Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e35302e3234332e302f32342d3234203d3e20333939363431.roa
File: 3139342e35302e3234332e302f32342d3234203d3e20333939363431.roa (raw, json)
Hash identifier: aRQf3ruVLXzzQ/FAWeCN4tpxuy455EHSMUangP0GVpQ=
Subject key identifier: A4:17:BF:38:ED:3C:9A:91:D5:94:36:1F:34:2C:BF:EA:2E:5D:3F:1B
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 5DE81D92620481C747432988762E5D574FB55D8F
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e35302e3234332e302f32342d3234203d3e20333939363431.roa
Signing time: Fri 05 Sep 2025 20:55:00 +0000
ROA not before: Fri 05 Sep 2025 20:50:00 +0000
ROA not after: Fri 04 Sep 2026 20:55:00 +0000
asID: 399641
IP address blocks: 194.50.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.mft
rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Sep 2025 03:07:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:e8:1d:92:62:04:81:c7:47:43:29:88:76:2e:5d:57:4f:b5:5d:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Sep 5 20:50:00 2025 GMT
Not After : Sep 4 20:55:00 2026 GMT
Subject: CN=A417BF38ED3C9A91D594361F342CBFEA2E5D3F1B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:45:16:d1:ad:5d:cf:71:09:63:20:17:34:87:
ea:bf:81:a3:f3:4e:4a:d9:79:58:55:3e:96:74:2e:
ec:07:ad:1a:90:07:1e:29:b8:64:24:57:43:9d:41:
70:72:71:82:29:c2:5b:e0:a9:6e:db:ad:a9:99:7e:
f1:78:59:fb:7a:2f:40:53:4b:91:13:5f:f1:f4:67:
4f:90:c4:40:c0:0d:7f:72:76:79:89:c1:1f:22:de:
ce:25:75:d0:87:70:44:09:e7:35:37:0f:5a:22:e5:
f6:eb:aa:d0:26:da:ad:f5:bc:d3:0e:86:b1:b7:a7:
29:28:e1:05:a2:17:2f:33:d4:23:c6:c1:ad:e1:b8:
8b:80:dd:ab:25:ed:ed:a4:1a:21:83:d8:5a:06:d2:
6f:9d:b2:8b:5f:14:da:fd:cb:7c:d0:85:16:b3:d8:
e4:25:b5:70:99:fb:fb:18:57:bf:08:53:32:3a:96:
fc:53:50:c2:9d:9e:67:23:75:08:89:e0:b2:d5:14:
99:f1:84:ba:fb:d5:a1:ca:e0:16:31:ee:f8:f8:33:
39:40:e7:13:a9:dc:4d:a6:59:ad:a0:77:00:75:7a:
af:c7:10:2e:ec:60:7b:cf:e3:d6:ab:d8:ee:bc:ac:
46:03:82:31:21:40:f9:0c:9e:16:c9:4e:85:5a:2a:
ac:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:17:BF:38:ED:3C:9A:91:D5:94:36:1F:34:2C:BF:EA:2E:5D:3F:1B
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e35302e3234332e302f32342d3234203d3e20333939363431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.243.0/24
Signature Algorithm: sha256WithRSAEncryption
53:e7:49:e2:2e:c6:6b:c5:c2:4d:0a:1d:8b:05:e3:f7:7c:fe:
86:bd:ab:2e:09:5b:65:cf:34:84:8d:45:ed:12:ae:0d:07:6e:
da:85:48:fd:78:47:43:07:b6:a3:ff:17:6a:6d:d3:34:6f:da:
28:e9:5f:c0:c1:8d:d6:7e:b5:97:e8:98:6e:e1:0f:42:10:24:
15:fa:a7:b8:41:62:40:22:51:a9:10:bb:c5:66:b7:c4:6a:0b:
11:c7:8a:7c:90:b8:45:c4:48:40:87:a7:77:3c:be:ce:de:0e:
1d:6f:a5:19:ed:ba:76:05:f7:7f:33:42:ca:d3:b2:74:3e:9b:
c0:0e:78:93:7e:04:26:c1:27:13:e7:88:1e:3c:1f:3e:3b:61:
aa:b1:cd:cd:ed:ba:e3:95:c9:81:b4:10:c5:5e:e6:00:f8:47:
85:93:a3:f8:15:48:19:cb:81:5d:21:9c:9f:82:08:a1:03:fa:
9a:7c:2a:41:0a:a9:5d:e2:5d:e1:af:71:c8:24:8a:2f:00:55:
d6:59:63:44:45:59:ef:04:8a:3a:3a:f6:fb:78:d4:17:da:0f:
44:39:16:3e:8b:85:ca:92:c6:7c:e8:46:e8:f0:b7:44:79:9b:
9a:63:de:06:16:97:6f:0f:3c:6a:c3:6d:cf:76:45:ca:cc:31:
17:70:c2:06
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUXegdkmIEgcdHQymIdi5dV0+1XY8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNTA5MDUyMDUwMDBaFw0yNjA5MDQyMDU1MDBaMDMxMTAvBgNV
BAMTKEE0MTdCRjM4RUQzQzlBOTFENTk0MzYxRjM0MkNCRkVBMkU1RDNGMUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7RRbRrV3PcQljIBc0h+q/gaPz
TkrZeVhVPpZ0LuwHrRqQBx4puGQkV0OdQXBycYIpwlvgqW7bramZfvF4Wft6L0BT
S5ETX/H0Z0+QxEDADX9ydnmJwR8i3s4lddCHcEQJ5zU3D1oi5fbrqtAm2q31vNMO
hrG3pyko4QWiFy8z1CPGwa3huIuA3asl7e2kGiGD2FoG0m+dsotfFNr9y3zQhRaz
2OQltXCZ+/sYV78IUzI6lvxTUMKdnmcjdQiJ4LLVFJnxhLr71aHK4BYx7vj4MzlA
5xOp3E2mWa2gdwB1eq/HEC7sYHvP49ar2O68rEYDgjEhQPkMnhbJToVaKqwlAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUpBe/OO08mpHVlDYfNCy/6i5dPxswHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzEzOTM0MmUzNTMwMmUzMjM0
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzkzNjM0MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCMvMwDQYJKoZIhvcNAQELBQADggEBAFPnSeIuxmvFwk0KHYsF4/d8/oa9qy4J
W2XPNISNRe0Srg0HbtqFSP14R0MHtqP/F2pt0zRv2ijpX8DBjdZ+tZfomG7hD0IQ
JBX6p7hBYkAiUakQu8Vmt8RqCxHHinyQuEXESECHp3c8vs7eDh1vpRntunYF938z
QsrTsnQ+m8AOeJN+BCbBJxPniB48Hz47Yaqxzc3tuuOVyYG0EMVe5gD4R4WTo/gV
SBnLgV0hnJ+CCKED+pp8KkEKqV3iXeGvccgkii8AVdZZY0RFWe8Eijo69vt41Bfa
D0Q5Fj6LhcqSxnzoRujwt0R5m5pj3gYWl28PPGrDbc92RcrMMRdwwgY=
-----END CERTIFICATE-----
Generated at Fri Sep 19 09:21:35 2025 by rpki-client