Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3131392e3139352e302f32342d3234203d3e20323034313730.roa
File: 3137362e3131392e3139352e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: oo8U5YB8HwBx0TiKoIij/HO1bN6iA0b7o2v4jyeB63Q=
Subject key identifier: 9B:2D:81:E2:C1:0D:9C:CB:ED:DF:C8:6D:7C:33:32:1E:00:2B:00:8B
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4CA254EC0A39C67F3A4306FBBC86A11CECF14495
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3131392e3139352e302f32342d3234203d3e20323034313730.roa
Signing time: Tue 27 May 2025 22:46:29 +0000
ROA not before: Tue 27 May 2025 22:41:29 +0000
ROA not after: Tue 26 May 2026 22:46:29 +0000
asID: 204170
IP address blocks: 176.119.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Jun 2025 13:52:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:a2:54:ec:0a:39:c6:7f:3a:43:06:fb:bc:86:a1:1c:ec:f1:44:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 27 22:41:29 2025 GMT
Not After : May 26 22:46:29 2026 GMT
Subject: CN=9B2D81E2C10D9CCBEDDFC86D7C33321E002B008B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:47:33:42:ae:78:fe:6f:f1:46:17:38:33:09:
64:49:be:23:ce:a3:66:3e:9b:6c:9b:1f:47:fd:d6:
7e:3d:8c:c1:3d:b0:5b:f3:c3:ad:4f:31:ec:d4:a5:
96:81:44:95:85:d6:08:b1:af:de:d3:4b:ff:9a:8c:
95:3b:8c:9f:0a:99:14:da:74:8f:1f:74:da:42:a1:
3c:62:7b:ed:3e:10:45:83:4e:08:d8:f3:e8:07:a6:
bd:af:78:3d:ae:67:f8:1d:88:3d:28:7c:ee:6b:2c:
ee:d8:89:46:8d:75:cd:90:26:fc:99:e5:34:8e:e0:
3d:56:d2:d6:59:9f:7b:8e:96:cc:23:f7:d8:3b:a3:
9d:26:cf:11:51:2d:24:52:b8:0f:b4:36:8a:50:0a:
9b:0b:df:81:3c:68:87:ba:7d:ab:e7:69:4b:45:a9:
55:82:98:e8:f6:6f:58:a0:3d:2d:6f:04:15:bb:29:
d2:69:41:6c:14:32:a9:84:a8:a8:f2:08:30:7c:b7:
8e:e7:de:69:06:50:ad:58:54:98:22:71:41:d0:03:
d3:aa:46:35:0f:05:7c:64:3c:25:74:16:8b:2a:6f:
a7:82:d2:0d:81:c1:56:75:94:cc:c6:cf:ca:b0:24:
bc:c7:d5:40:a5:8b:0b:19:af:4c:47:94:bf:42:1b:
a7:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:2D:81:E2:C1:0D:9C:CB:ED:DF:C8:6D:7C:33:32:1E:00:2B:00:8B
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3131392e3139352e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.119.195.0/24
Signature Algorithm: sha256WithRSAEncryption
83:73:d5:cf:3c:98:6d:39:51:dd:be:b4:2a:05:ac:82:fc:5e:
9c:a6:ba:a3:02:e6:d9:38:6d:00:dc:81:a0:a0:d4:c1:df:61:
81:e7:94:8b:2c:a2:17:99:9b:5e:2c:62:5c:02:52:f1:09:ab:
57:71:3e:f7:23:7d:e9:51:2e:07:98:50:b6:bd:26:1a:b0:97:
8e:33:de:d0:2c:b5:e9:41:91:27:a0:9b:bf:ea:07:f2:0b:df:
45:45:d3:54:8a:c8:c5:25:a2:73:63:3d:ee:34:01:2b:f7:eb:
fb:37:1c:af:7f:9a:61:85:37:58:11:3b:e9:f5:d0:76:cf:b2:
91:55:e4:c2:b3:40:6b:01:c9:1f:7b:46:05:67:5e:0b:81:96:
c7:d2:07:05:c6:f9:ab:dd:55:54:8d:49:b0:5e:bf:95:be:bc:
8d:07:c1:82:82:0b:ad:16:6b:5e:77:96:60:d7:2e:e1:82:98:
f6:14:08:2c:76:8a:48:18:43:da:04:f4:48:1c:41:cc:97:1a:
a3:f1:a2:44:4d:74:b6:e9:9a:00:7b:ef:c2:04:20:73:6b:df:
15:8f:8e:54:cf:58:7d:cd:5d:f7:c8:58:ed:67:a6:86:ed:60:
33:50:91:cc:04:e4:73:04:62:54:cf:3f:be:8a:e7:00:b0:ff:
70:1e:19:52
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUTKJU7Ao5xn86Qwb7vIahHOzxRJUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA1MjcyMjQxMjlaFw0yNjA1MjYyMjQ2MjlaMDMxMTAvBgNV
BAMTKDlCMkQ4MUUyQzEwRDlDQ0JFRERGQzg2RDdDMzMzMjFFMDAyQjAwOEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXRzNCrnj+b/FGFzgzCWRJviPO
o2Y+m2ybH0f91n49jME9sFvzw61PMezUpZaBRJWF1gixr97TS/+ajJU7jJ8KmRTa
dI8fdNpCoTxie+0+EEWDTgjY8+gHpr2veD2uZ/gdiD0ofO5rLO7YiUaNdc2QJvyZ
5TSO4D1W0tZZn3uOlswj99g7o50mzxFRLSRSuA+0NopQCpsL34E8aIe6favnaUtF
qVWCmOj2b1igPS1vBBW7KdJpQWwUMqmEqKjyCDB8t47n3mkGUK1YVJgicUHQA9Oq
RjUPBXxkPCV0Fosqb6eC0g2BwVZ1lMzGz8qwJLzH1UCliwsZr0xHlL9CG6c7AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUmy2B4sENnMvt38htfDMyHgArAIswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNzM2MmUzMTMxMzkyZTMx
MzkzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNDMxMzczMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALB3wzANBgkqhkiG9w0BAQsFAAOCAQEAg3PVzzyYbTlR3b60KgWsgvxenKa6
owLm2ThtANyBoKDUwd9hgeeUiyyiF5mbXixiXAJS8QmrV3E+9yN96VEuB5hQtr0m
GrCXjjPe0Cy16UGRJ6Cbv+oH8gvfRUXTVIrIxSWic2M97jQBK/fr+zccr3+aYYU3
WBE76fXQds+ykVXkwrNAawHJH3tGBWdeC4GWx9IHBcb5q91VVI1JsF6/lb68jQfB
goILrRZrXneWYNcu4YKY9hQILHaKSBhD2gT0SBxBzJcao/GiRE10tumaAHvvwgQg
c2vfFY+OVM9Yfc1d98hY7Wemhu1gM1CRzATkcwRiVM8/vornALD/cB4ZUg==
-----END CERTIFICATE-----
Generated at Mon Jun 16 18:52:09 2025 by rpki-client