Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/3133392e32382e32362e302f32342d3234203d3e20313337343039.roa
File: 3133392e32382e32362e302f32342d3234203d3e20313337343039.roa (raw, json)
Hash identifier: 4dsufrRZZT3ng/M0mUxRioQsmJP0ZwUerMNQTCdj11A=
Subject key identifier: 3E:9C:49:0F:71:21:C8:6B:80:B8:87:66:7C:F3:6A:83:EC:7D:10:81
Certificate issuer: /CN=637fd1ba3fed44454d6d7030247709d28db3491a
Certificate serial: 06B083EF34925A146E4676EE4E356361ED7E02D2
Authority key identifier: 63:7F:D1:BA:3F:ED:44:45:4D:6D:70:30:24:77:09:D2:8D:B3:49:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y3_Ruj_tREVNbXAwJHcJ0o2zSRo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/3133392e32382e32362e302f32342d3234203d3e20313337343039.roa
Signing time: Mon 01 Sep 2025 07:54:58 +0000
ROA not before: Mon 01 Sep 2025 07:49:58 +0000
ROA not after: Mon 31 Aug 2026 07:54:58 +0000
asID: 137409
IP address blocks: 139.28.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/637FD1BA3FED44454D6D7030247709D28DB3491A.crl
rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/637FD1BA3FED44454D6D7030247709D28DB3491A.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y3_Ruj_tREVNbXAwJHcJ0o2zSRo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 17:17:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:b0:83:ef:34:92:5a:14:6e:46:76:ee:4e:35:63:61:ed:7e:02:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=637fd1ba3fed44454d6d7030247709d28db3491a
Validity
Not Before: Sep 1 07:49:58 2025 GMT
Not After : Aug 31 07:54:58 2026 GMT
Subject: CN=3E9C490F7121C86B80B887667CF36A83EC7D1081
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:fd:8b:1d:3d:d3:fe:47:7f:8c:54:56:57:53:
19:9d:35:33:de:44:0f:57:02:18:73:3c:1a:10:99:
f3:46:62:27:b8:48:4c:a7:20:28:bf:38:c1:99:d0:
7f:5d:f6:59:ae:40:60:f4:1f:73:00:ee:ab:87:b2:
f0:9d:1f:2a:c7:e0:41:32:89:b8:75:d7:74:bd:ce:
cf:aa:c9:b6:a5:f8:64:e4:ec:aa:02:05:5b:0d:da:
f6:24:fb:b9:bd:74:3e:8a:30:7d:30:63:2f:cb:a5:
f9:c9:5a:18:2f:24:83:af:57:38:49:f7:7a:62:d9:
c6:96:02:90:ec:28:83:ab:29:4a:0e:c6:c2:66:a3:
e3:b0:06:68:1d:2e:6b:9d:64:15:a2:54:84:20:69:
ab:40:c5:27:67:79:d6:a8:34:8f:5f:cf:4f:88:b4:
02:38:1a:59:4c:80:94:74:af:ab:14:e6:b1:2a:a3:
24:00:a5:d1:54:95:0c:97:cd:20:f5:de:ef:fe:59:
1f:32:35:bc:b6:f6:4a:1a:83:56:04:40:c6:e7:26:
ba:c2:34:25:99:20:87:74:d3:e6:15:3b:d8:2f:84:
95:5b:88:3c:10:ab:10:46:b0:eb:42:bb:62:65:6e:
47:0a:3c:f0:87:29:0b:b7:c7:94:69:9f:30:5f:32:
7f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:9C:49:0F:71:21:C8:6B:80:B8:87:66:7C:F3:6A:83:EC:7D:10:81
X509v3 Authority Key Identifier:
keyid:63:7F:D1:BA:3F:ED:44:45:4D:6D:70:30:24:77:09:D2:8D:B3:49:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/637FD1BA3FED44454D6D7030247709D28DB3491A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y3_Ruj_tREVNbXAwJHcJ0o2zSRo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/3133392e32382e32362e302f32342d3234203d3e20313337343039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.26.0/24
Signature Algorithm: sha256WithRSAEncryption
93:66:52:b5:81:de:24:3c:92:13:fd:8c:cd:bb:a9:7a:c6:5a:
1a:87:07:95:9b:7e:3d:3b:73:32:76:ad:bf:23:72:f9:b2:8e:
b5:ea:cf:9e:da:99:b1:01:a0:0f:20:a4:b3:d7:63:9a:73:d5:
27:eb:c7:f7:a4:c6:6b:9a:12:0d:82:f4:29:1e:53:69:56:4d:
13:a1:10:e8:b2:ae:f1:cc:bd:c9:3c:25:df:2e:33:5a:25:16:
8b:21:2a:55:90:d2:aa:23:9b:34:fe:9e:7a:5e:60:f9:bb:91:
28:d4:fa:0a:c5:c0:d2:03:87:52:75:72:61:5e:0d:c5:dd:ef:
f3:9a:35:26:cf:f0:2b:ec:1d:52:ae:fd:b0:84:6e:e9:a2:5d:
4b:b7:47:96:a2:2d:69:6c:01:b4:ae:3d:ed:8a:96:e9:3b:da:
5f:9e:1e:b1:98:80:b4:a6:bb:cc:d6:de:38:5a:21:fc:39:27:
0f:89:9e:c5:28:d2:3b:15:f9:7f:a0:a5:d8:e0:ac:00:a5:f6:
9f:a4:cb:f3:62:00:d3:4c:5a:33:93:a9:6c:ac:0f:4f:19:98:
94:da:c4:55:b1:6d:36:ce:82:4b:0e:92:fa:a9:ea:2d:53:51:
20:96:3c:55:29:83:b0:fb:36:d4:05:66:64:b5:87:53:86:d7:
90:3b:bf:b9
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUBrCD7zSSWhRuRnbuTjVjYe1+AtIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM3ZmQxYmEzZmVkNDQ0NTRkNmQ3MDMwMjQ3NzA5ZDI4
ZGIzNDkxYTAeFw0yNTA5MDEwNzQ5NThaFw0yNjA4MzEwNzU0NThaMDMxMTAvBgNV
BAMTKDNFOUM0OTBGNzEyMUM4NkI4MEI4ODc2NjdDRjM2QTgzRUM3RDEwODEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCS/YsdPdP+R3+MVFZXUxmdNTPe
RA9XAhhzPBoQmfNGYie4SEynICi/OMGZ0H9d9lmuQGD0H3MA7quHsvCdHyrH4EEy
ibh113S9zs+qybal+GTk7KoCBVsN2vYk+7m9dD6KMH0wYy/LpfnJWhgvJIOvVzhJ
93pi2caWApDsKIOrKUoOxsJmo+OwBmgdLmudZBWiVIQgaatAxSdnedaoNI9fz0+I
tAI4GllMgJR0r6sU5rEqoyQApdFUlQyXzSD13u/+WR8yNby29koag1YEQMbnJrrC
NCWZIId00+YVO9gvhJVbiDwQqxBGsOtCu2JlbkcKPPCHKQu3x5RpnzBfMn9PAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUPpxJD3EhyGuAuIdmfPNqg+x9EIEwHwYDVR0j
BBgwFoAUY3/Ruj/tREVNbXAwJHcJ0o2zSRowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTk0ZGY3MTQtZDM3ZC00OTQyLThlOTQtOTFkZDg1M2Vm
N2UzLzAvNjM3RkQxQkEzRkVENDQ0NTRENkQ3MDMwMjQ3NzA5RDI4REIzNDkxQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1kzX1J1al90UkVWTmJYQXdKSGNKMG8y
elNSby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTk0ZGY3MTQt
ZDM3ZC00OTQyLThlOTQtOTFkZDg1M2VmN2UzLzAvMzEzMzM5MmUzMjM4MmUzMjM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM3MzQzMDM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ixwaMA0GCSqGSIb3DQEBCwUAA4IBAQCTZlK1gd4kPJIT/YzNu6l6xloahweVm349
O3Mydq2/I3L5so616s+e2pmxAaAPIKSz12Oac9Un68f3pMZrmhINgvQpHlNpVk0T
oRDosq7xzL3JPCXfLjNaJRaLISpVkNKqI5s0/p56XmD5u5Eo1PoKxcDSA4dSdXJh
Xg3F3e/zmjUmz/Ar7B1Srv2whG7pol1Lt0eWoi1pbAG0rj3tipbpO9pfnh6xmIC0
prvM1t44WiH8OScPiZ7FKNI7Ffl/oKXY4KwApfafpMvzYgDTTFozk6lsrA9PGZiU
2sRVsW02zoJLDpL6qeotU1EgljxVKYOw+zbUBWZktYdThteQO7+5
-----END CERTIFICATE-----
Generated at Sat Sep 6 02:49:41 2025 by rpki-client