Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233342e37302e302f32332d3332203d3e203531313637.roa
File: 3138352e3233342e37302e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: rcXBSH9uy61B6OiGCDifWsxyRmfGJpHsrqmlPyYY+po=
Subject key identifier: 4C:88:BB:88:FE:55:23:9B:76:CF:03:DB:52:45:FA:7A:76:F6:7E:CD
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 07FB0549457E46A020872BCA92C82B3307F31EF4
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233342e37302e302f32332d3332203d3e203531313637.roa
Signing time: Thu 01 May 2025 20:46:11 +0000
ROA not before: Thu 01 May 2025 20:41:11 +0000
ROA not after: Thu 30 Apr 2026 20:46:11 +0000
asID: 51167
IP address blocks: 185.234.70.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 15:10:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:fb:05:49:45:7e:46:a0:20:87:2b:ca:92:c8:2b:33:07:f3:1e:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 1 20:41:11 2025 GMT
Not After : Apr 30 20:46:11 2026 GMT
Subject: CN=4C88BB88FE55239B76CF03DB5245FA7A76F67ECD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:91:ba:a5:b0:90:43:33:e4:11:17:15:81:1c:
1e:db:5f:65:e9:a4:a3:b7:56:4e:61:5f:ff:a2:64:
15:c9:16:07:b8:0d:3b:8e:d2:c1:d3:4e:6a:ff:89:
4d:e6:54:52:8f:c9:61:90:f1:06:f5:c7:8b:b9:cd:
d6:d4:be:24:2c:97:50:01:69:9e:d9:2c:2c:52:98:
cc:c1:77:f1:97:e5:95:91:51:7d:90:3a:63:f3:58:
0f:2d:4a:a4:1d:6d:94:1e:ae:51:e2:de:90:67:28:
54:da:b4:b2:7f:3e:e0:89:6c:f5:d3:d1:89:6c:72:
c5:be:cd:ca:46:74:e5:e6:f5:40:4c:e3:bc:fb:46:
90:e9:d0:dc:66:e4:76:3d:60:18:ed:ce:65:24:d6:
96:cd:a6:7a:cd:29:06:50:73:f1:7e:49:2d:45:8b:
f9:c8:e7:e6:42:e8:ca:a3:6a:0d:dc:5d:e3:2b:d9:
7e:1d:69:24:34:bf:ce:2f:0a:b7:c9:b7:24:2d:3b:
a6:ab:91:c0:ac:81:ce:a6:ea:a5:50:be:84:e8:e4:
99:1c:04:fb:0c:ba:d7:8d:f4:ee:bc:84:f7:cf:6c:
d9:2e:0b:bc:9a:93:5a:63:e0:78:0f:7b:80:c9:81:
0b:46:79:d9:24:45:43:94:d7:13:1a:2f:06:80:ac:
4c:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:88:BB:88:FE:55:23:9B:76:CF:03:DB:52:45:FA:7A:76:F6:7E:CD
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233342e37302e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.70.0/23
Signature Algorithm: sha256WithRSAEncryption
81:b9:40:f7:a7:2b:c9:06:42:fa:71:c2:80:21:e1:57:69:8b:
12:76:23:c4:df:19:18:69:0d:0d:10:b8:7c:8d:99:7f:83:18:
28:bd:34:ca:b6:98:62:c2:24:cb:06:0f:be:e3:2d:6f:1c:1f:
13:af:61:72:a5:46:d6:aa:0c:37:bc:18:ec:e9:05:45:6e:7c:
8d:d7:87:1c:2d:05:69:59:4d:70:8d:d4:67:9c:e5:37:66:ad:
d8:fd:ad:90:5e:91:ed:ef:d3:97:d8:67:af:8d:2e:92:06:cd:
06:14:73:11:75:b8:9b:ad:57:73:50:3c:68:d7:ef:9a:0a:68:
b0:b9:e4:21:7d:03:34:fd:30:cb:0c:14:e1:e7:c6:04:3a:3d:
64:65:1e:bb:b1:cc:70:41:20:5d:c4:19:9c:1d:03:b8:74:96:
b6:36:e0:90:10:db:b1:43:3a:d5:1d:87:53:0c:88:2d:e3:8b:
54:67:3f:c1:7a:20:70:f0:52:2e:25:8e:bc:c1:4b:ec:b7:4a:
1d:b2:7a:52:db:b3:12:b8:fb:34:c6:52:85:46:d0:10:0d:19:
13:66:ce:eb:73:99:77:e4:11:23:a6:36:aa:f7:83:f7:fd:c2:
14:46:9a:f0:0a:6e:f9:ee:66:97:95:a0:1f:c6:61:29:07:11:
a6:a1:84:80
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUB/sFSUV+RqAghyvKksgrMwfzHvQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA1MDEyMDQxMTFaFw0yNjA0MzAyMDQ2MTFaMDMxMTAvBgNV
BAMTKDRDODhCQjg4RkU1NTIzOUI3NkNGMDNEQjUyNDVGQTdBNzZGNjdFQ0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5kbqlsJBDM+QRFxWBHB7bX2Xp
pKO3Vk5hX/+iZBXJFge4DTuO0sHTTmr/iU3mVFKPyWGQ8Qb1x4u5zdbUviQsl1AB
aZ7ZLCxSmMzBd/GX5ZWRUX2QOmPzWA8tSqQdbZQerlHi3pBnKFTatLJ/PuCJbPXT
0YlscsW+zcpGdOXm9UBM47z7RpDp0Nxm5HY9YBjtzmUk1pbNpnrNKQZQc/F+SS1F
i/nI5+ZC6Mqjag3cXeMr2X4daSQ0v84vCrfJtyQtO6arkcCsgc6m6qVQvoTo5Jkc
BPsMuteN9O68hPfPbNkuC7yak1pj4HgPe4DJgQtGedkkRUOU1xMaLwaArEypAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUTIi7iP5VI5t2zwPbUkX6enb2fs0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMzMzQyZTM3
MzAyZTMwMmYzMjMzMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
uepGMA0GCSqGSIb3DQEBCwUAA4IBAQCBuUD3pyvJBkL6ccKAIeFXaYsSdiPE3xkY
aQ0NELh8jZl/gxgovTTKtphiwiTLBg++4y1vHB8Tr2FypUbWqgw3vBjs6QVFbnyN
14ccLQVpWU1wjdRnnOU3Zq3Y/a2QXpHt79OX2GevjS6SBs0GFHMRdbibrVdzUDxo
1++aCmiwueQhfQM0/TDLDBTh58YEOj1kZR67scxwQSBdxBmcHQO4dJa2NuCQENux
QzrVHYdTDIgt44tUZz/BeiBw8FIuJY68wUvst0odsnpS27MSuPs0xlKFRtAQDRkT
Zs7rc5l35BEjpjaq94P3/cIURprwCm757maXlaAfxmEpBxGmoYSA
-----END CERTIFICATE-----
Generated at Sun Jun 15 08:59:00 2025 by rpki-client