Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3139332e3234362e3136352e302f32342d3234203d3e20323136313539.roa
File: 3139332e3234362e3136352e302f32342d3234203d3e20323136313539.roa (raw, json)
Hash identifier: KxdR1/7sm4z1qp8rgToMdsRMKXDW5kiN3AX2g/AZXyc=
Subject key identifier: 9C:C5:B9:25:8D:ED:6B:9F:FC:82:90:13:EA:84:A3:13:55:6E:41:5F
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 227D0B538C1AA9294BB850464BC8A63EF58F028E
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3139332e3234362e3136352e302f32342d3234203d3e20323136313539.roa
Signing time: Fri 05 Sep 2025 16:55:00 +0000
ROA not before: Fri 05 Sep 2025 16:50:00 +0000
ROA not after: Fri 04 Sep 2026 16:55:00 +0000
asID: 216159
IP address blocks: 193.246.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:7d:0b:53:8c:1a:a9:29:4b:b8:50:46:4b:c8:a6:3e:f5:8f:02:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Sep 5 16:50:00 2025 GMT
Not After : Sep 4 16:55:00 2026 GMT
Subject: CN=9CC5B9258DED6B9FFC829013EA84A313556E415F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a4:60:7e:39:6d:e4:e5:f8:10:c7:61:f4:07:
55:fe:ec:2e:b3:75:ee:24:e2:42:ba:27:fd:0b:d1:
0c:8d:c1:ae:cd:cb:76:4d:d4:e2:7c:44:64:bd:0e:
62:43:77:01:43:5b:cd:c3:c4:a6:a5:cb:33:ac:a8:
a7:b9:a3:a1:2e:30:84:79:96:0f:58:b3:93:4b:3a:
6b:be:07:e0:0b:be:fa:6f:04:e1:e6:80:67:ed:2c:
84:ca:3e:2c:84:6a:42:ae:b8:e4:06:12:49:88:d6:
91:eb:53:5d:a6:e0:c2:af:56:cf:52:78:a9:9e:9c:
e1:4a:ed:0b:85:38:93:74:fd:13:33:15:c4:19:60:
fd:54:54:eb:56:a5:c1:65:11:d4:3e:f5:3d:6a:58:
20:7d:e4:87:93:0f:31:a8:3f:4e:17:1b:a1:9e:21:
92:73:06:19:28:7e:56:38:cd:f4:c2:a9:32:97:2f:
d0:4e:2b:22:35:02:97:b0:5f:22:cc:13:96:d4:0a:
0c:b8:8d:d1:75:6a:20:55:d1:48:8f:b3:7e:27:95:
15:83:9f:d3:97:c5:da:73:fc:8d:69:e2:c5:b0:aa:
64:b5:07:00:57:6e:fc:43:5a:94:2d:50:5a:3c:e3:
7e:0c:80:95:c0:be:01:05:55:77:41:de:6b:f9:70:
bf:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:C5:B9:25:8D:ED:6B:9F:FC:82:90:13:EA:84:A3:13:55:6E:41:5F
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3139332e3234362e3136352e302f32342d3234203d3e20323136313539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.246.165.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:b6:ee:dc:7d:70:78:9b:12:33:3e:26:4f:6e:ad:a6:25:6a:
1b:8a:25:b9:96:b3:e1:eb:61:e5:2d:be:1b:0e:7f:b6:16:41:
24:a9:90:cc:ba:0d:61:28:e3:d4:aa:c2:cb:4f:25:df:ae:bf:
1b:ee:b3:d4:31:0b:49:98:87:fd:ae:8a:4c:69:8a:34:77:d2:
a5:ea:91:c3:fc:5c:cd:9a:e6:41:2b:32:fe:d0:6e:ab:91:6e:
df:c7:4e:2f:8b:9c:b9:f6:fd:a2:ba:1c:fe:53:bb:0d:c1:b0:
cd:24:8d:65:88:cb:a1:90:0a:ac:ae:fa:91:3f:ff:d6:d5:fb:
66:40:0f:cf:e6:15:18:3d:be:81:97:57:e1:5b:33:82:47:d5:
6c:04:c5:3e:1b:a5:98:cb:dc:7b:d4:20:61:7a:81:12:2b:0d:
0b:78:14:b5:63:fb:49:64:92:25:f9:fe:ab:4a:ea:b8:32:00:
bd:58:2d:e1:1c:c6:d4:7e:7b:24:11:6a:cf:db:18:ae:9e:a6:
f6:ca:f3:34:f1:9f:c8:45:d5:89:b9:3f:55:cf:40:ca:bd:74:
f8:cf:7a:4a:26:6a:5f:0c:0c:50:3d:63:e1:a5:67:c3:3d:4a:
b4:18:93:3e:75:97:e5:2c:29:76:16:fb:e9:66:c7:ee:08:3a:
f7:b1:22:36
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUIn0LU4waqSlLuFBGS8imPvWPAo4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNTA5MDUxNjUwMDBaFw0yNjA5MDQxNjU1MDBaMDMxMTAvBgNV
BAMTKDlDQzVCOTI1OERFRDZCOUZGQzgyOTAxM0VBODRBMzEzNTU2RTQxNUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNpGB+OW3k5fgQx2H0B1X+7C6z
de4k4kK6J/0L0QyNwa7Ny3ZN1OJ8RGS9DmJDdwFDW83DxKalyzOsqKe5o6EuMIR5
lg9Ys5NLOmu+B+ALvvpvBOHmgGftLITKPiyEakKuuOQGEkmI1pHrU12m4MKvVs9S
eKmenOFK7QuFOJN0/RMzFcQZYP1UVOtWpcFlEdQ+9T1qWCB95IeTDzGoP04XG6Ge
IZJzBhkoflY4zfTCqTKXL9BOKyI1ApewXyLME5bUCgy4jdF1aiBV0UiPs34nlRWD
n9OXxdpz/I1p4sWwqmS1BwBXbvxDWpQtUFo8434MgJXAvgEFVXdB3mv5cL+PAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUnMW5JY3ta5/8gpAT6oSjE1VuQV8wHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzOTMzMmUzMjM0MzYyZTMx
MzYzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNjMxMzUzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMH2pTANBgkqhkiG9w0BAQsFAAOCAQEATLbu3H1weJsSMz4mT26tpiVqG4ol
uZaz4eth5S2+Gw5/thZBJKmQzLoNYSjj1KrCy08l366/G+6z1DELSZiH/a6KTGmK
NHfSpeqRw/xczZrmQSsy/tBuq5Fu38dOL4ucufb9oroc/lO7DcGwzSSNZYjLoZAK
rK76kT//1tX7ZkAPz+YVGD2+gZdX4VszgkfVbATFPhulmMvce9QgYXqBEisNC3gU
tWP7SWSSJfn+q0rquDIAvVgt4RzG1H57JBFqz9sYrp6m9srzNPGfyEXVibk/Vc9A
yr10+M96SiZqXwwMUD1j4aVnwz1KtBiTPnWX5Swpdhb76WbH7gg697EiNg==
-----END CERTIFICATE-----
Generated at Sun Sep 7 16:07:38 2025 by rpki-client