Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139322e302f32342d3234203d3e20343030303339.roa
File: 3139332e3130392e3139322e302f32342d3234203d3e20343030303339.roa (raw, json)
Hash identifier: fFy7Y1mNGjhqx1ScUZVCzWGsyDaL02OMTl5mD5Qmwb4=
Subject key identifier: 94:4C:53:6A:38:57:54:BF:C4:EE:E6:D0:D2:6B:38:6A:34:27:1B:A0
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 271807DA553EA6FE7640E4202D5328A34307B347
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139322e302f32342d3234203d3e20343030303339.roa
Signing time: Wed 10 Sep 2025 09:55:00 +0000
ROA not before: Wed 10 Sep 2025 09:50:00 +0000
ROA not after: Wed 09 Sep 2026 09:55:00 +0000
asID: 400039
IP address blocks: 193.109.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 00:06:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:18:07:da:55:3e:a6:fe:76:40:e4:20:2d:53:28:a3:43:07:b3:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Sep 10 09:50:00 2025 GMT
Not After : Sep 9 09:55:00 2026 GMT
Subject: CN=944C536A385754BFC4EEE6D0D26B386A34271BA0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:20:45:e5:d2:3e:34:96:5b:36:f4:38:11:48:
d1:bc:9e:76:36:71:b3:db:52:cc:74:35:74:81:c2:
a4:05:91:e3:5d:0d:52:04:0f:9d:42:87:c2:4d:80:
9d:e7:3e:e6:b5:b8:2d:95:d6:79:0d:ef:f9:82:72:
7f:ba:c0:38:ee:e5:31:3e:99:75:39:cc:03:46:d3:
3c:14:8d:49:d4:b1:e3:c6:0a:03:1e:05:31:f2:12:
43:21:6a:36:46:c2:ce:d5:b0:a2:c4:c5:71:8e:47:
5d:c8:7c:0d:c9:eb:eb:99:d1:e5:ca:09:cc:79:f5:
1f:ab:ce:7c:4d:c9:09:11:bb:da:84:62:06:55:5c:
23:61:5c:56:18:6c:8a:81:5c:22:44:9b:d3:d4:30:
e6:2a:61:b3:86:4f:fb:a9:60:05:97:9b:59:86:b1:
83:5e:78:ae:47:80:76:ee:83:5c:10:08:93:d4:3e:
2e:b7:6b:54:63:c1:b9:ae:f8:19:f5:df:17:01:76:
3f:d4:71:7d:bb:b7:9b:da:8c:0d:86:27:cf:e3:c3:
2c:62:10:4b:da:63:b4:5c:56:66:5c:a9:75:d6:b0:
6b:57:05:4f:6f:bc:ae:06:2d:21:05:0b:a7:c4:88:
39:7e:d8:64:b8:78:96:c4:e2:b3:d4:72:2a:4c:85:
a7:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:4C:53:6A:38:57:54:BF:C4:EE:E6:D0:D2:6B:38:6A:34:27:1B:A0
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139322e302f32342d3234203d3e20343030303339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.192.0/24
Signature Algorithm: sha256WithRSAEncryption
92:da:ba:96:4a:0e:d0:40:8f:66:3c:c5:41:f6:0c:33:10:78:
39:cf:ea:d8:25:51:a2:20:eb:93:54:8a:6b:9a:e2:0c:bd:4c:
57:6d:6c:d1:6b:4e:92:40:cf:23:c0:89:b0:ca:74:86:be:c6:
39:37:e8:c1:71:8e:09:9f:4d:78:1c:63:80:4b:f3:38:b1:66:
c5:29:cb:a7:80:3b:76:47:64:e2:46:1c:84:2c:20:ee:e0:13:
7f:ac:06:51:d8:8f:41:68:85:8d:d0:f3:5f:bb:86:84:df:6d:
c5:e9:d9:7f:86:6b:dc:0e:03:ae:3b:94:19:17:aa:33:e4:29:
d5:d5:74:61:bf:6d:fc:d9:b1:39:38:2c:10:7b:80:33:c5:f0:
46:d5:41:14:17:a8:3e:25:26:1d:90:f8:9e:5f:a1:25:c2:dc:
96:af:7b:cc:92:ba:66:fc:88:ae:32:f4:20:df:30:17:63:3c:
3c:51:f6:ca:69:8d:0f:8a:09:01:ce:5e:49:35:c7:af:b7:a1:
fd:35:92:f4:ae:18:28:87:48:c6:9f:9a:24:96:ac:57:52:50:
aa:2e:5d:4f:38:23:af:e3:fc:64:c4:8c:3a:95:97:cc:0e:59:
52:33:cd:76:f0:e7:fc:86:49:bb:e7:fa:3c:4e:eb:de:d1:46:
3b:0e:84:a9
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUJxgH2lU+pv52QOQgLVMoo0MHs0cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTA5MTAwOTUwMDBaFw0yNjA5MDkwOTU1MDBaMDMxMTAvBgNV
BAMTKDk0NEM1MzZBMzg1NzU0QkZDNEVFRTZEMEQyNkIzODZBMzQyNzFCQTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbIEXl0j40lls29DgRSNG8nnY2
cbPbUsx0NXSBwqQFkeNdDVIED51Ch8JNgJ3nPua1uC2V1nkN7/mCcn+6wDju5TE+
mXU5zANG0zwUjUnUsePGCgMeBTHyEkMhajZGws7VsKLExXGOR13IfA3J6+uZ0eXK
Ccx59R+rznxNyQkRu9qEYgZVXCNhXFYYbIqBXCJEm9PUMOYqYbOGT/upYAWXm1mG
sYNeeK5HgHbug1wQCJPUPi63a1Rjwbmu+Bn13xcBdj/UcX27t5vajA2GJ8/jwyxi
EEvaY7RcVmZcqXXWsGtXBU9vvK4GLSEFC6fEiDl+2GS4eJbE4rPUcipMhafNAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUlExTajhXVL/E7ubQ0ms4ajQnG6AwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzOTMzMmUzMTMwMzkyZTMx
MzkzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzAzMDMwMzMzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMFtwDANBgkqhkiG9w0BAQsFAAOCAQEAktq6lkoO0ECPZjzFQfYMMxB4Oc/q
2CVRoiDrk1SKa5riDL1MV21s0WtOkkDPI8CJsMp0hr7GOTfowXGOCZ9NeBxjgEvz
OLFmxSnLp4A7dkdk4kYchCwg7uATf6wGUdiPQWiFjdDzX7uGhN9txenZf4Zr3A4D
rjuUGReqM+Qp1dV0Yb9t/NmxOTgsEHuAM8XwRtVBFBeoPiUmHZD4nl+hJcLclq97
zJK6ZvyIrjL0IN8wF2M8PFH2ymmND4oJAc5eSTXHr7eh/TWS9K4YKIdIxp+aJJas
V1JQqi5dTzgjr+P8ZMSMOpWXzA5ZUjPNdvDn/IZJu+f6PE7r3tFGOw6EqQ==
-----END CERTIFICATE-----
Generated at Wed Sep 17 17:37:41 2025 by rpki-client