Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3130392e3233342e3231322e302f32342d3234203d3e2039333034.roa
File: 3130392e3233342e3231322e302f32342d3234203d3e2039333034.roa (raw, json)
Hash identifier: E1rTwoIvXUNDaM0STfVaIqf1sVvsAgpb9o5+zj/sF4M=
Subject key identifier: F9:3C:BA:5C:F3:91:63:49:0E:16:1E:36:51:66:A7:5F:4D:C0:64:38
Certificate issuer: /CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Certificate serial: 44D699E61A1BA3F9844F3EDAD65E37AA547AAA35
Authority key identifier: F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3130392e3233342e3231322e302f32342d3234203d3e2039333034.roa
Signing time: Thu 03 Jul 2025 13:57:23 +0000
ROA not before: Thu 03 Jul 2025 13:52:23 +0000
ROA not after: Thu 02 Jul 2026 13:57:23 +0000
asID: 9304
IP address blocks: 109.234.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.mft
rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 10:23:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:d6:99:e6:1a:1b:a3:f9:84:4f:3e:da:d6:5e:37:aa:54:7a:aa:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Validity
Not Before: Jul 3 13:52:23 2025 GMT
Not After : Jul 2 13:57:23 2026 GMT
Subject: CN=F93CBA5CF39163490E161E365166A75F4DC06438
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ad:bd:d2:72:17:a3:b0:3c:6b:35:fe:3a:7f:
1c:50:c9:f2:9d:1c:d3:0c:3f:c6:7b:56:8d:3d:58:
c9:8d:d1:dd:b0:1d:24:27:8b:88:eb:34:15:c4:d5:
dd:d1:d7:e0:23:2d:5e:f1:83:14:97:11:16:6d:65:
9d:26:19:15:95:ff:e6:1f:fe:83:ee:52:a2:83:2c:
b0:83:34:62:f1:45:11:16:21:4a:51:2e:b7:dd:12:
e0:f3:3d:48:7f:20:f7:88:ac:8d:56:ec:45:4d:82:
6b:4a:f6:1a:93:67:3e:59:66:d7:72:13:81:98:ad:
2f:f3:db:83:ab:ca:e6:c7:20:db:7c:1e:a7:41:7c:
f7:ec:4d:16:27:02:bb:45:7c:bf:36:c3:25:a8:5a:
68:a7:a6:17:78:3b:6e:33:84:d1:cf:c0:0d:62:19:
b1:b0:42:82:96:92:35:ff:64:b0:ac:b4:c9:63:5d:
c6:2c:a5:57:bb:fb:6e:4a:c6:33:e8:4d:79:10:a2:
6b:f7:96:22:8d:60:ad:bb:f7:65:13:a6:0f:23:84:
8c:30:da:9b:d7:cb:8f:be:ae:9c:e7:91:96:e2:27:
05:ec:77:4e:f7:c6:8e:22:69:28:73:85:f4:d3:0c:
8e:f4:ed:5b:00:8e:bb:49:7f:3f:30:da:3f:1e:bb:
d2:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:3C:BA:5C:F3:91:63:49:0E:16:1E:36:51:66:A7:5F:4D:C0:64:38
X509v3 Authority Key Identifier:
keyid:F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3130392e3233342e3231322e302f32342d3234203d3e2039333034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.234.212.0/24
Signature Algorithm: sha256WithRSAEncryption
84:77:85:51:4b:3b:b0:b8:8f:23:da:1e:cd:02:76:73:b7:92:
68:3f:e1:d5:07:4d:ca:ab:89:ee:33:74:d3:11:3e:3b:8d:47:
4a:59:f5:1a:11:d3:9a:d3:5c:43:4a:42:68:39:90:67:c1:ec:
99:48:4b:f2:11:4e:89:6c:e8:11:c1:d2:71:91:d3:5b:94:de:
25:b5:4d:d8:40:cd:d1:60:5a:00:c0:f3:b2:22:09:04:cf:92:
35:52:bf:51:0f:53:5f:45:a9:19:86:57:15:d6:52:4d:d3:b2:
c7:cf:65:95:fc:79:fb:32:44:91:97:41:f0:6a:7e:83:cb:e3:
6f:ca:12:fd:05:ee:a4:7f:54:e2:c1:d3:3a:c5:60:da:77:48:
9a:e5:8f:1a:15:90:e5:26:12:06:3c:06:ef:32:9e:be:5d:34:
74:db:95:f2:a6:bd:d1:ca:2b:45:89:c8:c8:c7:16:59:c8:32:
f6:0e:10:a0:30:54:73:15:08:e3:1b:66:46:b4:40:c6:a5:83:
78:04:b6:fa:c8:e7:be:c5:77:a7:63:9c:a6:ac:d3:5a:aa:d6:
32:40:71:f7:07:b6:02:57:cc:fa:0f:cc:75:5e:48:b2:10:7e:
0e:f8:2e:b2:82:20:c5:0b:5a:d0:d0:7d:d9:eb:8f:89:6b:75:
8d:45:04:50
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIURNaZ5hobo/mETz7a1l43qlR6qjUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjc2OGZmNmU2ODE4NThjMGVjMTlmM2E5M2ZhMTc5MmNk
MTZjZWVkMzAeFw0yNTA3MDMxMzUyMjNaFw0yNjA3MDIxMzU3MjNaMDMxMTAvBgNV
BAMTKEY5M0NCQTVDRjM5MTYzNDkwRTE2MUUzNjUxNjZBNzVGNERDMDY0MzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDrb3SchejsDxrNf46fxxQyfKd
HNMMP8Z7Vo09WMmN0d2wHSQni4jrNBXE1d3R1+AjLV7xgxSXERZtZZ0mGRWV/+Yf
/oPuUqKDLLCDNGLxRREWIUpRLrfdEuDzPUh/IPeIrI1W7EVNgmtK9hqTZz5ZZtdy
E4GYrS/z24OryubHINt8HqdBfPfsTRYnArtFfL82wyWoWminphd4O24zhNHPwA1i
GbGwQoKWkjX/ZLCstMljXcYspVe7+25KxjPoTXkQomv3liKNYK2792UTpg8jhIww
2pvXy4++rpznkZbiJwXsd073xo4iaShzhfTTDI707VsAjrtJfz8w2j8eu9JFAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU+Ty6XPORY0kOFh42UWanX03AZDgwHwYDVR0j
BBgwFoAU92j/bmgYWMDsGfOpP6F5LNFs7tMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGNjMDg3MzctOTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0
NGVkLzAvRjc2OEZGNkU2ODE4NThDMEVDMTlGM0E5M0ZBMTc5MkNEMTZDRUVEMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkyal9ibWdZV01Ec0dmT3BQNkY1TE5G
czd0TS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGNjMDg3Mzct
OTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0NGVkLzAvMzEzMDM5MmUzMjMzMzQyZTMy
MzEzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM5MzMzMDM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
berUMA0GCSqGSIb3DQEBCwUAA4IBAQCEd4VRSzuwuI8j2h7NAnZzt5JoP+HVB03K
q4nuM3TTET47jUdKWfUaEdOa01xDSkJoOZBnweyZSEvyEU6JbOgRwdJxkdNblN4l
tU3YQM3RYFoAwPOyIgkEz5I1Ur9RD1NfRakZhlcV1lJN07LHz2WV/Hn7MkSRl0Hw
an6Dy+NvyhL9Be6kf1TiwdM6xWDad0ia5Y8aFZDlJhIGPAbvMp6+XTR025Xypr3R
yitFicjIxxZZyDL2DhCgMFRzFQjjG2ZGtEDGpYN4BLb6yOe+xXenY5ymrNNaqtYy
QHH3B7YCV8z6D8x1XkiyEH4O+C6ygiDFC1rQ0H3Z64+Ja3WNRQRQ
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:36:18 2025 by rpki-client