Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3137362e302f32312d3231203d3e203139333138.roa
File: 3134352e37392e3137362e302f32312d3231203d3e203139333138.roa (raw, json)
Hash identifier: bNGp+yu5kEUzRavNKJmZ324ewPvEwDL2zHwaTZxOPyU=
Subject key identifier: 10:1F:34:0F:1F:B2:C2:AE:1C:D8:69:9E:A1:8A:40:22:15:0A:84:74
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 040E91383B998A05AC2F765820C8AF89CB601DD7
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3137362e302f32312d3231203d3e203139333138.roa
Signing time: Tue 10 Jun 2025 11:34:51 +0000
ROA not before: Tue 10 Jun 2025 11:29:51 +0000
ROA not after: Tue 09 Jun 2026 11:34:51 +0000
asID: 19318
IP address blocks: 145.79.176.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 15:10:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:0e:91:38:3b:99:8a:05:ac:2f:76:58:20:c8:af:89:cb:60:1d:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 10 11:29:51 2025 GMT
Not After : Jun 9 11:34:51 2026 GMT
Subject: CN=101F340F1FB2C2AE1CD8699EA18A4022150A8474
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d1:f8:77:ac:a6:4e:a2:af:6b:18:9b:85:b8:
ff:6c:8e:ed:77:33:78:05:2c:24:31:0e:ef:3c:b6:
80:da:86:55:82:70:6b:ce:a0:09:25:e4:e7:d3:0e:
59:fc:ec:b0:93:2c:b7:ad:e8:12:97:ae:fd:95:fd:
ef:7d:d7:a1:b1:fe:e6:bf:8b:cd:dd:10:a8:c4:c8:
2a:9e:a2:33:a2:fb:82:a7:a6:fd:60:46:79:d3:57:
53:2b:65:76:b6:f3:b0:b9:84:18:ff:13:1e:47:28:
b7:d4:16:f9:a9:83:98:f4:3f:4e:9f:f6:8b:be:ad:
29:bb:bd:f3:86:7e:0e:89:28:6d:d3:7f:2f:40:84:
11:a4:f2:5b:9b:e9:e5:59:9e:41:91:58:99:97:88:
99:57:44:b9:0b:b0:ff:4f:c6:e4:dd:c8:64:8e:a8:
85:f6:30:8e:2e:9d:01:24:a3:1a:e8:fc:ae:7b:4d:
8f:93:56:61:1a:9b:11:6c:39:27:98:86:60:31:e4:
95:31:20:ec:e1:33:4a:3c:30:21:f3:a3:86:ef:30:
42:d7:a5:15:43:b4:2a:5c:75:00:8e:af:5e:32:7a:
4c:b0:07:96:7b:65:fc:a4:b3:d6:88:1c:6f:a5:73:
9d:b7:59:75:8a:ea:35:66:ae:77:df:05:f1:04:29:
cb:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:1F:34:0F:1F:B2:C2:AE:1C:D8:69:9E:A1:8A:40:22:15:0A:84:74
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3137362e302f32312d3231203d3e203139333138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.79.176.0/21
Signature Algorithm: sha256WithRSAEncryption
09:f7:a4:14:82:df:d9:6d:30:64:dd:02:06:79:b0:7e:45:b2:
07:28:8c:31:3c:61:00:82:e8:16:9b:dd:29:41:79:4a:38:c3:
02:d5:6e:67:4b:0b:fc:2b:b9:6c:06:d7:77:e9:56:af:56:12:
91:e6:52:5b:4a:d6:67:9a:23:0d:90:4b:13:5f:be:73:70:c1:
5a:5e:7e:28:3f:e6:6e:1d:5c:7a:05:77:23:b8:1f:a4:15:9a:
da:4e:2b:e9:08:0d:8a:2a:d2:63:c6:a6:06:67:b2:e4:9b:33:
71:ae:a7:cb:74:b6:31:ac:92:00:a8:e1:47:4a:c7:82:86:81:
c6:32:58:cd:60:ab:ee:ff:fe:03:5f:2f:f5:bc:8b:6c:88:7c:
1b:1b:0f:bd:25:d0:94:26:62:98:b9:0a:21:07:95:e4:1a:4a:
0e:a1:05:f7:5f:c1:f5:fc:0b:a2:4f:dc:91:c2:72:c6:b2:25:
91:05:4b:fe:de:d7:15:e5:d6:92:49:47:ec:e2:8d:dc:67:82:
8c:34:06:af:18:14:80:1c:8b:69:3c:c7:31:ea:c9:09:c4:1f:
3c:ee:02:93:ce:c1:7b:43:58:61:82:18:5b:32:39:23:86:2a:
f6:67:0b:b9:f1:ad:69:67:4d:76:84:e6:dc:a5:ff:15:5a:20:
d5:3f:aa:60
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUBA6RODuZigWsL3ZYIMivictgHdcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA2MTAxMTI5NTFaFw0yNjA2MDkxMTM0NTFaMDMxMTAvBgNV
BAMTKDEwMUYzNDBGMUZCMkMyQUUxQ0Q4Njk5RUExOEE0MDIyMTUwQTg0NzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC0fh3rKZOoq9rGJuFuP9sju13
M3gFLCQxDu88toDahlWCcGvOoAkl5OfTDln87LCTLLet6BKXrv2V/e9916Gx/ua/
i83dEKjEyCqeojOi+4Knpv1gRnnTV1MrZXa287C5hBj/Ex5HKLfUFvmpg5j0P06f
9ou+rSm7vfOGfg6JKG3Tfy9AhBGk8lub6eVZnkGRWJmXiJlXRLkLsP9PxuTdyGSO
qIX2MI4unQEkoxro/K57TY+TVmEamxFsOSeYhmAx5JUxIOzhM0o8MCHzo4bvMELX
pRVDtCpcdQCOr14yekywB5Z7Zfyks9aIHG+lc523WXWK6jVmrnffBfEEKcsZAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUEB80Dx+ywq4c2GmeoYpAIhUKhHQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzNzM5MmUzMTM3
MzYyZTMwMmYzMjMxMmQzMjMxMjAzZDNlMjAzMTM5MzMzMTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
kU+wMA0GCSqGSIb3DQEBCwUAA4IBAQAJ96QUgt/ZbTBk3QIGebB+RbIHKIwxPGEA
gugWm90pQXlKOMMC1W5nSwv8K7lsBtd36VavVhKR5lJbStZnmiMNkEsTX75zcMFa
Xn4oP+ZuHVx6BXcjuB+kFZraTivpCA2KKtJjxqYGZ7LkmzNxrqfLdLYxrJIAqOFH
SseChoHGMljNYKvu//4DXy/1vItsiHwbGw+9JdCUJmKYuQohB5XkGkoOoQX3X8H1
/AuiT9yRwnLGsiWRBUv+3tcV5daSSUfs4o3cZ4KMNAavGBSAHItpPMcx6skJxB88
7gKTzsF7Q1hhghhbMjkjhir2Zwu58a1pZ012hObcpf8VWiDVP6pg
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:03:57 2025 by rpki-client