Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37382e302f32342d3234203d3e20323036343436.roa
File: 3231332e3133392e37382e302f32342d3234203d3e20323036343436.roa (raw, json)
Hash identifier: LCM/dunTFfsiENo1u3oy0PNFVtxRWwm9bEHFaBempdc=
Subject key identifier: 0B:B9:89:9B:63:EE:AD:9B:CC:6F:FC:C3:FB:F0:C4:58:43:06:91:C6
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 7874BBFEE933BA30AD5AE437610811DCF7794398
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37382e302f32342d3234203d3e20323036343436.roa
Signing time: Sun 20 Jul 2025 13:54:13 +0000
ROA not before: Sun 20 Jul 2025 13:49:13 +0000
ROA not after: Sun 19 Jul 2026 13:54:13 +0000
asID: 206446
IP address blocks: 213.139.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 10:05:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:74:bb:fe:e9:33:ba:30:ad:5a:e4:37:61:08:11:dc:f7:79:43:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Jul 20 13:49:13 2025 GMT
Not After : Jul 19 13:54:13 2026 GMT
Subject: CN=0BB9899B63EEAD9BCC6FFCC3FBF0C458430691C6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:5e:ac:51:7f:65:7f:47:2d:9f:ba:d2:a5:a3:
55:9e:a7:bc:fe:c2:dc:06:77:ca:ab:e5:11:2e:fa:
9e:51:d6:e0:73:cc:9e:e1:b8:8f:fa:8f:d2:fc:65:
c0:35:12:6f:37:31:c4:55:9f:82:1b:50:12:bf:bf:
f8:23:8b:36:78:6c:31:1d:b4:4f:2e:53:3a:ad:23:
85:54:b4:e8:6a:0d:aa:7e:96:51:ac:b2:88:75:c2:
63:90:52:8f:78:d8:41:8f:78:b6:20:97:ef:31:54:
57:56:5c:94:2e:b8:35:51:fb:45:95:61:71:5c:26:
2a:b1:41:16:4b:94:05:16:ea:66:c8:bc:6a:c7:05:
dd:8b:7f:c3:16:b5:50:41:1c:da:35:50:93:ed:c2:
d2:a0:06:78:b7:0c:98:3c:10:75:84:d5:0e:c5:52:
9e:7d:e9:b2:6b:96:05:de:d5:5e:00:e6:eb:37:6d:
f1:b4:24:c3:d0:66:55:ae:cb:2c:27:f6:9f:89:4c:
a5:b9:f2:73:05:2e:1a:ef:1b:d5:94:67:13:5a:5e:
35:ac:a2:28:29:bb:d5:f5:52:d9:fb:48:8f:02:d3:
12:06:64:dc:5e:06:8a:95:ea:08:a2:09:7b:25:72:
0a:96:fb:79:66:73:5d:77:53:49:e0:07:5c:24:d6:
d1:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:B9:89:9B:63:EE:AD:9B:CC:6F:FC:C3:FB:F0:C4:58:43:06:91:C6
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37382e302f32342d3234203d3e20323036343436.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.78.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:b3:d5:75:87:c3:6b:71:a9:77:14:95:3b:fc:be:45:fe:8c:
03:10:7b:90:78:57:01:29:26:8f:c2:e2:43:27:3b:0a:66:e4:
18:71:0c:9b:da:4c:43:39:d3:96:21:24:21:24:94:6b:01:e0:
34:0f:ee:a5:ff:0a:36:7a:31:a2:d7:fd:94:ba:a6:08:bc:14:
a1:31:34:01:27:be:e5:ff:1c:af:ca:a5:ed:87:9e:61:36:cb:
5a:6f:0b:6e:e7:3b:9e:77:24:69:30:48:7f:8c:3f:ca:92:74:
bc:dc:65:b9:4a:c6:77:51:48:29:0a:38:a1:2e:72:c4:da:f2:
06:e2:fe:f1:23:08:5a:8f:96:7f:31:2e:db:17:8f:9e:e0:58:
b3:03:67:9d:42:3d:2a:c0:21:14:70:84:44:d4:7a:f4:88:64:
4e:06:6d:1f:f2:9c:4b:33:db:00:d3:ee:b5:92:5b:ec:98:7b:
d3:3e:e4:a0:40:9b:44:48:7b:de:af:b1:5d:ea:3b:a4:41:7e:
c1:ac:26:ce:98:aa:34:2a:d0:c1:22:8c:69:bf:83:98:f2:2d:
0a:2d:d2:9d:2a:2c:e1:89:03:78:72:53:a4:8a:09:3e:74:14:
82:09:33:ee:68:34:3c:74:97:8f:78:90:66:b1:60:8a:db:7b:
1b:fd:00:49
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUeHS7/ukzujCtWuQ3YQgR3Pd5Q5gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNTA3MjAxMzQ5MTNaFw0yNjA3MTkxMzU0MTNaMDMxMTAvBgNV
BAMTKDBCQjk4OTlCNjNFRUFEOUJDQzZGRkNDM0ZCRjBDNDU4NDMwNjkxQzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXXqxRf2V/Ry2futKlo1Wep7z+
wtwGd8qr5REu+p5R1uBzzJ7huI/6j9L8ZcA1Em83McRVn4IbUBK/v/gjizZ4bDEd
tE8uUzqtI4VUtOhqDap+llGssoh1wmOQUo942EGPeLYgl+8xVFdWXJQuuDVR+0WV
YXFcJiqxQRZLlAUW6mbIvGrHBd2Lf8MWtVBBHNo1UJPtwtKgBni3DJg8EHWE1Q7F
Up596bJrlgXe1V4A5us3bfG0JMPQZlWuyywn9p+JTKW58nMFLhrvG9WUZxNaXjWs
oigpu9X1Utn7SI8C0xIGZNxeBoqV6giiCXslcgqW+3lmc113U0ngB1wk1tHfAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUC7mJm2PurZvMb/zD+/DEWEMGkcYwHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM3
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzYzNDM0MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADVi04wDQYJKoZIhvcNAQELBQADggEBAIyz1XWHw2txqXcUlTv8vkX+jAMQe5B4
VwEpJo/C4kMnOwpm5BhxDJvaTEM505YhJCEklGsB4DQP7qX/CjZ6MaLX/ZS6pgi8
FKExNAEnvuX/HK/Kpe2HnmE2y1pvC27nO553JGkwSH+MP8qSdLzcZblKxndRSCkK
OKEucsTa8gbi/vEjCFqPln8xLtsXj57gWLMDZ51CPSrAIRRwhETUevSIZE4GbR/y
nEsz2wDT7rWSW+yYe9M+5KBAm0RIe96vsV3qO6RBfsGsJs6YqjQq0MEijGm/g5jy
LQot0p0qLOGJA3hyU6SKCT50FIIJM+5oNDx0l494kGaxYIrbexv9AEk=
-----END CERTIFICATE-----
Generated at Mon Jul 21 23:58:31 2025 by rpki-client