Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230332e3231362e302f32332d3332203d3e203531313637.roa
File: 3138352e3230332e3231362e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: lqIF8hUB023DZwAi0x/u9zzOZK6Cm3hVzmIFIPkZMZA=
Subject key identifier: 2B:45:1E:92:B7:A0:67:0B:C8:78:72:46:08:FE:2F:E1:27:AC:84:19
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 42586A2B718F77FE1D96CC0E9C1BB69BC8E93F39
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230332e3231362e302f32332d3332203d3e203531313637.roa
Signing time: Wed 23 Apr 2025 13:46:09 +0000
ROA not before: Wed 23 Apr 2025 13:41:09 +0000
ROA not after: Wed 22 Apr 2026 13:46:09 +0000
asID: 51167
IP address blocks: 185.203.216.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 05:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:58:6a:2b:71:8f:77:fe:1d:96:cc:0e:9c:1b:b6:9b:c8:e9:3f:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 23 13:41:09 2025 GMT
Not After : Apr 22 13:46:09 2026 GMT
Subject: CN=2B451E92B7A0670BC878724608FE2FE127AC8419
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a8:d5:60:08:3c:2e:6a:e8:31:d2:b3:09:93:
e0:63:3b:1b:52:c2:13:f7:3a:10:fe:76:cc:44:ac:
9e:36:a2:78:03:5c:b7:35:cc:c3:96:32:36:8a:82:
cf:50:bb:d1:f9:4e:22:24:26:bd:3c:5f:69:fa:61:
8a:6c:27:dc:87:16:30:ed:13:30:2c:9f:47:ba:3b:
dd:9e:84:6b:77:11:7d:ac:0a:79:39:57:b3:81:e4:
5d:ea:b4:b3:f6:25:91:70:16:ff:b0:ce:a0:a4:98:
f1:0d:d0:3d:b3:ab:58:e6:df:5c:a4:32:75:8d:19:
39:93:b0:2a:03:d1:86:c3:25:b3:f6:dd:26:22:89:
28:5d:28:0f:4e:64:12:73:34:e0:eb:0c:bb:1e:e8:
00:dc:fe:30:b4:48:8c:70:59:86:67:26:60:ee:55:
2c:98:61:2c:8e:a6:18:87:ee:56:f0:31:a8:bd:4c:
56:0c:4e:da:e0:95:f2:a7:54:e4:b5:65:e7:97:0b:
51:7f:d8:d9:ee:1f:80:2a:86:5a:c8:31:ce:06:a6:
af:f3:f0:64:53:f7:c8:fa:b6:0e:0f:49:51:e6:5a:
19:0b:0c:5e:82:8f:77:b9:6d:35:1a:67:f2:59:a5:
7c:f6:c8:1d:84:f9:20:22:75:7f:33:e0:be:99:6d:
59:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:45:1E:92:B7:A0:67:0B:C8:78:72:46:08:FE:2F:E1:27:AC:84:19
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230332e3231362e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.203.216.0/23
Signature Algorithm: sha256WithRSAEncryption
6e:b6:2e:bf:4b:1c:f8:07:a7:08:5a:fa:04:97:0d:24:01:a1:
1a:0c:d1:49:9f:1c:4d:8a:02:95:49:5d:20:ea:98:09:4b:d8:
f8:c5:36:35:f8:af:da:41:e3:3a:7a:95:07:ef:2f:31:49:1f:
77:70:4b:f9:e6:f2:b6:ed:7e:a6:68:f3:fd:3c:43:9c:29:66:
01:a9:6a:d1:59:33:26:d5:09:04:11:75:3b:30:88:cd:59:93:
92:c9:07:19:63:21:66:96:0c:61:ed:a6:64:3e:b2:6f:9a:23:
96:6c:c0:1f:2e:8c:7a:a2:68:64:60:50:b4:1b:7e:05:16:ee:
ca:23:87:ef:27:47:6f:6d:25:8a:d9:96:32:51:70:c6:3e:83:
a5:49:32:78:c0:c0:a5:fb:28:80:0b:cf:32:cb:b4:0d:51:46:
ed:4c:66:ea:4a:58:13:7a:74:39:2a:fa:9c:d3:38:79:4c:71:
d1:27:a6:00:b8:2d:fb:32:7a:e2:bb:de:d7:e9:88:67:39:3c:
4b:4e:ef:d4:10:f1:8a:d7:66:26:17:1e:71:26:a8:94:d7:1f:
3e:36:bf:cd:9b:02:25:ad:72:ae:9f:f5:6c:3c:14:37:28:ca:
46:f6:39:e6:e6:cc:a4:ec:27:97:6e:91:eb:16:f1:8c:f7:bb:
65:33:82:13
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQlhqK3GPd/4dlswOnBu2m8jpPzkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA0MjMxMzQxMDlaFw0yNjA0MjIxMzQ2MDlaMDMxMTAvBgNV
BAMTKDJCNDUxRTkyQjdBMDY3MEJDODc4NzI0NjA4RkUyRkUxMjdBQzg0MTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4qNVgCDwuaugx0rMJk+BjOxtS
whP3OhD+dsxErJ42ongDXLc1zMOWMjaKgs9Qu9H5TiIkJr08X2n6YYpsJ9yHFjDt
EzAsn0e6O92ehGt3EX2sCnk5V7OB5F3qtLP2JZFwFv+wzqCkmPEN0D2zq1jm31yk
MnWNGTmTsCoD0YbDJbP23SYiiShdKA9OZBJzNODrDLse6ADc/jC0SIxwWYZnJmDu
VSyYYSyOphiH7lbwMai9TFYMTtrglfKnVOS1ZeeXC1F/2NnuH4AqhlrIMc4Gpq/z
8GRT98j6tg4PSVHmWhkLDF6Cj3e5bTUaZ/JZpXz2yB2E+SAidX8z4L6ZbVnLAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUK0UekregZwvIeHJGCP4v4SeshBkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzMyZTMy
MzEzNjJlMzAyZjMyMzMyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG5y9gwDQYJKoZIhvcNAQELBQADggEBAG62Lr9LHPgHpwha+gSXDSQBoRoM0Umf
HE2KApVJXSDqmAlL2PjFNjX4r9pB4zp6lQfvLzFJH3dwS/nm8rbtfqZo8/08Q5wp
ZgGpatFZMybVCQQRdTswiM1Zk5LJBxljIWaWDGHtpmQ+sm+aI5ZswB8ujHqiaGRg
ULQbfgUW7sojh+8nR29tJYrZljJRcMY+g6VJMnjAwKX7KIALzzLLtA1RRu1MZupK
WBN6dDkq+pzTOHlMcdEnpgC4LfsyeuK73tfpiGc5PEtO79QQ8YrXZiYXHnEmqJTX
Hz42v82bAiWtcq6f9Ww8FDcoykb2OebmzKTsJ5dukesW8Yz3u2UzghM=
-----END CERTIFICATE-----
Generated at Sun Apr 27 12:58:48 2025 by rpki-client