Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139342e33342e3235352e302f32342d3234203d3e20313431393638.roa
File: 3139342e33342e3235352e302f32342d3234203d3e20313431393638.roa (raw, json)
Hash identifier: iQ9RYSqOmsvIqARX4nqI9wEFn//drkKsHCDo7XaSdTU=
Subject key identifier: AF:6F:C4:A3:55:A4:A8:6C:17:89:7C:4A:2B:9A:16:14:F5:B8:D5:EF
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 5B3BABC09BC1AA0E363D775174F7812898934821
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139342e33342e3235352e302f32342d3234203d3e20313431393638.roa
Signing time: Fri 24 Oct 2025 14:37:23 +0000
ROA not before: Fri 24 Oct 2025 14:32:23 +0000
ROA not after: Fri 23 Oct 2026 14:37:23 +0000
asID: 141968
IP address blocks: 194.34.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Nov 2025 07:54:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:3b:ab:c0:9b:c1:aa:0e:36:3d:77:51:74:f7:81:28:98:93:48:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Oct 24 14:32:23 2025 GMT
Not After : Oct 23 14:37:23 2026 GMT
Subject: CN=AF6FC4A355A4A86C17897C4A2B9A1614F5B8D5EF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:3c:1e:34:14:89:5b:74:ca:e7:37:e0:57:2f:
14:17:b0:6f:9e:d3:85:e0:e1:19:65:6c:58:0b:ae:
35:e8:8b:3c:c3:d8:f7:90:2a:ec:38:d1:37:79:ea:
b2:71:07:5e:5d:9a:58:16:87:d1:17:f2:33:0b:8a:
9e:78:a8:6b:64:a4:33:ec:fd:ae:da:7f:85:e5:54:
6f:eb:04:ed:4e:38:e1:b6:37:53:f2:f8:ae:79:35:
06:98:35:81:41:83:83:3c:19:b4:28:d0:b5:77:10:
6c:ac:26:92:a1:85:83:a6:9b:20:fd:a9:0e:ea:cd:
af:cc:56:b2:c0:f0:91:06:05:39:6f:d8:6a:4c:7d:
e6:e6:6d:17:64:93:88:dd:34:26:ca:87:cb:bf:8c:
fa:a2:bc:3b:a8:5f:d7:4a:14:bf:80:4d:51:ca:6b:
23:26:c5:c7:88:bd:9a:d0:a0:ca:6f:d0:a5:89:06:
9f:b2:5f:78:38:4b:04:b5:1d:66:b3:70:49:eb:a4:
73:9d:8e:7a:76:15:e9:77:07:ef:93:43:84:f8:86:
0b:54:57:23:d1:81:d0:92:6e:4f:91:05:96:09:44:
fc:4e:16:35:e3:f0:f0:8f:c8:5e:88:99:92:a1:7e:
80:1d:e8:c0:4e:4b:20:d9:4b:11:9b:cc:49:87:a2:
d2:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:6F:C4:A3:55:A4:A8:6C:17:89:7C:4A:2B:9A:16:14:F5:B8:D5:EF
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139342e33342e3235352e302f32342d3234203d3e20313431393638.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.34.255.0/24
Signature Algorithm: sha256WithRSAEncryption
27:d3:c8:a4:72:72:c2:65:34:2a:f8:6e:9c:aa:92:76:dc:8f:
44:a6:53:86:01:b1:43:ec:f2:d3:15:67:01:f7:53:b0:aa:2b:
71:01:63:51:06:b1:58:ad:4d:69:53:14:b1:c0:9b:f6:ca:cc:
f1:73:36:7e:e0:dd:13:eb:14:6a:e0:07:e4:cc:00:f0:3a:fe:
10:91:df:0d:b6:51:62:8d:ec:31:60:cf:04:07:f0:ff:10:ed:
17:4c:3c:53:19:8d:cf:77:2a:b3:0d:68:85:99:62:e3:a2:10:
6c:61:3d:4a:33:1d:89:33:d1:ef:12:55:53:1d:59:ed:c4:a9:
24:bd:9b:49:87:75:72:47:42:b0:0c:a3:ec:07:9d:11:a0:cf:
73:6f:64:5a:67:eb:ee:cc:13:a1:57:5f:2d:ab:00:b1:61:7a:
22:16:f2:85:a8:c8:22:7a:16:4e:d9:5f:ba:25:62:38:60:c7:
20:e0:55:3e:91:75:6a:3e:af:53:09:ec:d2:24:93:4f:6a:bd:
0d:e1:c1:a8:bc:52:01:a7:01:a3:b8:cf:86:1e:44:1d:94:d7:
55:fa:d2:cf:2e:5a:67:0d:c5:79:c8:85:3c:b8:33:20:56:35:
cd:5a:69:68:c5:b9:e1:bb:63:34:54:22:66:0e:22:e7:e3:28:
a2:0a:94:4a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUWzurwJvBqg42PXdRdPeBKJiTSCEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNTEwMjQxNDMyMjNaFw0yNjEwMjMxNDM3MjNaMDMxMTAvBgNV
BAMTKEFGNkZDNEEzNTVBNEE4NkMxNzg5N0M0QTJCOUExNjE0RjVCOEQ1RUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPPB40FIlbdMrnN+BXLxQXsG+e
04Xg4RllbFgLrjXoizzD2PeQKuw40Td56rJxB15dmlgWh9EX8jMLip54qGtkpDPs
/a7af4XlVG/rBO1OOOG2N1Py+K55NQaYNYFBg4M8GbQo0LV3EGysJpKhhYOmmyD9
qQ7qza/MVrLA8JEGBTlv2GpMfebmbRdkk4jdNCbKh8u/jPqivDuoX9dKFL+ATVHK
ayMmxceIvZrQoMpv0KWJBp+yX3g4SwS1HWazcEnrpHOdjnp2Fel3B++TQ4T4hgtU
VyPRgdCSbk+RBZYJRPxOFjXj8PCPyF6ImZKhfoAd6MBOSyDZSxGbzEmHotLhAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUr2/Eo1WkqGwXiXxKK5oWFPW41e8wHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzOTM0MmUzMzM0MmUzMjM1
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM0MzEzOTM2Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCIv8wDQYJKoZIhvcNAQELBQADggEBACfTyKRycsJlNCr4bpyqknbcj0SmU4YB
sUPs8tMVZwH3U7CqK3EBY1EGsVitTWlTFLHAm/bKzPFzNn7g3RPrFGrgB+TMAPA6
/hCR3w22UWKN7DFgzwQH8P8Q7RdMPFMZjc93KrMNaIWZYuOiEGxhPUozHYkz0e8S
VVMdWe3EqSS9m0mHdXJHQrAMo+wHnRGgz3NvZFpn6+7ME6FXXy2rALFheiIW8oWo
yCJ6Fk7ZX7olYjhgxyDgVT6RdWo+r1MJ7NIkk09qvQ3hwai8UgGnAaO4z4YeRB2U
11X60s8uWmcNxXnIhTy4MyBWNc1aaWjFueG7YzRUImYOIufjKKIKlEo=
-----END CERTIFICATE-----
Generated at Sat Nov 1 14:10:48 2025 by rpki-client