Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS25693.roa
File: AS25693.roa (raw, json)
Hash identifier: J+/ulu5+oOqn7xR2le0FgcLsPx2aGWQXd8tGuc74PMA=
Subject key identifier: 2B:AF:B6:F7:81:4E:EE:63:46:50:1B:9A:2F:A6:2D:91:55:FF:EA:49
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 70A6CCD2E70F684A7C8967DCAC894C51522A0BDD
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS25693.roa
Signing time: Wed 04 Mar 2026 18:46:45 +0000
ROA not before: Wed 04 Mar 2026 18:41:45 +0000
ROA not after: Wed 03 Mar 2027 18:46:45 +0000
asID: 25693
IP address blocks: 141.11.92.0/23 maxlen: 24
141.11.94.0/23 maxlen: 24
141.11.136.0/23 maxlen: 24
141.11.208.0/23 maxlen: 24
141.11.210.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Mar 2026 16:52:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:a6:cc:d2:e7:0f:68:4a:7c:89:67:dc:ac:89:4c:51:52:2a:0b:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Mar 4 18:41:45 2026 GMT
Not After : Mar 3 18:46:45 2027 GMT
Subject: CN=2BAFB6F7814EEE6346501B9A2FA62D9155FFEA49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:38:cc:fe:cf:8e:88:8e:21:ef:a0:c7:2b:c6:
1b:54:38:f5:fe:c8:71:56:46:d6:8b:61:25:31:3d:
7d:30:a5:ae:16:ba:a9:0a:f3:2a:2d:41:6a:d1:5d:
4a:69:3b:e9:74:e6:d8:7a:83:d1:f8:eb:6f:7b:d1:
c5:60:b7:5c:a7:2d:11:e8:4a:c5:33:c6:2f:73:ac:
2e:54:e5:62:96:8a:53:ed:6d:98:99:47:5f:f8:3e:
78:56:66:40:66:37:78:a4:3c:cb:4f:26:e1:38:0e:
04:3c:65:86:12:55:86:ac:39:1a:2b:1c:0e:1a:76:
c5:7d:e4:18:19:82:d2:c5:23:29:3d:91:f5:bc:0d:
ca:01:6a:49:6f:28:a5:b6:82:3a:18:46:d3:b4:b6:
6c:8a:ad:a5:f1:ba:a7:63:22:72:7f:71:a2:8c:ec:
3a:86:47:03:be:1c:34:69:06:52:c5:e6:99:14:d6:
46:3c:8c:41:26:51:4e:60:b8:66:61:b4:75:78:a8:
f1:b9:ec:3f:62:8b:73:5c:4f:5b:20:d1:ed:9b:64:
10:4b:f3:43:21:f6:78:14:f5:1f:c5:2c:39:a5:d9:
7a:91:61:1a:af:04:d5:5b:75:66:ae:ad:d7:ce:bd:
b4:27:1f:bc:06:4c:25:4b:52:31:bf:8c:d3:a9:1e:
ac:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:AF:B6:F7:81:4E:EE:63:46:50:1B:9A:2F:A6:2D:91:55:FF:EA:49
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS25693.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.92.0/22
141.11.136.0/23
141.11.208.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:a6:1c:63:e9:f4:ae:eb:8d:7d:a8:13:9d:f1:34:a9:7d:2e:
94:ef:6d:be:2d:07:a8:13:6b:ea:b3:1d:1f:85:80:a2:76:0e:
3c:c2:92:90:1e:4a:44:c8:77:c8:22:a0:f4:e7:53:7e:0d:4c:
3d:c7:2a:02:03:fa:49:b2:a3:56:b7:13:f8:59:82:bc:c2:e3:
21:1f:67:1a:68:65:d5:ee:05:c3:cc:7b:a8:b2:f8:72:8e:72:
be:ed:d6:87:cf:6b:dc:bf:66:3a:a8:5f:93:78:67:f2:c3:3d:
f3:c9:d5:ed:34:32:03:c7:d0:cc:2a:8a:55:ba:4e:f2:93:68:
d7:ef:de:e6:e0:9b:98:b8:14:0a:fe:0f:a9:19:95:9c:74:70:
c0:18:5c:ba:ab:10:df:b1:8a:f6:95:55:57:58:6b:42:e0:4f:
7d:20:01:1d:7a:b3:4b:a0:ec:60:c7:6e:b4:95:62:19:ac:e4:
8d:36:30:28:15:cc:60:6b:87:a3:27:4b:60:fe:a7:53:d4:25:
2e:7a:ba:c3:71:0b:29:65:8c:55:43:d0:40:dc:88:3a:b3:2e:
15:7e:79:5d:4d:fb:ec:ab:be:36:a9:fe:9f:4d:1a:49:bf:bb:
14:41:0f:f9:8a:01:8f:87:65:b9:33:b2:a8:5e:2a:6f:87:ed:
33:8c:a3:09
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUcKbM0ucPaEp8iWfcrIlMUVIqC90wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNjAzMDQxODQxNDVaFw0yNzAzMDMxODQ2NDVaMDMxMTAvBgNV
BAMTKDJCQUZCNkY3ODE0RUVFNjM0NjUwMUI5QTJGQTYyRDkxNTVGRkVBNDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbOMz+z46IjiHvoMcrxhtUOPX+
yHFWRtaLYSUxPX0wpa4WuqkK8yotQWrRXUppO+l05th6g9H462970cVgt1ynLRHo
SsUzxi9zrC5U5WKWilPtbZiZR1/4PnhWZkBmN3ikPMtPJuE4DgQ8ZYYSVYasORor
HA4adsV95BgZgtLFIyk9kfW8DcoBaklvKKW2gjoYRtO0tmyKraXxuqdjInJ/caKM
7DqGRwO+HDRpBlLF5pkU1kY8jEEmUU5guGZhtHV4qPG57D9ii3NcT1sg0e2bZBBL
80Mh9ngU9R/FLDml2XqRYRqvBNVbdWaurdfOvbQnH7wGTCVLUjG/jNOpHqznAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQUK6+294FO7mNGUBuaL6YtkVX/6kkwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjU2OTMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBAKNC1wD
BAGNC4gDBAKNC9AwDQYJKoZIhvcNAQELBQADggEBAH6mHGPp9K7rjX2oE53xNKl9
LpTvbb4tB6gTa+qzHR+FgKJ2DjzCkpAeSkTId8gioPTnU34NTD3HKgID+kmyo1a3
E/hZgrzC4yEfZxpoZdXuBcPMe6iy+HKOcr7t1ofPa9y/ZjqoX5N4Z/LDPfPJ1e00
MgPH0MwqilW6TvKTaNfv3ubgm5i4FAr+D6kZlZx0cMAYXLqrEN+xivaVVVdYa0Lg
T30gAR16s0ug7GDHbrSVYhms5I02MCgVzGBrh6MnS2D+p1PUJS56usNxCylljFVD
0EDciDqzLhV+eV1N++yrvjap/p9NGkm/uxRBD/mKAY+HZbkzsqheKm+H7TOMowk=
-----END CERTIFICATE-----
Generated at Fri Mar 6 21:45:26 2026 by rpki-client