Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS209242.roa
File: AS209242.roa (raw, json)
Hash identifier: 0PDbz/d0sWc7KWeOdVO6frYlXH7UqPaXh1w7a2SnTDw=
Subject key identifier: 84:38:2D:8D:55:93:01:92:62:F6:44:9B:41:79:96:BB:54:D9:A7:CC
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 7CDDDF0F4910E2A6096C0F0AC4DB84D5A1484760
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS209242.roa
Signing time: Wed 03 Sep 2025 17:55:00 +0000
ROA not before: Wed 03 Sep 2025 17:50:00 +0000
ROA not after: Wed 02 Sep 2026 17:55:00 +0000
asID: 209242
IP address blocks: 141.11.194.0/23 maxlen: 24
141.11.202.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:dd:df:0f:49:10:e2:a6:09:6c:0f:0a:c4:db:84:d5:a1:48:47:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Sep 3 17:50:00 2025 GMT
Not After : Sep 2 17:55:00 2026 GMT
Subject: CN=84382D8D5593019262F6449B417996BB54D9A7CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:8c:9a:2d:de:46:6f:15:a6:1b:01:16:f4:6e:
09:cf:66:dd:cc:48:c1:0b:8e:20:34:9e:42:2a:9c:
21:0c:14:57:f7:50:18:fa:e0:a3:9b:34:d6:13:0d:
a0:5c:d9:5d:be:15:1d:7d:1c:d0:4e:1a:a5:fc:0c:
cd:6a:0d:87:6d:43:bd:00:eb:d2:d3:62:1b:dc:80:
43:a5:44:c4:12:e5:de:39:54:30:ef:6c:bc:bd:15:
6c:c5:9c:31:32:2b:1e:5c:d4:95:5a:74:a2:ea:79:
72:cf:4f:3d:1e:d3:e1:e4:07:73:3f:e0:5a:69:af:
e2:19:ed:03:ea:d1:97:12:c6:c3:58:aa:a2:31:d8:
f9:90:62:0b:6d:87:6b:19:7e:2e:ba:bd:50:2c:f0:
84:b5:56:97:a3:1f:0a:85:e7:d2:99:e7:15:95:b1:
a8:ae:64:45:eb:cd:a8:48:89:7a:d2:65:8c:02:7c:
19:8a:24:8f:c0:7f:cb:a9:68:4d:85:92:2e:ae:78:
e8:89:82:9d:3a:bb:12:23:2c:30:0f:e6:3e:a9:28:
5a:e0:35:de:5f:86:0e:39:92:08:96:f7:f2:db:e7:
c6:11:76:ab:9c:c2:e4:df:31:1a:13:8a:72:19:5d:
d5:db:04:5c:3e:fe:01:79:4c:f1:29:c5:46:80:39:
d9:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:38:2D:8D:55:93:01:92:62:F6:44:9B:41:79:96:BB:54:D9:A7:CC
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS209242.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.194.0/23
141.11.202.0/23
Signature Algorithm: sha256WithRSAEncryption
b4:e8:d6:a6:f7:93:45:05:ec:6e:55:0b:d4:3f:70:c2:38:73:
37:b9:38:e4:eb:2b:f4:ed:7b:d1:34:d7:1e:05:6b:10:ac:5f:
c3:db:68:4b:08:d3:60:f0:4c:b8:32:ad:47:24:d5:48:1d:d0:
5e:5c:fe:da:ff:0e:96:4e:7d:eb:54:ae:41:5e:3a:ca:4f:4c:
44:37:c9:04:da:97:fa:aa:0c:aa:2d:1b:d9:6b:34:2f:64:9a:
02:a4:cc:ab:75:0f:06:f4:80:70:12:06:c2:9c:71:27:72:f7:
46:1f:52:52:7f:c1:8b:2a:18:ec:61:ea:da:60:21:39:7b:b3:
1d:a5:6e:05:a7:dd:80:f6:35:c6:66:60:37:e4:e2:97:1d:d5:
24:f7:43:80:c8:d4:32:0f:01:4d:52:20:36:ff:7e:7e:dc:4f:
a4:7b:d9:34:b6:b7:3b:da:0a:5d:cd:14:46:27:34:ab:e4:00:
bd:41:e5:1a:ae:90:59:64:84:07:8a:b8:80:0c:71:91:7d:cf:
fb:8c:99:69:2d:c5:d4:84:5d:0d:c7:98:4d:b9:50:c6:ab:c4:
45:d1:d2:e0:89:df:38:1e:23:d9:c9:1d:ed:21:50:e5:c0:d2:
0b:6e:5f:c2:4d:7d:45:23:1e:d0:d8:7a:e8:fb:ba:9c:e9:cd:
c2:f2:f4:88
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUfN3fD0kQ4qYJbA8KxNuE1aFIR2AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTA5MDMxNzUwMDBaFw0yNjA5MDIxNzU1MDBaMDMxMTAvBgNV
BAMTKDg0MzgyRDhENTU5MzAxOTI2MkY2NDQ5QjQxNzk5NkJCNTREOUE3Q0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbjJot3kZvFaYbARb0bgnPZt3M
SMELjiA0nkIqnCEMFFf3UBj64KObNNYTDaBc2V2+FR19HNBOGqX8DM1qDYdtQ70A
69LTYhvcgEOlRMQS5d45VDDvbLy9FWzFnDEyKx5c1JVadKLqeXLPTz0e0+HkB3M/
4Fppr+IZ7QPq0ZcSxsNYqqIx2PmQYgtth2sZfi66vVAs8IS1VpejHwqF59KZ5xWV
saiuZEXrzahIiXrSZYwCfBmKJI/Af8upaE2Fki6ueOiJgp06uxIjLDAP5j6pKFrg
Nd5fhg45kgiW9/Lb58YRdqucwuTfMRoTinIZXdXbBFw+/gF5TPEpxUaAOdmFAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUhDgtjVWTAZJi9kSbQXmWu1TZp8wwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjA5MjQyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBjQvC
AwQBjQvKMA0GCSqGSIb3DQEBCwUAA4IBAQC06Nam95NFBexuVQvUP3DCOHM3uTjk
6yv07XvRNNceBWsQrF/D22hLCNNg8Ey4Mq1HJNVIHdBeXP7a/w6WTn3rVK5BXjrK
T0xEN8kE2pf6qgyqLRvZazQvZJoCpMyrdQ8G9IBwEgbCnHEncvdGH1JSf8GLKhjs
YeraYCE5e7MdpW4Fp92A9jXGZmA35OKXHdUk90OAyNQyDwFNUiA2/35+3E+ke9k0
trc72gpdzRRGJzSr5AC9QeUarpBZZIQHiriADHGRfc/7jJlpLcXUhF0Nx5hNuVDG
q8RF0dLgid84HiPZyR3tIVDlwNILbl/CTX1FIx7Q2Hro+7qc6c3C8vSI
-----END CERTIFICATE-----
Generated at Sun Sep 7 15:16:50 2025 by rpki-client