Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3133332e3235302e302f32332d3332203d3e203531313637.roa
File: 3138352e3133332e3235302e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: b21ySl8D830PDRcDi/w/g5P5deRWh/NdYC3TAdcyu7Y=
Subject key identifier: A5:0B:30:BD:15:DB:18:F1:E9:07:75:CE:E8:6A:25:CB:5F:63:16:55
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 427D00035472CAEED58369425EC1B4E808928CA8
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3133332e3235302e302f32332d3332203d3e203531313637.roa
Signing time: Wed 14 May 2025 10:46:15 +0000
ROA not before: Wed 14 May 2025 10:41:15 +0000
ROA not after: Wed 13 May 2026 10:46:15 +0000
asID: 51167
IP address blocks: 185.133.250.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:7d:00:03:54:72:ca:ee:d5:83:69:42:5e:c1:b4:e8:08:92:8c:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 14 10:41:15 2025 GMT
Not After : May 13 10:46:15 2026 GMT
Subject: CN=A50B30BD15DB18F1E90775CEE86A25CB5F631655
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:fb:5f:1a:de:2f:dc:39:1e:f6:a4:44:32:ab:
92:51:17:76:ce:37:f4:4a:16:97:9a:d8:2d:6a:a1:
ac:e9:bd:6e:03:3e:fd:27:4d:47:c2:ad:3b:95:ec:
38:63:a4:87:27:e7:99:13:ec:4c:4d:e4:84:ca:e4:
35:45:57:40:1f:cc:e2:75:87:4f:20:fc:85:8e:06:
5a:c9:d2:ec:e4:dc:0e:d9:61:6d:4e:02:6f:52:64:
6d:9a:3f:df:bf:3f:dd:ca:6e:ef:34:df:bc:ea:43:
00:54:38:12:4c:cd:1c:fe:66:fe:18:0c:d1:44:36:
2d:9d:cd:f9:4d:7b:76:8b:a0:df:6b:93:99:17:6d:
0a:f2:7a:b3:58:fa:1e:2f:f1:9b:f2:db:65:66:0a:
50:2e:d9:cf:3d:65:a9:c2:23:57:9b:04:ea:e0:12:
65:61:fa:ff:52:38:cc:a6:8d:1b:9e:20:0c:de:90:
1e:de:6d:b1:e5:c4:5f:a5:6c:f6:7b:3b:e2:10:f9:
33:fb:81:f9:f1:bd:88:89:04:6c:a5:24:17:a1:67:
03:96:20:91:f6:1f:02:5c:05:73:d9:fa:c9:39:01:
05:7e:05:32:a2:e4:98:24:1a:a1:d8:a1:3f:bd:0d:
ca:41:f1:e9:6f:9f:16:3c:8a:5a:a3:85:fb:32:c7:
d8:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:0B:30:BD:15:DB:18:F1:E9:07:75:CE:E8:6A:25:CB:5F:63:16:55
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3133332e3235302e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.250.0/23
Signature Algorithm: sha256WithRSAEncryption
81:05:1f:78:27:9b:67:05:67:a6:ea:d5:85:0e:e0:24:de:53:
76:26:62:2c:7c:a7:43:f6:aa:a3:01:b4:a0:f4:2c:8e:50:68:
1e:71:38:a5:ab:d1:6d:a7:5b:d0:c9:37:a0:fa:0c:bc:3d:38:
d2:d3:ef:3a:a4:64:96:dd:33:53:6d:fe:f1:f0:6f:d6:b4:1d:
5c:53:b9:76:6f:74:e9:02:42:27:05:e6:31:56:27:40:c6:9e:
34:7f:e8:bf:91:2f:47:28:41:d5:be:ca:45:22:45:ef:26:a2:
dd:ec:4f:b8:cc:1c:df:e9:f8:da:9f:53:f8:42:30:e6:64:b3:
95:a5:8b:b0:3a:3e:f6:1b:ce:a5:e8:a8:d4:2c:3e:83:33:80:
a2:3f:26:f2:42:39:e0:97:5c:6c:6a:8d:62:a4:ec:41:d0:db:
e6:92:cb:f0:05:99:b3:e2:e8:9c:d4:8f:c7:e6:d8:ca:a1:c2:
59:65:d5:8b:87:cf:a1:37:b2:6c:9b:b1:3b:9a:d4:ee:49:ae:
3e:a3:ce:ac:86:86:38:51:9d:23:7c:63:2b:86:b6:e8:27:06:
eb:74:ec:2c:df:eb:b0:7d:cb:95:a9:5d:78:32:c7:97:b3:0e:
0c:7b:8e:7c:0b:9f:6d:7f:1b:b6:c9:e1:d3:d5:b5:bb:70:1a:
d5:64:07:de
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQn0AA1Ryyu7Vg2lCXsG06AiSjKgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA1MTQxMDQxMTVaFw0yNjA1MTMxMDQ2MTVaMDMxMTAvBgNV
BAMTKEE1MEIzMEJEMTVEQjE4RjFFOTA3NzVDRUU4NkEyNUNCNUY2MzE2NTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw+18a3i/cOR72pEQyq5JRF3bO
N/RKFpea2C1qoazpvW4DPv0nTUfCrTuV7DhjpIcn55kT7ExN5ITK5DVFV0AfzOJ1
h08g/IWOBlrJ0uzk3A7ZYW1OAm9SZG2aP9+/P93Kbu8037zqQwBUOBJMzRz+Zv4Y
DNFENi2dzflNe3aLoN9rk5kXbQryerNY+h4v8Zvy22VmClAu2c89ZanCI1ebBOrg
EmVh+v9SOMymjRueIAzekB7ebbHlxF+lbPZ7O+IQ+TP7gfnxvYiJBGylJBehZwOW
IJH2HwJcBXPZ+sk5AQV+BTKi5JgkGqHYoT+9DcpB8elvnxY8ilqjhfsyx9g/AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUpQswvRXbGPHpB3XO6Goly19jFlUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTMzMzMyZTMy
MzUzMDJlMzAyZjMyMzMyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG5hfowDQYJKoZIhvcNAQELBQADggEBAIEFH3gnm2cFZ6bq1YUO4CTeU3YmYix8
p0P2qqMBtKD0LI5QaB5xOKWr0W2nW9DJN6D6DLw9ONLT7zqkZJbdM1Nt/vHwb9a0
HVxTuXZvdOkCQicF5jFWJ0DGnjR/6L+RL0coQdW+ykUiRe8mot3sT7jMHN/p+Nqf
U/hCMOZks5Wli7A6PvYbzqXoqNQsPoMzgKI/JvJCOeCXXGxqjWKk7EHQ2+aSy/AF
mbPi6JzUj8fm2Mqhwlll1YuHz6E3smybsTua1O5Jrj6jzqyGhjhRnSN8YyuGtugn
But07Czf67B9y5WpXXgyx5ezDgx7jnwLn21/G7bJ4dPVtbtwGtVkB94=
-----END CERTIFICATE-----
Generated at Sun Jun 15 11:42:15 2025 by rpki-client