Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3130392e3233342e3231342e302f32342d3234203d3e203433363431.roa
File: 3130392e3233342e3231342e302f32342d3234203d3e203433363431.roa (raw, json)
Hash identifier: 6BGcWOFPHM6AYGamfRs+s+1VsWvQIYZ1oxiJHAvfJjg=
Subject key identifier: A1:A2:AE:81:20:3F:C2:74:CB:AB:68:92:DA:DA:F1:0C:06:C4:10:AF
Certificate issuer: /CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Certificate serial: 1B0F1107384F7E91533E7E2ADAF5F6D9D76B1D2C
Authority key identifier: F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3130392e3233342e3231342e302f32342d3234203d3e203433363431.roa
Signing time: Thu 14 Aug 2025 13:30:24 +0000
ROA not before: Thu 14 Aug 2025 13:25:24 +0000
ROA not after: Thu 13 Aug 2026 13:30:24 +0000
asID: 43641
IP address blocks: 109.234.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.mft
rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:0f:11:07:38:4f:7e:91:53:3e:7e:2a:da:f5:f6:d9:d7:6b:1d:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Validity
Not Before: Aug 14 13:25:24 2025 GMT
Not After : Aug 13 13:30:24 2026 GMT
Subject: CN=A1A2AE81203FC274CBAB6892DADAF10C06C410AF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:47:9b:3f:31:00:26:14:1f:25:63:e6:a6:d2:
72:4e:f5:d2:07:cf:95:30:8f:48:bc:91:3f:00:ef:
9f:e2:74:4f:6d:80:62:3f:a7:1a:75:87:b7:32:7d:
55:9c:ec:96:5c:6c:ab:90:1e:b1:be:94:27:f9:7c:
ee:40:41:70:b0:41:a9:1c:fd:a4:38:87:9d:e1:4d:
6e:f0:7b:50:17:c9:a7:ab:7e:af:c5:82:14:3a:ca:
54:0a:ee:57:b9:99:0f:4a:1e:7f:ef:e1:a1:31:9d:
79:10:39:99:65:f4:7a:e0:42:55:d0:81:66:79:c1:
fb:55:6e:d0:b7:9c:ec:98:31:b6:35:e2:00:9a:4a:
07:62:34:0f:86:4b:2c:8f:a0:86:c5:31:6e:cc:0a:
63:0f:4b:72:6d:9e:55:45:af:f1:55:49:38:03:fc:
83:31:4d:5a:87:83:57:1e:e8:db:02:b1:f2:54:a1:
74:7f:93:af:cc:04:dd:e5:a6:59:14:e9:51:4e:b2:
7c:44:c9:30:2c:69:f6:84:73:b4:9f:9d:29:95:70:
06:61:62:80:43:69:d0:10:51:d7:cd:bc:0b:0d:12:
fb:7b:d6:a5:a5:7d:30:29:2d:25:31:65:d4:5c:a0:
20:ac:4a:bf:a8:8e:a3:ed:35:d6:19:75:80:98:18:
40:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:A2:AE:81:20:3F:C2:74:CB:AB:68:92:DA:DA:F1:0C:06:C4:10:AF
X509v3 Authority Key Identifier:
keyid:F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3130392e3233342e3231342e302f32342d3234203d3e203433363431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.234.214.0/24
Signature Algorithm: sha256WithRSAEncryption
15:74:6b:94:c9:58:67:0d:dd:d0:d2:a2:6f:09:ed:fe:8c:6e:
f7:15:46:f6:88:e6:c9:d5:29:e4:be:ca:f9:ef:63:ec:a3:ba:
82:fe:99:c8:38:7e:db:e0:15:fd:8e:59:37:f1:9e:21:7a:30:
a0:9d:23:f3:bc:2b:a4:05:ee:a9:ba:e9:a9:ed:49:29:e9:b8:
4a:56:f6:ff:d5:06:a3:8b:81:2c:2d:65:5c:6a:36:85:93:26:
2c:01:0f:b2:5b:42:09:a1:2c:58:cb:07:5f:75:89:ec:a5:c9:
0c:35:6a:85:80:31:8c:ce:ca:81:90:c5:70:db:e2:04:b6:6d:
d8:9f:68:01:65:7c:d9:fc:71:8e:92:e4:b2:d2:81:c7:8d:db:
b3:bc:76:5d:36:60:e4:9c:37:ed:db:de:cd:7f:e9:8e:f3:5d:
97:fc:30:7b:73:d9:96:c4:56:7a:19:d2:39:0e:08:fa:26:99:
ab:05:5f:45:73:75:9a:b5:99:49:5c:a5:9f:33:b3:30:ee:88:
5e:98:fc:79:f4:b2:8a:a9:e7:2a:e1:5e:72:53:c4:d9:ce:27:
11:d6:9a:d3:07:76:00:9e:8d:83:84:b9:fc:b2:fe:86:0e:b8:
f7:65:bb:df:fd:1f:05:fe:5b:8c:9d:94:cd:97:b6:58:4e:33:
94:69:3e:22
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUGw8RBzhPfpFTPn4q2vX22ddrHSwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjc2OGZmNmU2ODE4NThjMGVjMTlmM2E5M2ZhMTc5MmNk
MTZjZWVkMzAeFw0yNTA4MTQxMzI1MjRaFw0yNjA4MTMxMzMwMjRaMDMxMTAvBgNV
BAMTKEExQTJBRTgxMjAzRkMyNzRDQkFCNjg5MkRBREFGMTBDMDZDNDEwQUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyR5s/MQAmFB8lY+am0nJO9dIH
z5Uwj0i8kT8A75/idE9tgGI/pxp1h7cyfVWc7JZcbKuQHrG+lCf5fO5AQXCwQakc
/aQ4h53hTW7we1AXyaerfq/FghQ6ylQK7le5mQ9KHn/v4aExnXkQOZll9HrgQlXQ
gWZ5wftVbtC3nOyYMbY14gCaSgdiNA+GSyyPoIbFMW7MCmMPS3JtnlVFr/FVSTgD
/IMxTVqHg1ce6NsCsfJUoXR/k6/MBN3lplkU6VFOsnxEyTAsafaEc7SfnSmVcAZh
YoBDadAQUdfNvAsNEvt71qWlfTApLSUxZdRcoCCsSr+ojqPtNdYZdYCYGEArAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUoaKugSA/wnTLq2iS2trxDAbEEK8wHwYDVR0j
BBgwFoAU92j/bmgYWMDsGfOpP6F5LNFs7tMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGNjMDg3MzctOTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0
NGVkLzAvRjc2OEZGNkU2ODE4NThDMEVDMTlGM0E5M0ZBMTc5MkNEMTZDRUVEMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkyal9ibWdZV01Ec0dmT3BQNkY1TE5G
czd0TS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGNjMDg3Mzct
OTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0NGVkLzAvMzEzMDM5MmUzMjMzMzQyZTMy
MzEzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzMzNjM0MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABt6tYwDQYJKoZIhvcNAQELBQADggEBABV0a5TJWGcN3dDSom8J7f6MbvcVRvaI
5snVKeS+yvnvY+yjuoL+mcg4ftvgFf2OWTfxniF6MKCdI/O8K6QF7qm66antSSnp
uEpW9v/VBqOLgSwtZVxqNoWTJiwBD7JbQgmhLFjLB191ieylyQw1aoWAMYzOyoGQ
xXDb4gS2bdifaAFlfNn8cY6S5LLSgceN27O8dl02YOScN+3b3s1/6Y7zXZf8MHtz
2ZbEVnoZ0jkOCPommasFX0VzdZq1mUlcpZ8zszDuiF6Y/Hn0soqp5yrhXnJTxNnO
JxHWmtMHdgCejYOEufyy/oYOuPdlu9/9HwX+W4ydlM2XtlhOM5RpPiI=
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:27:01 2025 by rpki-client