Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e3135302e3230352e302f32342d3234203d3e20333939363431.roa
File: 3139342e3135302e3230352e302f32342d3234203d3e20333939363431.roa (raw, json)
Hash identifier: idJKQPKJUF2hXAonhN1BXEAMnHfj84HnWx7yXLbBRME=
Subject key identifier: 0A:D4:A5:86:DF:67:AB:A6:AB:14:D3:97:04:C1:28:CD:FD:32:43:00
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 781940FEDA0AEC51EFF4EA6EF54838980ACC6E9E
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e3135302e3230352e302f32342d3234203d3e20333939363431.roa
Signing time: Fri 05 Sep 2025 20:55:00 +0000
ROA not before: Fri 05 Sep 2025 20:50:00 +0000
ROA not after: Fri 04 Sep 2026 20:55:00 +0000
asID: 399641
IP address blocks: 194.150.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.mft
rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 10:21:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:19:40:fe:da:0a:ec:51:ef:f4:ea:6e:f5:48:38:98:0a:cc:6e:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Sep 5 20:50:00 2025 GMT
Not After : Sep 4 20:55:00 2026 GMT
Subject: CN=0AD4A586DF67ABA6AB14D39704C128CDFD324300
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:6f:d8:a7:32:bc:65:af:e1:a5:91:b3:a5:8a:
3b:9e:b3:12:88:0d:c8:9c:98:82:69:97:6a:bd:ed:
cd:a9:c6:ba:41:b9:76:cb:e2:60:86:4a:1c:06:c8:
60:c9:40:f4:7c:e9:62:4d:6b:cf:f7:a4:05:e7:ee:
af:b9:3e:63:23:f3:f6:f5:ac:50:14:ff:cf:86:84:
04:0c:e3:4d:2a:b3:81:e4:d6:f7:e7:81:ca:c4:74:
3c:4f:f6:c0:02:12:16:d9:f0:14:50:df:ea:da:2d:
68:96:d6:38:27:e2:02:46:63:67:d3:09:6a:63:2b:
f6:c0:69:72:b3:b1:97:06:b6:cf:82:ca:8f:d1:d8:
e8:b3:86:27:98:c3:27:a9:77:49:fc:36:2d:78:9e:
44:9b:97:19:99:0a:06:9e:04:c0:5c:b7:ba:b4:84:
a8:e5:68:75:c6:95:53:c4:e3:4c:b0:e9:23:d8:a5:
e4:ce:a6:90:b3:9d:6b:43:26:16:c0:fb:96:dc:9d:
98:07:45:ce:ee:f9:ab:36:9b:ff:ab:28:88:c8:75:
8b:d6:f6:10:77:ef:3f:ff:0f:98:d8:b2:a0:09:13:
c9:d6:4b:65:86:c4:63:6d:7d:17:bd:8b:3d:6e:1e:
81:2b:7c:15:da:17:b6:ca:f0:9c:6e:b6:3e:32:be:
d7:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:D4:A5:86:DF:67:AB:A6:AB:14:D3:97:04:C1:28:CD:FD:32:43:00
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e3135302e3230352e302f32342d3234203d3e20333939363431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.150.205.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:f9:5e:9b:9b:5b:1e:ba:12:78:b4:9e:90:a9:0d:db:6f:87:
6d:28:98:2c:87:b7:c8:7d:30:bf:86:8b:83:fe:b5:44:5c:b5:
9f:24:6e:52:58:12:fe:53:28:68:9f:53:cc:be:a8:75:1d:16:
6e:f4:6a:07:72:28:be:2e:54:d9:9f:1e:1a:ce:af:50:33:dd:
e0:08:73:af:31:37:c6:57:11:b2:76:b4:bc:f2:1a:33:59:e1:
cf:7a:76:44:59:4c:cd:49:38:97:48:35:27:f2:16:22:11:2b:
c1:a4:de:42:7f:df:8b:00:2f:e1:64:76:f9:0a:81:bb:7b:56:
da:f4:3e:d0:7a:2e:35:5e:cc:ee:61:b9:93:d3:7a:09:b8:37:
1c:75:a5:29:62:e1:01:bf:3e:52:b3:e8:8f:3b:03:b1:56:35:
d5:8a:af:a8:3c:95:a0:ca:4d:0b:4c:a7:53:6f:26:b2:6c:3f:
c9:e6:ae:ca:91:65:85:0f:2b:6d:6a:26:30:91:48:f5:45:b3:
2c:6b:4a:44:8a:68:91:f7:3a:5f:da:47:4d:04:eb:ef:bb:a9:
7c:20:17:72:47:5a:1f:e4:9d:56:e4:df:24:98:92:1a:62:39:
cf:e6:86:9b:07:ed:84:3e:da:c7:0a:f5:25:25:89:a2:e0:c6:
89:ee:9a:d7
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUeBlA/toK7FHv9Opu9Ug4mArMbp4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNTA5MDUyMDUwMDBaFw0yNjA5MDQyMDU1MDBaMDMxMTAvBgNV
BAMTKDBBRDRBNTg2REY2N0FCQTZBQjE0RDM5NzA0QzEyOENERkQzMjQzMDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeb9inMrxlr+GlkbOlijuesxKI
DcicmIJpl2q97c2pxrpBuXbL4mCGShwGyGDJQPR86WJNa8/3pAXn7q+5PmMj8/b1
rFAU/8+GhAQM400qs4Hk1vfngcrEdDxP9sACEhbZ8BRQ3+raLWiW1jgn4gJGY2fT
CWpjK/bAaXKzsZcGts+Cyo/R2OizhieYwyepd0n8Ni14nkSblxmZCgaeBMBct7q0
hKjlaHXGlVPE40yw6SPYpeTOppCznWtDJhbA+5bcnZgHRc7u+as2m/+rKIjIdYvW
9hB37z//D5jYsqAJE8nWS2WGxGNtfRe9iz1uHoErfBXaF7bK8Jxutj4yvtdXAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUCtSlht9nq6arFNOXBMEozf0yQwAwHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzEzOTM0MmUzMTM1MzAyZTMy
MzAzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzkzOTM2MzQzMS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMKWzTANBgkqhkiG9w0BAQsFAAOCAQEApPlem5tbHroSeLSekKkN22+HbSiY
LIe3yH0wv4aLg/61RFy1nyRuUlgS/lMoaJ9TzL6odR0WbvRqB3Iovi5U2Z8eGs6v
UDPd4AhzrzE3xlcRsna0vPIaM1nhz3p2RFlMzUk4l0g1J/IWIhErwaTeQn/fiwAv
4WR2+QqBu3tW2vQ+0HouNV7M7mG5k9N6Cbg3HHWlKWLhAb8+UrPojzsDsVY11Yqv
qDyVoMpNC0ynU28msmw/yeauypFlhQ8rbWomMJFI9UWzLGtKRIpokfc6X9pHTQTr
77upfCAXckdaH+SdVuTfJJiSGmI5z+aGmwfthD7axwr1JSWJouDGie6a1w==
-----END CERTIFICATE-----
Generated at Thu Sep 18 21:37:33 2025 by rpki-client