16:7a:8d:
88:89:df:be:04:25:0e:fa:46:f7:7e:55:d2:f3:90:
39:4f:92:c9:e4:b3:2a:e7:80:4c:f1:ca:ee:67:1b:
78:e6:48:e8:7e:7b:4d:95:43:e1:f0:99:a3:ac:b0:
48:56:6a:71:f5:e4:78:20:0f:5f:69:fe:43:f3:1b:
01:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:8F:9D:30:0C:BE:E5:8E:52:B1:77:44:91:CD:EA:D1:4F:43:21:42
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3135302e302f32332d3233203d3e203230343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.79.150.0/23
Signature Algorithm: sha256WithRSAEncryption
81:c2:4b:14:6f:de:df:b2:04:15:e8:b9:9f:b2:87:47:27:8a:
a7:51:52:b1:2f:1a:12:c3:e7:7e:64:45:07:83:24:59:34:90:
01:8a:03:76:74:a2:9b:fa:07:4d:61:dd:75:a1:f6:be:c6:61:
77:5e:0c:2a:1a:e9:f9:7c:fe:86:35:ff:9c:a6:95:5a:ca:0e:
10:6f:e1:50:b2:f3:ca:bb:4c:94:7e:07:42:88:b9:00:db:04:
26:4c:5f:1f:d9:c2:f2:d9:1b:c0:05:87:e2:78:55:a1:d5:0a:
04:46:26:02:89:72:9e:7e:28:d3:67:7e:7e:f9:02:56:5c:e6:
7a:0a:08:b4:91:b4:b7:d2:70:1b:eb:14:5c:dc:b9:b6:b3:4b:
6b:e8:58:57:b9:e8:0a:22:d5:2d:4e:d0:51:e0:bc:b7:37:e1:
a3:30:31:cc:b4:5a:58:37:3b:c8:fc:11:13:c7:c0:26:f1:1a:
34:49:96:29:0c:61:80:80:a4:77:71:86:6c:90:a8:54:16:93:
36:59:48:55:5e:3d:d8:fa:c5:c0:9e:d5:1d:e9:ab:44:cb:eb:
ed:a6:4f:41:72:f3:13:84:a1:4d:d7:ea:95:09:80:df:5c:d1:
6d:07:ae:10:e2:03:82:d4:76:cd:5e:75:08:ed:c7:ce:f8:45:
3b:f5:fb:f0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUTV2X0pAsMBDxc0vu+f7/VhWCETQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA2MTAxMTMxMzVaFw0yNjA2MDkxMTM2MzVaMDMxMTAvBgNV
BAMTKDI2OEY5RDMwMENCRUU1OEU1MkIxNzc0NDkxQ0RFQUQxNEY0MzIxNDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDoB122BqrDq19DBdK5/k5kzVBG
j2glHhq4Guk5W8JGVIUoq4vv4db73JyS0z3A6B6XZ5wLoKezYSNRDg5pOuuuv8SL
qWYVaEpj3uUwlKZNRZjaQ138zR+hT4JlPIRHCO/t2WPti1MFeW/J9NFC2cWz0c3V
1WjSU1QdIRiSQgFxyAVDKD/Whsui/pjHKOrgQWV+pf+LAEFmR8PMaX7+PMeilldr
1TOW9x+VPbhz1HhKP2wsydklYaQSnERfZW+EGxZ6jYiJ374EJQ76Rvd+VdLzkDlP
ksnksyrngEzxyu5nG3jmSOh+e02VQ+HwmaOssEhWanH15HggD19p/kPzGwEvAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUJo+dMAy+5Y5SsXdEkc3q0U9DIUIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzNzM5MmUzMTM1
MzAyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzMjMwMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
kU+WMA0GCSqGSIb3DQEBCwUAA4IBAQCBwksUb97fsgQV6LmfsodHJ4qnUVKxLxoS
w+d+ZEUHgyRZNJABigN2dKKb+gdNYd11ofa+xmF3XgwqGun5fP6GNf+cppVayg4Q
b+FQsvPKu0yUfgdCiLkA2wQmTF8f2cLy2RvABYfieFWh1QoERiYCiXKefijTZ35+
+QJWXOZ6Cgi0kbS30nAb6xRc3Lm2s0tr6FhXuegKItUtTtBR4Ly3N+GjMDHMtFpY
NzvI/BETx8Am8Ro0SZYpDGGAgKR3cYZskKhUFpM2WUhVXj3Y+sXAntUd6atEy+vt
pk9BcvMThKFN1+qVCYDfXNFtB64Q4gOC1HbNXnUI7cfO+EU79fvw
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:05:19 2025 by rpki-client