Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139352e302f32342d3234203d3e203634323637.roa
File: 3139332e3130392e3139352e302f32342d3234203d3e203634323637.roa (raw, json)
Hash identifier: GXKhK2lypurd8dWoL+OEJpxY1YLUhyK3ZLJLjqAkvgc=
Subject key identifier: D9:F2:33:13:F8:1B:03:F5:4B:FD:F9:13:52:F0:2D:9A:21:CC:DC:8B
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 7E47EDA28941D206575D6CF2C2E109BC0BF3DC48
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139352e302f32342d3234203d3e203634323637.roa
Signing time: Wed 10 Sep 2025 09:55:00 +0000
ROA not before: Wed 10 Sep 2025 09:50:00 +0000
ROA not after: Wed 09 Sep 2026 09:55:00 +0000
asID: 64267
IP address blocks: 193.109.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 17:09:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:47:ed:a2:89:41:d2:06:57:5d:6c:f2:c2:e1:09:bc:0b:f3:dc:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Sep 10 09:50:00 2025 GMT
Not After : Sep 9 09:55:00 2026 GMT
Subject: CN=D9F23313F81B03F54BFDF91352F02D9A21CCDC8B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b6:a7:ff:f8:09:9e:03:44:30:b9:56:06:dc:
71:da:cb:9c:53:9a:50:33:80:a1:c9:21:4c:35:1a:
94:6b:d7:aa:28:bc:4f:e7:2c:7d:5a:37:4d:de:97:
fe:4e:8b:b6:83:f5:19:fc:df:d4:58:ab:4d:c7:b0:
cd:42:0f:96:83:60:75:75:0e:76:29:7a:cd:13:ac:
b2:4b:9e:5c:8b:98:e2:76:88:1a:f5:53:7c:ba:00:
e9:d1:25:47:83:e6:44:5d:d3:dc:29:a6:a0:d8:8a:
4a:75:fd:02:20:eb:de:39:91:09:18:88:3e:cb:e1:
00:be:a4:f8:e0:1e:9e:49:a4:84:e6:18:2e:7d:27:
fb:56:d6:22:97:32:54:69:b6:cf:cf:99:ee:4d:49:
b5:4c:e7:9e:4e:f0:de:71:dd:8e:1e:2e:42:ce:37:
f5:53:08:92:eb:d4:23:f0:05:9b:37:d0:d3:d5:7c:
a9:25:be:2b:57:6c:14:29:1d:fb:d8:6b:59:a2:08:
f9:17:7c:15:ea:eb:32:4d:a4:1d:dd:d1:d0:e0:57:
09:97:71:2c:66:6c:c4:27:06:98:c7:72:a9:d3:3d:
f9:7c:60:76:ec:af:07:18:5f:5f:c8:7d:90:aa:cc:
07:2c:1a:a9:3f:9e:19:3f:b7:12:ad:31:27:0e:c9:
7f:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:F2:33:13:F8:1B:03:F5:4B:FD:F9:13:52:F0:2D:9A:21:CC:DC:8B
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139352e302f32342d3234203d3e203634323637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.195.0/24
Signature Algorithm: sha256WithRSAEncryption
65:6c:fb:e8:da:a3:2d:1d:9c:cb:69:7e:16:cf:ce:a3:d6:3d:
68:83:e2:fd:b4:4f:73:7b:b5:3d:c8:d9:a9:d9:fb:da:05:50:
5f:3a:b9:f0:a1:d5:90:a6:93:1c:7b:33:03:ad:fe:8b:be:49:
e4:ce:61:df:1d:91:d0:a2:00:bf:8d:78:f1:43:3d:11:60:95:
ed:03:30:86:a4:48:c4:2c:88:f7:f1:02:00:c5:ee:23:83:1a:
c6:ba:38:6f:80:89:cf:85:9c:dd:04:7b:fc:c9:bd:b1:f8:91:
d3:6f:51:62:9c:80:b8:a3:16:73:52:f3:e0:cb:df:ef:1b:ed:
c8:b8:31:f9:b8:7b:87:c5:b8:54:28:d1:1e:8a:b3:c9:cd:0d:
ee:32:8d:b1:73:31:25:a0:80:bc:50:67:c5:f8:a6:d1:c6:1b:
b0:73:81:11:36:b4:d3:48:e0:7e:7b:6f:c4:13:26:0d:51:8d:
1d:77:f4:11:2f:b2:b5:50:2c:a4:38:1a:cd:da:08:81:d5:31:
32:89:69:2b:f0:cc:0f:37:fd:ca:3d:17:38:39:4d:9f:c2:9c:
ca:9b:e4:c6:9c:67:c6:16:e5:a8:49:1b:95:7c:96:52:19:8e:
3d:e6:2f:e6:f9:c2:4b:6c:1e:ff:16:e4:da:ce:2a:64:aa:b4:
7b:89:6d:f5
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUfkftoolB0gZXXWzywuEJvAvz3EgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTA5MTAwOTUwMDBaFw0yNjA5MDkwOTU1MDBaMDMxMTAvBgNV
BAMTKEQ5RjIzMzEzRjgxQjAzRjU0QkZERjkxMzUyRjAyRDlBMjFDQ0RDOEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCltqf/+AmeA0QwuVYG3HHay5xT
mlAzgKHJIUw1GpRr16oovE/nLH1aN03el/5Oi7aD9Rn839RYq03HsM1CD5aDYHV1
DnYpes0TrLJLnlyLmOJ2iBr1U3y6AOnRJUeD5kRd09wppqDYikp1/QIg6945kQkY
iD7L4QC+pPjgHp5JpITmGC59J/tW1iKXMlRpts/Pme5NSbVM555O8N5x3Y4eLkLO
N/VTCJLr1CPwBZs30NPVfKklvitXbBQpHfvYa1miCPkXfBXq6zJNpB3d0dDgVwmX
cSxmbMQnBpjHcqnTPfl8YHbsrwcYX1/IfZCqzAcsGqk/nhk/txKtMScOyX/5AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU2fIzE/gbA/VL/fkTUvAtmiHM3IswHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzOTMzMmUzMTMwMzkyZTMx
MzkzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzQzMjM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADBbcMwDQYJKoZIhvcNAQELBQADggEBAGVs++jaoy0dnMtpfhbPzqPWPWiD4v20
T3N7tT3I2anZ+9oFUF86ufCh1ZCmkxx7MwOt/ou+SeTOYd8dkdCiAL+NePFDPRFg
le0DMIakSMQsiPfxAgDF7iODGsa6OG+Aic+FnN0Ee/zJvbH4kdNvUWKcgLijFnNS
8+DL3+8b7ci4Mfm4e4fFuFQo0R6Ks8nNDe4yjbFzMSWggLxQZ8X4ptHGG7BzgRE2
tNNI4H57b8QTJg1RjR139BEvsrVQLKQ4Gs3aCIHVMTKJaSvwzA83/co9Fzg5TZ/C
nMqb5MacZ8YW5ahJG5V8llIZjj3mL+b5wktsHv8W5NrOKmSqtHuJbfU=
-----END CERTIFICATE-----
Generated at Thu Sep 18 05:47:55 2025 by rpki-client