Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134372e39332e3136302e302f32312d3332203d3e203531313637.roa
File: 3134372e39332e3136302e302f32312d3332203d3e203531313637.roa (raw, json)
Hash identifier: DY7ElRNhB0XgDcgs/+CqN9FG1Fpi6PegpetulQ6W7F4=
Subject key identifier: 57:85:77:6A:C1:4A:AB:20:81:01:E9:28:AD:00:C9:78:DC:68:66:28
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 07966EAFF8116FCC16A5202476B1D31469572BFA
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134372e39332e3136302e302f32312d3332203d3e203531313637.roa
Signing time: Fri 24 Oct 2025 14:48:46 +0000
ROA not before: Fri 24 Oct 2025 14:43:46 +0000
ROA not after: Fri 23 Oct 2026 14:48:46 +0000
asID: 51167
IP address blocks: 147.93.160.0/21 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:96:6e:af:f8:11:6f:cc:16:a5:20:24:76:b1:d3:14:69:57:2b:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 24 14:43:46 2025 GMT
Not After : Oct 23 14:48:46 2026 GMT
Subject: CN=5785776AC14AAB208101E928AD00C978DC686628
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:cc:94:4e:e7:3d:7d:35:23:76:96:4a:8b:3d:
05:93:17:55:3f:dc:72:6e:95:70:b3:b0:d2:17:ce:
5a:7b:bd:85:b6:ce:7f:ea:b5:ab:12:e5:d0:7d:fc:
9e:91:dc:d3:bd:37:ce:70:d3:80:3a:97:34:7c:e7:
74:b8:41:0b:65:c6:1c:d1:11:da:79:15:3e:1e:fd:
fc:ca:21:b9:a0:7d:f0:7f:79:e5:69:85:33:82:a7:
d0:6f:89:98:76:99:2f:29:89:4b:6c:1b:4e:ea:fe:
95:e4:eb:ef:7c:6f:8b:99:00:5f:33:8d:d9:68:88:
d9:3b:6f:ed:a0:79:56:b7:17:a8:0f:a6:7b:a6:08:
01:87:9b:4b:b3:9a:66:7c:6e:d5:0f:18:35:71:fd:
60:21:3d:bf:f6:c9:ce:c2:e9:8e:8d:8c:5a:d7:9c:
9f:2a:0d:28:7c:0c:d6:35:f5:e6:b4:c0:1e:ae:fe:
40:1d:4f:e5:a7:e5:13:7d:e1:de:e6:3b:85:23:5a:
4d:65:04:43:e9:c1:2c:1a:14:9b:94:a6:1d:7d:f4:
ba:6c:03:d9:c0:0a:a6:4b:b0:52:a9:f6:7a:eb:ff:
ba:2f:0f:5f:f3:56:91:ce:ee:d9:87:64:42:31:b2:
85:13:72:dc:46:f8:0c:c6:92:cf:c4:a6:10:97:a1:
8e:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:85:77:6A:C1:4A:AB:20:81:01:E9:28:AD:00:C9:78:DC:68:66:28
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134372e39332e3136302e302f32312d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.93.160.0/21
Signature Algorithm: sha256WithRSAEncryption
76:2b:ee:76:24:8e:a3:da:7a:36:4b:56:cc:bc:31:a6:cd:cb:
87:9e:2e:c9:4a:5e:87:c7:54:ca:3b:35:db:ee:96:ee:0d:47:
d4:a4:eb:d7:e2:60:8c:1c:cb:77:60:17:89:1e:63:a4:2d:31:
c9:3e:ce:e4:41:1e:61:a4:ff:c5:21:42:4d:16:75:a2:dd:8b:
e9:eb:80:13:a4:0b:45:b2:5b:1a:a5:8f:1d:97:7b:98:b5:f8:
63:40:96:f3:0d:44:db:5b:10:fd:32:f3:a3:6f:52:00:b4:94:
fc:33:06:9f:c8:e7:40:43:6d:ed:1d:18:9b:80:b3:78:d2:2a:
f8:30:e4:7a:da:82:46:f1:e5:95:e7:4c:59:7c:e4:b0:bb:70:
0f:67:52:c2:2a:05:cc:40:3c:24:a9:5d:0f:20:df:88:ca:eb:
7d:cb:51:12:09:cf:23:9a:9e:c4:b8:dc:e5:bc:01:e9:5e:57:
ce:8c:e1:15:52:f9:ae:7d:4f:8f:09:30:be:5a:cc:64:e6:77:
0b:16:68:21:de:5a:91:6b:f5:06:52:60:04:91:2a:c9:b1:71:
52:0b:4a:e5:6c:7c:28:92:af:4b:ca:f7:87:2e:51:5b:ba:fd:
37:79:28:93:8c:c7:68:5b:2e:1b:9a:8d:88:85:60:5c:37:0f:
2f:1a:3b:37
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUB5Zur/gRb8wWpSAkdrHTFGlXK/owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTEwMjQxNDQzNDZaFw0yNjEwMjMxNDQ4NDZaMDMxMTAvBgNV
BAMTKDU3ODU3NzZBQzE0QUFCMjA4MTAxRTkyOEFEMDBDOTc4REM2ODY2MjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7zJRO5z19NSN2lkqLPQWTF1U/
3HJulXCzsNIXzlp7vYW2zn/qtasS5dB9/J6R3NO9N85w04A6lzR853S4QQtlxhzR
Edp5FT4e/fzKIbmgffB/eeVphTOCp9BviZh2mS8piUtsG07q/pXk6+98b4uZAF8z
jdloiNk7b+2geVa3F6gPpnumCAGHm0uzmmZ8btUPGDVx/WAhPb/2yc7C6Y6NjFrX
nJ8qDSh8DNY19ea0wB6u/kAdT+Wn5RN94d7mO4UjWk1lBEPpwSwaFJuUph199Lps
A9nACqZLsFKp9nrr/7ovD1/zVpHO7tmHZEIxsoUTctxG+AzGks/EphCXoY71AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUV4V3asFKqyCBAekorQDJeNxoZigwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM3MmUzOTMzMmUzMTM2
MzAyZTMwMmYzMjMxMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
k12gMA0GCSqGSIb3DQEBCwUAA4IBAQB2K+52JI6j2no2S1bMvDGmzcuHni7JSl6H
x1TKOzXb7pbuDUfUpOvX4mCMHMt3YBeJHmOkLTHJPs7kQR5hpP/FIUJNFnWi3Yvp
64ATpAtFslsapY8dl3uYtfhjQJbzDUTbWxD9MvOjb1IAtJT8MwafyOdAQ23tHRib
gLN40ir4MOR62oJG8eWV50xZfOSwu3APZ1LCKgXMQDwkqV0PIN+Iyut9y1ESCc8j
mp7EuNzlvAHpXlfOjOEVUvmufU+PCTC+Wsxk5ncLFmgh3lqRa/UGUmAEkSrJsXFS
C0rlbHwokq9LyveHLlFbuv03eSiTjMdoWy4bmo2IhWBcNw8vGjs3
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:01:36 2025 by rpki-client