Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37332e302f32342d3234203d3e20323132323338.roa
File: 3231332e3133392e37332e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: Dtv0Rk3S6CYGgeyc9Utp8OCStFSnf/fyoGbb6uGogTI=
Subject key identifier: 56:7E:5A:EC:09:4A:16:8D:84:F2:ED:43:8B:F3:DC:CB:78:78:CE:2F
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 7A8E12D62D6E713472B73166F69130F97012A75F
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37332e302f32342d3234203d3e20323132323338.roa
Signing time: Tue 30 Sep 2025 12:43:19 +0000
ROA not before: Tue 30 Sep 2025 12:38:19 +0000
ROA not after: Tue 29 Sep 2026 12:43:19 +0000
asID: 212238
IP address blocks: 213.139.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 Oct 2025 19:37:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:8e:12:d6:2d:6e:71:34:72:b7:31:66:f6:91:30:f9:70:12:a7:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Sep 30 12:38:19 2025 GMT
Not After : Sep 29 12:43:19 2026 GMT
Subject: CN=567E5AEC094A168D84F2ED438BF3DCCB7878CE2F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e6:b4:33:0e:fc:ce:d1:5d:f2:18:af:c6:98:
a4:7c:3d:2a:11:27:02:44:ae:50:e2:85:2e:f3:b8:
e8:2d:b3:da:b0:1b:25:82:4c:d8:d4:61:84:eb:d2:
ea:ef:27:ed:f7:48:6c:14:4f:0c:b1:e0:51:8a:64:
ee:a4:a6:4d:6d:ca:8a:66:2c:a5:eb:ce:b5:f4:14:
51:b6:a6:f1:19:e9:ee:5f:c3:93:76:a0:45:88:11:
f3:1f:cd:2d:db:6e:88:a5:c7:1d:47:e5:b8:35:03:
1e:6f:65:6d:1e:3a:03:d3:ca:97:a6:7c:c0:9a:65:
29:38:dd:ad:c6:dc:cb:ca:03:c1:b4:44:d6:58:02:
29:70:1d:99:98:4c:9e:90:b9:7e:b4:f3:42:5f:d4:
83:45:cc:8c:cc:04:1c:57:86:3f:7d:d1:d8:52:8d:
5c:9b:a0:8e:9f:a3:fe:14:43:2a:e7:41:45:a8:85:
33:9d:b0:81:12:a1:3f:82:fd:0a:76:d4:ef:06:83:
d2:3c:95:68:25:d4:7b:e9:3a:b2:05:c6:39:20:3c:
c8:4d:3f:a9:f0:e6:53:23:f8:73:86:8b:fa:7a:8d:
b9:92:8a:99:d6:83:3d:64:e5:e8:74:d1:a5:bc:a2:
f7:40:79:5c:75:15:f3:3b:9a:b6:d0:2b:95:92:20:
93:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:7E:5A:EC:09:4A:16:8D:84:F2:ED:43:8B:F3:DC:CB:78:78:CE:2F
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37332e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.73.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:a5:19:81:d2:04:15:f1:1e:a6:df:01:45:9d:90:ac:c5:cc:
bc:98:d8:42:b5:e4:5b:2c:0d:2d:a4:e5:87:18:dd:fb:5a:33:
c5:cb:14:c3:4a:4e:fd:40:06:ad:f7:61:80:a4:4b:c1:69:51:
32:26:58:96:7b:bf:f3:9e:aa:b6:bc:7b:a0:f0:e6:dc:bb:1f:
4d:b0:4d:a6:e4:0c:b9:e4:35:6b:85:57:d5:0f:ee:77:5c:d0:
7a:8b:e4:95:56:4d:7a:95:b0:95:62:0a:a4:2d:6f:de:ca:88:
99:cf:76:25:b1:40:76:43:c4:2d:a4:74:59:d8:60:cf:d7:c4:
9f:f0:a0:0c:3f:14:7a:2c:c3:35:33:0c:b7:a3:be:c4:a7:ca:
6b:c5:40:ee:4e:e5:39:92:c9:6e:b8:31:1b:4a:73:77:44:0e:
ad:78:a7:c7:38:ff:db:96:76:00:7e:e0:65:6b:78:3e:e9:8e:
ec:f0:bd:cd:aa:f2:81:4e:cf:67:33:96:85:9e:f9:dc:e4:d7:
7d:a2:b8:48:b5:4d:b2:75:88:57:ee:d8:04:63:07:86:e4:98:
30:c0:d0:73:c6:c8:3c:d3:7a:42:39:94:af:9a:5a:59:bb:85:
7c:c6:0b:d5:9f:1d:04:0c:c7:f7:d5:12:2a:4d:eb:7e:e9:af:
1e:9f:df:3c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUeo4S1i1ucTRytzFm9pEw+XASp18wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNTA5MzAxMjM4MTlaFw0yNjA5MjkxMjQzMTlaMDMxMTAvBgNV
BAMTKDU2N0U1QUVDMDk0QTE2OEQ4NEYyRUQ0MzhCRjNEQ0NCNzg3OENFMkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDB5rQzDvzO0V3yGK/GmKR8PSoR
JwJErlDihS7zuOgts9qwGyWCTNjUYYTr0urvJ+33SGwUTwyx4FGKZO6kpk1tyopm
LKXrzrX0FFG2pvEZ6e5fw5N2oEWIEfMfzS3bboilxx1H5bg1Ax5vZW0eOgPTypem
fMCaZSk43a3G3MvKA8G0RNZYAilwHZmYTJ6QuX6080Jf1INFzIzMBBxXhj990dhS
jVyboI6fo/4UQyrnQUWohTOdsIESoT+C/Qp21O8Gg9I8lWgl1HvpOrIFxjkgPMhN
P6nw5lMj+HOGi/p6jbmSipnWgz1k5eh00aW8ovdAeVx1FfM7mrbQK5WSIJO7AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUVn5a7AlKFo2E8u1Di/Pcy3h4zi8wHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM3
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMjMzMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADVi0kwDQYJKoZIhvcNAQELBQADggEBAD+lGYHSBBXxHqbfAUWdkKzFzLyY2EK1
5FssDS2k5YcY3ftaM8XLFMNKTv1ABq33YYCkS8FpUTImWJZ7v/Oeqra8e6Dw5ty7
H02wTabkDLnkNWuFV9UP7ndc0HqL5JVWTXqVsJViCqQtb97KiJnPdiWxQHZDxC2k
dFnYYM/XxJ/woAw/FHoswzUzDLejvsSnymvFQO5O5TmSyW64MRtKc3dEDq14p8c4
/9uWdgB+4GVreD7pjuzwvc2q8oFOz2czloWe+dzk132iuEi1TbJ1iFfu2ARjB4bk
mDDA0HPGyDzTekI5lK+aWlm7hXzGC9WfHQQMx/fVEipN637prx6f3zw=
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:19:51 2025 by rpki-client