Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e33322e3137322e302f32322d3232203d3e20323031333431.roa
File: 3139332e33322e3137322e302f32322d3232203d3e20323031333431.roa (raw, json)
Hash identifier: 7fPH54sADFwY7I60aoLosU+/oIDtj3YlPcB2J9w/1W0=
Subject key identifier: 48:17:55:7F:61:4A:E5:56:F3:67:01:67:3D:44:2A:8E:31:4D:6D:45
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 6DB1A0E751EF401729D7BDDA28E5590F720A449C
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e33322e3137322e302f32322d3232203d3e20323031333431.roa
Signing time: Tue 26 Aug 2025 20:22:23 +0000
ROA not before: Tue 26 Aug 2025 20:17:23 +0000
ROA not after: Tue 25 Aug 2026 20:22:23 +0000
asID: 201341
IP address blocks: 193.32.172.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 06:10:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:b1:a0:e7:51:ef:40:17:29:d7:bd:da:28:e5:59:0f:72:0a:44:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Aug 26 20:17:23 2025 GMT
Not After : Aug 25 20:22:23 2026 GMT
Subject: CN=4817557F614AE556F36701673D442A8E314D6D45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:b0:46:7d:e7:11:be:71:fa:a0:b4:d5:11:05:
4a:8c:73:f5:0c:eb:9a:c5:1f:df:1b:5f:51:b8:93:
7b:63:7e:33:c1:1b:0c:f5:b8:e3:cf:3b:62:2a:bf:
5c:64:d1:59:1f:65:d0:3f:54:4d:83:a6:19:e0:c2:
11:59:58:9a:db:71:c8:40:7b:b7:95:c3:34:f1:c8:
5c:82:e6:c6:9d:a4:08:44:e0:43:b5:50:65:3e:ee:
11:f8:fd:61:e6:57:cb:d6:47:fc:71:27:1d:8e:86:
af:ca:cd:dc:08:65:84:12:4d:ea:a8:e6:7e:de:b7:
94:a6:2d:e9:46:a0:1f:43:81:47:67:ad:06:db:40:
6d:8f:ca:77:9c:8f:5f:48:54:27:57:56:ee:ec:b5:
34:41:0c:a5:9b:c3:21:87:60:5f:c1:02:b5:11:df:
d6:26:fd:63:0e:3f:b2:5a:ad:60:3e:07:38:f7:e2:
2e:fc:18:9f:89:9f:39:1b:a4:26:21:c6:96:1b:93:
89:84:5b:53:48:9a:9b:41:e6:2a:27:f6:66:ef:e1:
46:37:5d:2a:6b:6c:f4:5a:2f:27:fb:93:6c:a1:15:
86:01:7f:3d:12:ba:2e:7d:55:ba:8b:34:c7:6d:65:
ed:e4:91:87:75:73:91:34:e7:b8:de:be:c8:cf:1a:
87:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:17:55:7F:61:4A:E5:56:F3:67:01:67:3D:44:2A:8E:31:4D:6D:45
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e33322e3137322e302f32322d3232203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.32.172.0/22
Signature Algorithm: sha256WithRSAEncryption
13:26:b9:65:2f:91:46:a8:b2:6c:5e:51:1f:37:cb:89:98:95:
c7:0e:2e:ac:b3:e1:f1:05:9a:9b:03:c2:aa:6c:8f:7d:d1:00:
4a:3a:6a:21:3f:11:9e:e6:38:a8:96:19:cb:d9:e2:f9:e9:07:
8b:79:0b:5e:67:86:7f:5b:bf:fe:32:69:c8:a6:1f:83:1a:f6:
8a:f8:af:0b:53:86:d0:f7:cb:04:a6:9a:8a:08:f0:93:fb:16:
e9:c0:55:aa:f4:a9:d3:12:20:19:88:62:84:2e:7e:31:f9:a0:
4c:1b:4c:16:4c:f4:f1:e0:62:50:91:d9:1d:45:ab:ce:59:a6:
91:fe:a7:4f:25:41:7e:a1:d8:02:0f:59:be:d1:63:6f:15:a2:
b5:51:f4:77:5e:f1:c4:56:04:80:a0:6f:c6:3e:6a:82:ef:3e:
06:c1:f9:62:f6:3b:1f:60:0e:a5:b2:d1:87:cf:d0:b3:44:ef:
39:df:96:97:4e:a5:b6:ef:12:ea:f8:5e:0e:e7:69:e1:53:02:
ab:af:e3:0f:4f:a7:ce:9c:d6:2d:ad:29:81:33:94:e3:6e:8b:
e2:1b:fe:ec:3c:4e:a1:a3:97:25:fc:fd:bf:5f:5a:7c:58:de:
94:63:f9:53:25:c9:33:50:9c:9f:c6:51:2e:99:f9:c6:92:e2:
80:a0:ba:d4
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUbbGg51HvQBcp173aKOVZD3IKRJwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTA4MjYyMDE3MjNaFw0yNjA4MjUyMDIyMjNaMDMxMTAvBgNV
BAMTKDQ4MTc1NTdGNjE0QUU1NTZGMzY3MDE2NzNENDQyQThFMzE0RDZENDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrsEZ95xG+cfqgtNURBUqMc/UM
65rFH98bX1G4k3tjfjPBGwz1uOPPO2Iqv1xk0VkfZdA/VE2DphngwhFZWJrbcchA
e7eVwzTxyFyC5sadpAhE4EO1UGU+7hH4/WHmV8vWR/xxJx2Ohq/KzdwIZYQSTeqo
5n7et5SmLelGoB9DgUdnrQbbQG2Pynecj19IVCdXVu7stTRBDKWbwyGHYF/BArUR
39Ym/WMOP7JarWA+Bzj34i78GJ+JnzkbpCYhxpYbk4mEW1NImptB5ion9mbv4UY3
XSprbPRaLyf7k2yhFYYBfz0Sui59VbqLNMdtZe3kkYd1c5E057jevsjPGofvAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUSBdVf2FK5VbzZwFnPUQqjjFNbUUwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzMyZTMzMzIy
ZTMxMzczMjJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDMyMzAzMTMzMzQzMS5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAsEgrDANBgkqhkiG9w0BAQsFAAOCAQEAEya5ZS+RRqiybF5RHzfLiZiV
xw4urLPh8QWamwPCqmyPfdEASjpqIT8RnuY4qJYZy9ni+ekHi3kLXmeGf1u//jJp
yKYfgxr2ivivC1OG0PfLBKaaigjwk/sW6cBVqvSp0xIgGYhihC5+MfmgTBtMFkz0
8eBiUJHZHUWrzlmmkf6nTyVBfqHYAg9ZvtFjbxWitVH0d17xxFYEgKBvxj5qgu8+
BsH5YvY7H2AOpbLRh8/Qs0TvOd+Wl06ltu8S6vheDudp4VMCq6/jD0+nzpzWLa0p
gTOU426L4hv+7DxOoaOXJfz9v19afFjelGP5UyXJM1Ccn8ZRLpn5xpLigKC61A==
-----END CERTIFICATE-----
Generated at Sun Sep 7 15:17:42 2025 by rpki-client