Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/3133392e32382e32352e302f32342d3234203d3e20323131343135.roa
File: 3133392e32382e32352e302f32342d3234203d3e20323131343135.roa (raw, json)
Hash identifier: kj5wXeF4AQFWN9fpmE1MKtBmtMRLs1TA1rGuGr1+5eA=
Subject key identifier: 27:61:8F:D3:3E:05:CF:BD:CE:13:FF:33:E1:9F:3D:05:C0:CD:25:44
Certificate issuer: /CN=637fd1ba3fed44454d6d7030247709d28db3491a
Certificate serial: 3979DABE01E90E88E9F0827C14A8CAD502EC13B5
Authority key identifier: 63:7F:D1:BA:3F:ED:44:45:4D:6D:70:30:24:77:09:D2:8D:B3:49:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y3_Ruj_tREVNbXAwJHcJ0o2zSRo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/3133392e32382e32352e302f32342d3234203d3e20323131343135.roa
Signing time: Fri 29 Aug 2025 14:54:58 +0000
ROA not before: Fri 29 Aug 2025 14:49:58 +0000
ROA not after: Fri 28 Aug 2026 14:54:58 +0000
asID: 211415
IP address blocks: 139.28.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/637FD1BA3FED44454D6D7030247709D28DB3491A.crl
rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/637FD1BA3FED44454D6D7030247709D28DB3491A.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y3_Ruj_tREVNbXAwJHcJ0o2zSRo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 17:17:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:79:da:be:01:e9:0e:88:e9:f0:82:7c:14:a8:ca:d5:02:ec:13:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=637fd1ba3fed44454d6d7030247709d28db3491a
Validity
Not Before: Aug 29 14:49:58 2025 GMT
Not After : Aug 28 14:54:58 2026 GMT
Subject: CN=27618FD33E05CFBDCE13FF33E19F3D05C0CD2544
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d7:cf:ee:10:7a:cc:2f:5c:54:c1:c0:a6:c5:
54:6c:92:7c:1c:1d:37:f9:9e:5f:f8:7b:c2:37:ac:
16:ae:be:9a:5f:8a:64:31:8c:8a:d0:7e:55:a6:a4:
48:54:28:97:84:30:79:6c:2f:98:ae:0f:b5:80:63:
b1:89:89:6a:5e:20:da:40:4f:45:ef:5f:54:0d:b5:
23:92:ee:8b:32:b4:86:df:f6:32:8b:6f:3c:0a:10:
ea:d3:09:78:9b:11:92:c2:b3:66:6a:ea:67:6f:f3:
fd:20:97:d6:63:9d:30:e7:6e:16:ee:16:65:c4:67:
8d:27:fe:25:0b:65:fd:c4:43:0d:d1:ae:cc:e6:3f:
bb:a0:fb:40:f0:6d:db:07:aa:4b:43:14:d0:2d:9c:
ca:7f:c0:b0:b5:e8:4a:2c:1a:e1:3c:d7:e6:03:d9:
ed:78:ed:e5:69:a4:31:72:a1:8e:58:0f:7c:e1:d9:
51:32:a8:f5:28:a6:ea:ef:b6:61:10:12:44:69:7a:
de:69:79:2d:c6:ee:60:f6:63:df:12:19:fd:20:83:
b5:b3:7e:59:97:93:8d:9a:cd:97:9f:72:c8:d8:1c:
e2:e7:8c:a0:73:55:74:64:8d:54:a2:d6:aa:43:69:
38:fd:81:35:0e:a3:9c:c8:4e:cb:3a:ab:1d:54:a2:
e4:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:61:8F:D3:3E:05:CF:BD:CE:13:FF:33:E1:9F:3D:05:C0:CD:25:44
X509v3 Authority Key Identifier:
keyid:63:7F:D1:BA:3F:ED:44:45:4D:6D:70:30:24:77:09:D2:8D:B3:49:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/637FD1BA3FED44454D6D7030247709D28DB3491A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y3_Ruj_tREVNbXAwJHcJ0o2zSRo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/3133392e32382e32352e302f32342d3234203d3e20323131343135.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.25.0/24
Signature Algorithm: sha256WithRSAEncryption
28:fd:54:bc:d8:97:b5:74:f5:c8:db:76:08:94:8b:c0:e9:8c:
35:37:32:93:cf:31:c5:71:23:90:6c:c6:f7:2a:c4:31:1c:0b:
d7:4e:43:10:d3:63:48:23:ba:27:89:99:25:29:ca:f2:88:6a:
8e:59:d8:be:3d:2f:68:3c:40:9b:e7:53:06:0c:46:d1:ac:49:
80:8d:9a:19:ad:9a:2a:4c:0f:9d:b8:12:ef:ff:d5:3c:31:89:
44:ef:71:7d:ac:d2:c9:bd:3f:05:ac:b5:28:51:52:f5:6d:31:
8c:67:11:fb:aa:f2:28:56:01:a8:fa:be:f1:92:3a:7c:0a:67:
ff:bf:dd:8b:9c:89:44:10:d6:63:79:af:30:cf:36:68:65:26:
a1:7e:27:e0:7a:f8:14:6f:d5:30:87:fc:43:8e:c1:a8:ec:8e:
91:65:25:c5:2b:eb:33:a2:6e:0b:cc:30:81:92:32:32:76:5c:
aa:d9:1e:fa:63:32:51:93:10:4d:6d:75:36:c0:09:75:b9:21:
2d:1c:af:6d:55:07:da:8a:9a:7c:d1:42:cd:ec:4f:cf:f6:d5:
e6:49:0e:d6:e2:b6:b2:74:27:8e:71:4d:24:88:44:a1:68:94:
cd:41:cb:b2:98:e5:d9:16:b2:89:dc:49:96:87:a8:45:9a:6b:
bd:bb:73:83
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUOXnavgHpDojp8IJ8FKjK1QLsE7UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM3ZmQxYmEzZmVkNDQ0NTRkNmQ3MDMwMjQ3NzA5ZDI4
ZGIzNDkxYTAeFw0yNTA4MjkxNDQ5NThaFw0yNjA4MjgxNDU0NThaMDMxMTAvBgNV
BAMTKDI3NjE4RkQzM0UwNUNGQkRDRTEzRkYzM0UxOUYzRDA1QzBDRDI1NDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCn18/uEHrML1xUwcCmxVRsknwc
HTf5nl/4e8I3rBauvppfimQxjIrQflWmpEhUKJeEMHlsL5iuD7WAY7GJiWpeINpA
T0XvX1QNtSOS7osytIbf9jKLbzwKEOrTCXibEZLCs2Zq6mdv8/0gl9ZjnTDnbhbu
FmXEZ40n/iULZf3EQw3RrszmP7ug+0DwbdsHqktDFNAtnMp/wLC16EosGuE81+YD
2e147eVppDFyoY5YD3zh2VEyqPUopurvtmEQEkRpet5peS3G7mD2Y98SGf0gg7Wz
flmXk42azZefcsjYHOLnjKBzVXRkjVSi1qpDaTj9gTUOo5zITss6qx1UouRXAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUJ2GP0z4Fz73OE/8z4Z89BcDNJUQwHwYDVR0j
BBgwFoAUY3/Ruj/tREVNbXAwJHcJ0o2zSRowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTk0ZGY3MTQtZDM3ZC00OTQyLThlOTQtOTFkZDg1M2Vm
N2UzLzAvNjM3RkQxQkEzRkVENDQ0NTRENkQ3MDMwMjQ3NzA5RDI4REIzNDkxQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1kzX1J1al90UkVWTmJYQXdKSGNKMG8y
elNSby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTk0ZGY3MTQt
ZDM3ZC00OTQyLThlOTQtOTFkZDg1M2VmN2UzLzAvMzEzMzM5MmUzMjM4MmUzMjM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMxMzQzMTM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ixwZMA0GCSqGSIb3DQEBCwUAA4IBAQAo/VS82Je1dPXI23YIlIvA6Yw1NzKTzzHF
cSOQbMb3KsQxHAvXTkMQ02NII7oniZklKcryiGqOWdi+PS9oPECb51MGDEbRrEmA
jZoZrZoqTA+duBLv/9U8MYlE73F9rNLJvT8FrLUoUVL1bTGMZxH7qvIoVgGo+r7x
kjp8Cmf/v92LnIlEENZjea8wzzZoZSahfifgevgUb9Uwh/xDjsGo7I6RZSXFK+sz
om4LzDCBkjIydlyq2R76YzJRkxBNbXU2wAl1uSEtHK9tVQfaipp80ULN7E/P9tXm
SQ7W4raydCeOcU0kiEShaJTNQcuymOXZFrKJ3EmWh6hFmmu9u3OD
-----END CERTIFICATE-----
Generated at Sat Sep 6 02:48:04 2025 by rpki-client