Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3130392e3233342e37392e302f32342d3234203d3e20323035363539.roa
File: 3130392e3233342e37392e302f32342d3234203d3e20323035363539.roa (raw, json)
Hash identifier: n07ycq7mA614v7wcgO5hxQCyDlkMuE0irJP5zeZFDOI=
Subject key identifier: 68:BD:D5:F4:96:19:B1:8F:69:F5:38:BA:AB:BC:3F:7B:3C:3E:02:88
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 3F66CCA267EAD3691A714D23F83BECA06ECEF053
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3130392e3233342e37392e302f32342d3234203d3e20323035363539.roa
Signing time: Thu 23 Oct 2025 14:47:57 +0000
ROA not before: Thu 23 Oct 2025 14:42:57 +0000
ROA not after: Thu 22 Oct 2026 14:47:57 +0000
asID: 205659
IP address blocks: 109.234.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 Oct 2025 11:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:66:cc:a2:67:ea:d3:69:1a:71:4d:23:f8:3b:ec:a0:6e:ce:f0:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Oct 23 14:42:57 2025 GMT
Not After : Oct 22 14:47:57 2026 GMT
Subject: CN=68BDD5F49619B18F69F538BAABBC3F7B3C3E0288
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f7:27:b5:cc:96:ac:7f:6d:22:43:7d:a6:0f:
8b:87:a4:8a:38:76:f0:65:ee:c9:18:56:de:1d:d5:
9b:f7:69:ac:58:98:91:df:bd:1b:9b:b5:f6:51:c6:
b3:c5:cb:eb:a0:98:ba:1d:08:74:77:0e:d0:59:a1:
e6:c8:42:5c:d7:ee:13:80:7c:18:20:43:39:b1:d4:
4d:63:6e:71:5e:09:55:2d:02:47:cb:82:5d:16:1e:
2f:20:de:8a:94:a4:ac:55:50:fa:d1:af:c0:3d:25:
3f:89:7c:3b:50:6b:ca:b0:3e:2c:0b:a1:5a:af:8f:
9c:b8:f0:ea:bd:0d:a1:fc:6b:cf:25:ed:43:33:f5:
6f:95:34:f9:c1:e1:f8:92:9b:ed:91:c3:8d:0c:38:
52:d7:a1:d9:cd:9b:1c:c8:4e:8b:5c:61:bf:4b:49:
25:ef:05:6f:26:c0:c4:c4:53:8f:17:ea:86:12:dc:
91:db:51:c4:89:86:74:63:9a:66:18:22:15:8a:fa:
38:e8:1b:62:0b:0c:7c:a4:aa:e9:f9:5f:16:c5:40:
2a:81:4a:af:85:70:cf:82:5c:cb:fd:fc:9a:61:53:
2b:82:7a:b2:0e:a6:0c:37:cb:71:bb:29:5d:35:69:
e8:a7:23:e4:78:3f:bc:26:d8:f5:07:6c:86:f4:5a:
3d:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:BD:D5:F4:96:19:B1:8F:69:F5:38:BA:AB:BC:3F:7B:3C:3E:02:88
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3130392e3233342e37392e302f32342d3234203d3e20323035363539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.234.79.0/24
Signature Algorithm: sha256WithRSAEncryption
83:fd:69:3d:bb:c7:74:a6:0b:7e:33:4a:38:d5:5d:bd:45:d4:
78:79:5d:74:88:bc:17:55:0b:6c:38:16:b0:e9:70:57:9d:46:
2b:df:30:d8:48:8a:bd:7b:33:b9:96:42:ea:d3:e7:a6:9f:6c:
84:dd:72:71:b2:3e:92:05:cf:8f:59:d8:cb:ed:3a:ae:e2:5d:
25:42:22:a6:da:c4:86:83:ff:60:94:92:3d:b5:6b:91:37:90:
37:3e:5d:04:ce:5c:94:15:fa:d5:a2:4e:b0:dc:95:21:30:6c:
79:99:ea:dd:1d:ad:4f:f0:2c:6c:45:55:57:1f:de:3b:96:94:
97:12:b8:cf:4c:94:e5:1e:f2:0f:13:a5:8a:5a:a0:73:86:21:
0b:b9:22:b2:eb:bd:c7:ca:b6:e7:92:38:ce:8d:fb:ca:9b:04:
de:5e:f9:42:46:b6:4c:02:72:7f:ca:b2:ce:31:e4:15:55:63:
ed:c8:0e:85:fd:80:1b:bb:80:cb:cb:88:d3:d4:b2:f5:da:89:
88:35:27:07:4b:01:ce:12:a5:e5:f1:70:9b:94:c7:84:6e:46:
d0:1e:9c:9d:5c:6a:2a:16:e3:04:3f:9d:7c:b2:c5:fc:02:de:
6a:72:3e:58:02:a2:29:1f:df:5a:c8:e5:97:c2:ef:88:d3:ae:
7b:67:8e:93
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUP2bMomfq02kacU0j+DvsoG7O8FMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTEwMjMxNDQyNTdaFw0yNjEwMjIxNDQ3NTdaMDMxMTAvBgNV
BAMTKDY4QkRENUY0OTYxOUIxOEY2OUY1MzhCQUFCQkMzRjdCM0MzRTAyODgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz9ye1zJasf20iQ32mD4uHpIo4
dvBl7skYVt4d1Zv3aaxYmJHfvRubtfZRxrPFy+ugmLodCHR3DtBZoebIQlzX7hOA
fBggQzmx1E1jbnFeCVUtAkfLgl0WHi8g3oqUpKxVUPrRr8A9JT+JfDtQa8qwPiwL
oVqvj5y48Oq9DaH8a88l7UMz9W+VNPnB4fiSm+2Rw40MOFLXodnNmxzITotcYb9L
SSXvBW8mwMTEU48X6oYS3JHbUcSJhnRjmmYYIhWK+jjoG2ILDHykqun5XxbFQCqB
Sq+FcM+CXMv9/JphUyuCerIOpgw3y3G7KV01aeinI+R4P7wm2PUHbIb0Wj1JAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUaL3V9JYZsY9p9Ti6q7w/ezw+AogwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTMwMzkyZTMyMzMz
NDJlMzczOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNTM2MzUzOS5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAG3qTzANBgkqhkiG9w0BAQsFAAOCAQEAg/1pPbvHdKYLfjNKONVdvUXU
eHlddIi8F1ULbDgWsOlwV51GK98w2EiKvXszuZZC6tPnpp9shN1ycbI+kgXPj1nY
y+06ruJdJUIiptrEhoP/YJSSPbVrkTeQNz5dBM5clBX61aJOsNyVITBseZnq3R2t
T/AsbEVVVx/eO5aUlxK4z0yU5R7yDxOlilqgc4YhC7kisuu9x8q255I4zo37ypsE
3l75Qka2TAJyf8qyzjHkFVVj7cgOhf2AG7uAy8uI09Sy9dqJiDUnB0sBzhKl5fFw
m5THhG5G0B6cnVxqKhbjBD+dfLLF/ALeanI+WAKiKR/fWsjll8LviNOue2eOkw==
-----END CERTIFICATE-----
Generated at Sat Oct 25 19:05:20 2025 by rpki-client