Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139342e302f32342d3234203d3e203631333137.roa
File: 3139332e3130392e3139342e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: JD/jR1KV6e2lgh5l7GYobIOZmDBTZh+ul/eQIkogvrs=
Subject key identifier: 45:4E:E9:F5:E7:55:6C:4C:24:02:B4:23:99:B7:6C:BE:BC:91:E9:9C
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 2BFAE8544D774ECA01922DB1A69FEC386E6BCF2E
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139342e302f32342d3234203d3e203631333137.roa
Signing time: Wed 10 Sep 2025 09:55:01 +0000
ROA not before: Wed 10 Sep 2025 09:50:01 +0000
ROA not after: Wed 09 Sep 2026 09:55:01 +0000
asID: 61317
IP address blocks: 193.109.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 15:33:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:fa:e8:54:4d:77:4e:ca:01:92:2d:b1:a6:9f:ec:38:6e:6b:cf:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Sep 10 09:50:01 2025 GMT
Not After : Sep 9 09:55:01 2026 GMT
Subject: CN=454EE9F5E7556C4C2402B42399B76CBEBC91E99C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:64:fd:5e:6e:67:4a:21:7e:8e:b7:4b:cd:95:
c8:95:aa:89:d9:19:99:d5:b3:a6:7e:be:71:10:c0:
2a:dd:12:0c:4a:d8:03:7c:4c:72:c0:3c:ca:d2:a0:
d1:32:1e:ca:bf:4b:97:fb:e6:17:b4:bc:fa:07:6e:
f6:2c:b8:c5:a9:6f:dc:9d:2c:b8:14:46:4d:d2:40:
2b:e2:01:0c:90:3d:a7:a8:f5:11:4d:a5:3f:c1:70:
20:02:3a:79:2c:77:fd:4b:81:55:12:37:f2:d1:8d:
18:a4:6d:f5:d3:a7:f2:0c:31:36:45:44:6e:ae:c4:
23:5a:8b:e7:4c:65:a2:86:d4:17:33:a8:8f:29:f6:
c9:e8:92:e5:f8:3f:43:d0:01:89:08:4f:ac:1c:81:
74:25:4a:5f:d9:02:3f:cc:bc:20:41:8c:28:82:a9:
90:c4:13:a4:6c:3c:3a:44:84:45:c0:54:1d:47:9c:
2b:1b:cc:71:11:7a:ce:40:0f:9e:d6:fa:28:02:fc:
87:99:75:24:08:96:88:52:0f:c0:3e:e3:f8:de:e7:
57:81:31:42:59:80:22:61:bf:1c:c6:c8:86:ee:fa:
ac:b4:2a:56:a7:ce:e7:09:b5:04:5c:13:b7:28:8f:
2b:3e:ff:3a:d3:3a:e8:c8:4a:b1:27:3e:8d:d4:08:
a8:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:4E:E9:F5:E7:55:6C:4C:24:02:B4:23:99:B7:6C:BE:BC:91:E9:9C
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139342e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.194.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:5d:6b:55:9e:f7:b2:f6:b8:5b:3e:4b:a6:97:4a:bb:0f:a6:
0f:1a:e5:93:7b:8f:d1:1b:60:d7:1c:32:29:c9:5a:02:c5:77:
b8:28:59:87:3e:3e:aa:3b:e5:4c:d2:20:e4:bb:3f:fe:17:4b:
a3:94:10:7d:0e:d4:d0:05:9f:95:80:99:28:fa:83:03:8f:cd:
3c:ff:a5:fe:2c:37:73:ee:f8:07:94:73:0f:72:cb:da:17:55:
88:96:f8:46:70:a0:50:93:82:3d:49:b0:5b:2a:98:77:ef:bb:
c2:a6:b3:a4:8d:ea:bd:c7:47:00:df:f0:4b:5e:ad:e8:28:68:
4c:d4:38:06:40:b9:12:29:9f:da:0a:22:6e:08:e0:90:15:6a:
5a:a6:1a:82:94:db:e4:60:f3:85:fe:c3:a5:ff:ea:4a:b7:ad:
f4:0c:1f:57:42:2e:09:24:3b:e4:53:ce:9f:2b:13:03:28:cf:
1d:1b:08:52:e5:8d:26:e3:2d:a6:fe:9e:62:b2:38:6f:3e:98:
0b:93:15:91:44:6d:c5:c7:3e:d4:9f:50:ca:08:26:3e:09:9d:
cb:86:c9:5b:33:0b:bd:3f:03:20:8c:1e:ae:86:ec:9b:58:08:
12:78:e2:20:b1:1c:fa:38:96:10:c4:6b:15:a3:d0:2e:45:fc:
06:ce:d6:3a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUK/roVE13TsoBki2xpp/sOG5rzy4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTA5MTAwOTUwMDFaFw0yNjA5MDkwOTU1MDFaMDMxMTAvBgNV
BAMTKDQ1NEVFOUY1RTc1NTZDNEMyNDAyQjQyMzk5Qjc2Q0JFQkM5MUU5OUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqZP1ebmdKIX6Ot0vNlciVqonZ
GZnVs6Z+vnEQwCrdEgxK2AN8THLAPMrSoNEyHsq/S5f75he0vPoHbvYsuMWpb9yd
LLgURk3SQCviAQyQPaeo9RFNpT/BcCACOnksd/1LgVUSN/LRjRikbfXTp/IMMTZF
RG6uxCNai+dMZaKG1BczqI8p9snokuX4P0PQAYkIT6wcgXQlSl/ZAj/MvCBBjCiC
qZDEE6RsPDpEhEXAVB1HnCsbzHERes5AD57W+igC/IeZdSQIlohSD8A+4/je51eB
MUJZgCJhvxzGyIbu+qy0KlanzucJtQRcE7cojys+/zrTOujISrEnPo3UCKjNAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQURU7p9edVbEwkArQjmbdsvryR6ZwwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzOTMzMmUzMTMwMzkyZTMx
MzkzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzEzMzMxMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADBbcIwDQYJKoZIhvcNAQELBQADggEBAAtda1We97L2uFs+S6aXSrsPpg8a5ZN7
j9EbYNccMinJWgLFd7goWYc+Pqo75UzSIOS7P/4XS6OUEH0O1NAFn5WAmSj6gwOP
zTz/pf4sN3Pu+AeUcw9yy9oXVYiW+EZwoFCTgj1JsFsqmHfvu8Kms6SN6r3HRwDf
8EteregoaEzUOAZAuRIpn9oKIm4I4JAValqmGoKU2+Rg84X+w6X/6kq3rfQMH1dC
LgkkO+RTzp8rEwMozx0bCFLljSbjLab+nmKyOG8+mAuTFZFEbcXHPtSfUMoIJj4J
ncuGyVszC70/AyCMHq6G7JtYCBJ44iCxHPo4lhDEaxWj0C5F/AbO1jo=
-----END CERTIFICATE-----
Generated at Wed Sep 17 17:36:45 2025 by rpki-client