Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3135362e3230352e302f32342d3234203d3e20313336373837.roa
File: 39342e3135362e3230352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: Xda1mgOnkWxkG3cwV7FpVqT6f5N1BXLFKCPm9iv/NSk=
Subject key identifier: D4:43:D3:34:ED:CA:7F:53:3C:86:BA:DE:8C:00:5D:43:14:D0:20:F8
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7E22B00B7413CBC0720BCCEBE22AF8E8DB77CC3F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3135362e3230352e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 28 Aug 2025 14:47:29 +0000
ROA not before: Thu 28 Aug 2025 14:42:29 +0000
ROA not after: Thu 27 Aug 2026 14:47:29 +0000
asID: 136787
IP address blocks: 94.156.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 18:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:22:b0:0b:74:13:cb:c0:72:0b:cc:eb:e2:2a:f8:e8:db:77:cc:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 28 14:42:29 2025 GMT
Not After : Aug 27 14:47:29 2026 GMT
Subject: CN=D443D334EDCA7F533C86BADE8C005D4314D020F8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:80:46:69:d6:d9:5f:78:e6:f1:e7:3f:a4:7d:
0a:ed:c1:41:87:1f:86:77:1f:8b:83:28:dd:5c:9a:
fe:a1:9c:4d:54:1a:26:77:1e:20:bf:08:68:29:5c:
9a:70:27:c5:f8:75:93:06:bb:83:69:68:ab:15:f5:
e0:c0:98:9f:73:f1:f6:10:7f:fc:1e:da:e7:2d:1b:
fc:ac:2e:0d:68:a2:b2:42:48:c3:5b:b5:37:25:f8:
17:ac:9d:50:3e:e5:3e:df:7e:dd:50:b8:88:e8:35:
5b:a9:be:25:b8:22:ca:61:3b:10:07:d8:52:fe:65:
50:e1:34:c3:65:b4:db:b4:26:93:42:6e:c4:65:05:
80:f9:05:a7:5d:ac:1b:a3:55:99:bb:b8:b2:ea:d1:
3a:59:23:08:de:c1:7c:62:04:6e:57:bf:84:00:66:
6f:0e:13:06:1c:72:f8:91:af:79:d7:07:1c:70:f0:
33:2e:aa:6b:54:8c:4a:d8:87:f0:46:38:57:6e:c7:
21:dd:93:d8:a7:37:ff:2c:f3:8f:87:f0:84:b4:96:
00:58:7d:db:7e:14:6e:32:b0:9c:e6:51:46:07:1a:
f0:40:f9:b6:c7:b4:28:8a:5a:66:85:b9:45:d6:c1:
3c:c2:28:c1:7f:ac:fc:d3:9b:a5:0d:77:3e:c8:9c:
69:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:43:D3:34:ED:CA:7F:53:3C:86:BA:DE:8C:00:5D:43:14:D0:20:F8
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3135362e3230352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.156.205.0/24
Signature Algorithm: sha256WithRSAEncryption
88:4c:7f:2c:0e:16:ed:e7:9a:cd:79:7c:bb:05:73:1f:25:c5:
16:42:4f:42:68:76:21:03:c0:ee:39:d0:73:00:f9:f6:78:36:
36:13:2d:8e:b4:c2:49:0a:6f:f0:f9:e0:f4:7b:9b:0a:13:52:
e3:d0:68:6a:7a:20:4f:92:d2:5d:4d:2e:0d:ca:c7:b5:dc:a1:
ab:83:aa:5e:3a:2b:47:bb:65:ae:6f:6a:4f:5c:38:da:14:ab:
2e:84:1f:76:de:8d:bb:5f:40:6a:d3:fd:81:14:97:9d:76:cc:
0e:6c:0a:87:09:27:7c:d6:c3:54:b7:50:d5:07:4e:29:e9:41:
29:de:56:cb:3d:7d:22:5c:b1:42:69:17:8d:36:6f:f5:f4:44:
44:8b:5f:0b:25:d5:8e:b4:5c:f8:06:ae:aa:c7:5f:c8:d6:47:
c2:5e:69:df:01:d4:c9:76:fb:bb:8b:27:a8:f9:2d:02:46:4c:
fb:51:06:0e:94:17:26:5c:92:81:75:74:55:e2:1d:6d:eb:db:
81:5e:51:e5:5f:06:71:28:1e:23:98:6b:74:ca:2a:62:f3:58:
60:05:86:c5:8a:5c:2e:81:ad:86:6e:0d:e8:6c:2d:ac:ba:06:
61:98:1c:77:c5:66:6b:ad:f0:73:9d:d0:af:60:43:b7:42:f1:
97:91:bf:6c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUfiKwC3QTy8ByC8zr4ir46Nt3zD8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjgxNDQyMjlaFw0yNjA4MjcxNDQ3MjlaMDMxMTAvBgNV
BAMTKEQ0NDNEMzM0RURDQTdGNTMzQzg2QkFERThDMDA1RDQzMTREMDIwRjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtgEZp1tlfeObx5z+kfQrtwUGH
H4Z3H4uDKN1cmv6hnE1UGiZ3HiC/CGgpXJpwJ8X4dZMGu4NpaKsV9eDAmJ9z8fYQ
f/we2uctG/ysLg1oorJCSMNbtTcl+BesnVA+5T7fft1QuIjoNVupviW4IsphOxAH
2FL+ZVDhNMNltNu0JpNCbsRlBYD5BaddrBujVZm7uLLq0TpZIwjewXxiBG5Xv4QA
Zm8OEwYccviRr3nXBxxw8DMuqmtUjErYh/BGOFduxyHdk9inN/8s84+H8IS0lgBY
fdt+FG4ysJzmUUYHGvBA+bbHtCiKWmaFuUXWwTzCKMF/rPzTm6UNdz7InGlZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU1EPTNO3Kf1M8hrrejABdQxTQIPgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzkzNDJlMzEzNTM2MmUzMjMw
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABenM0wDQYJKoZIhvcNAQELBQADggEBAIhMfywOFu3nms15fLsFcx8lxRZCT0Jo
diEDwO450HMA+fZ4NjYTLY60wkkKb/D54PR7mwoTUuPQaGp6IE+S0l1NLg3Kx7Xc
oauDql46K0e7Za5vak9cONoUqy6EH3bejbtfQGrT/YEUl512zA5sCocJJ3zWw1S3
UNUHTinpQSneVss9fSJcsUJpF402b/X0RESLXwsl1Y60XPgGrqrHX8jWR8Jead8B
1Ml2+7uLJ6j5LQJGTPtRBg6UFyZckoF1dFXiHW3r24FeUeVfBnEoHiOYa3TKKmLz
WGAFhsWKXC6BrYZuDehsLay6BmGYHHfFZmut8HOd0K9gQ7dC8ZeRv2w=
-----END CERTIFICATE-----
Generated at Mon Sep 8 08:52:00 2025 by rpki-client