Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e34322e39392e302f32342d3234203d3e20323132323338.roa
File: 3139332e34322e39392e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: k4ltTqkoFwSK0A721A1e7NbUrTsnU+m5MpN2VfOcXyk=
Subject key identifier: 7F:46:E5:FD:BC:EE:2E:E4:0C:DC:39:32:FD:79:23:D7:73:B5:F3:93
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 0F3CDE97CAAE70B86DE5282143E0DFDC1AD7CCD4
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e34322e39392e302f32342d3234203d3e20323132323338.roa
Signing time: Mon 30 Jun 2025 21:29:58 +0000
ROA not before: Mon 30 Jun 2025 21:24:58 +0000
ROA not after: Mon 29 Jun 2026 21:29:58 +0000
asID: 212238
IP address blocks: 193.42.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 04:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:3c:de:97:ca:ae:70:b8:6d:e5:28:21:43:e0:df:dc:1a:d7:cc:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jun 30 21:24:58 2025 GMT
Not After : Jun 29 21:29:58 2026 GMT
Subject: CN=7F46E5FDBCEE2EE40CDC3932FD7923D773B5F393
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:01:38:4d:f5:2e:b2:69:b3:33:07:0a:a5:2b:
74:04:42:a1:e3:4a:ec:22:03:63:46:55:39:b1:c8:
de:86:0e:cd:97:98:01:6c:97:67:8c:26:50:0f:ad:
ed:75:fc:15:8d:2e:29:7e:3d:29:66:b3:15:16:52:
a4:24:e3:0d:03:62:1d:fb:aa:7e:92:c0:d8:b4:73:
71:e8:20:60:df:0d:6a:09:55:b4:95:bb:9a:a5:dd:
e3:e8:2e:a1:34:0e:e7:5e:9c:e7:d9:d5:b2:0b:bf:
8e:13:ee:31:9d:9a:08:69:1c:a1:81:c6:73:a9:2c:
e7:4b:8d:eb:43:59:cd:93:93:a0:eb:d1:ed:cc:27:
a9:e0:85:7f:36:91:0f:3e:bf:ea:26:96:0b:07:45:
10:33:82:2c:8b:d9:5a:38:9b:a0:97:65:0f:1a:42:
41:61:ce:dd:be:c3:03:f8:5a:0e:cf:39:3d:c9:24:
61:f2:41:9f:b4:d8:06:b8:e9:2d:e4:03:80:25:6b:
27:01:4a:b0:47:11:41:9f:2f:8e:c5:98:87:ec:28:
ac:b9:f8:1b:c8:6f:1e:bd:e4:a5:5f:7e:e2:b5:f1:
1b:76:5b:53:0d:b7:ce:f7:17:c5:7c:9f:a5:7e:12:
5c:e4:8e:d6:0d:7f:39:f6:95:6e:23:97:8c:23:5c:
4a:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:46:E5:FD:BC:EE:2E:E4:0C:DC:39:32:FD:79:23:D7:73:B5:F3:93
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e34322e39392e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.42.99.0/24
Signature Algorithm: sha256WithRSAEncryption
95:3a:36:fb:0f:d5:e1:c7:73:d0:3d:bc:b3:69:cb:8f:5b:f9:
0c:f1:00:09:7d:0c:cc:8a:85:3b:c6:4f:8d:e5:82:53:e7:a0:
db:da:d9:a8:93:91:54:1c:bd:27:61:dd:8b:fd:cb:2d:5f:57:
09:81:f0:56:75:18:2b:c2:00:b8:1e:bf:65:ba:57:e8:8b:c0:
6d:50:77:f0:3f:d3:f1:2e:b7:f4:0e:01:44:21:e5:26:30:ad:
df:f4:5a:24:b6:e5:7f:93:d5:d7:15:25:c2:10:f4:24:c3:9f:
0b:5d:b6:93:dd:3b:3f:af:ec:19:59:da:be:75:da:cc:89:7a:
3d:cd:b9:bb:11:7d:89:bc:94:eb:a3:31:a9:ff:1d:ab:b3:00:
41:20:f9:7b:74:7a:ab:d1:bb:6a:0d:7b:c3:16:81:e9:51:78:
a5:74:f4:0a:47:b7:9a:10:e4:23:dc:9c:f9:0b:b4:ca:66:57:
79:19:e6:2e:81:c1:90:9a:bf:74:ab:ab:07:5c:7d:75:d3:29:
c8:c4:15:af:83:1b:0b:ff:f9:05:51:c8:5b:44:31:5c:9f:92:
22:43:66:d3:94:42:67:7e:06:d6:3b:2a:f1:0f:48:b2:fc:b5:
b6:db:ca:7e:28:46:2b:51:cb:31:11:6e:61:d4:29:d5:ea:db:
78:c0:e4:dc
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUDzzel8qucLht5SghQ+Df3BrXzNQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTA2MzAyMTI0NThaFw0yNjA2MjkyMTI5NThaMDMxMTAvBgNV
BAMTKDdGNDZFNUZEQkNFRTJFRTQwQ0RDMzkzMkZENzkyM0Q3NzNCNUYzOTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdAThN9S6yabMzBwqlK3QEQqHj
SuwiA2NGVTmxyN6GDs2XmAFsl2eMJlAPre11/BWNLil+PSlmsxUWUqQk4w0DYh37
qn6SwNi0c3HoIGDfDWoJVbSVu5ql3ePoLqE0DudenOfZ1bILv44T7jGdmghpHKGB
xnOpLOdLjetDWc2Tk6Dr0e3MJ6nghX82kQ8+v+omlgsHRRAzgiyL2Vo4m6CXZQ8a
QkFhzt2+wwP4Wg7POT3JJGHyQZ+02Aa46S3kA4AlaycBSrBHEUGfL47FmIfsKKy5
+BvIbx695KVffuK18Rt2W1MNt873F8V8n6V+ElzkjtYNfzn2lW4jl4wjXEr5AgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUf0bl/bzuLuQM3Dky/Xkj13O185MwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzMyZTM0MzIy
ZTM5MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMjMzMzgucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADBKmMwDQYJKoZIhvcNAQELBQADggEBAJU6NvsP1eHHc9A9vLNpy49b+Qzx
AAl9DMyKhTvGT43lglPnoNva2aiTkVQcvSdh3Yv9yy1fVwmB8FZ1GCvCALgev2W6
V+iLwG1Qd/A/0/Eut/QOAUQh5SYwrd/0WiS25X+T1dcVJcIQ9CTDnwtdtpPdOz+v
7BlZ2r512syJej3NubsRfYm8lOujMan/HauzAEEg+Xt0eqvRu2oNe8MWgelReKV0
9ApHt5oQ5CPcnPkLtMpmV3kZ5i6BwZCav3SrqwdcfXXTKcjEFa+DGwv/+QVRyFtE
MVyfkiJDZtOUQmd+BtY7KvEPSLL8tbbbyn4oRitRyzERbmHUKdXq23jA5Nw=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:30:06 2025 by rpki-client