Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139372e302f32342d3234203d3e203432383331.roa
File: 3139342e33312e3139372e302f32342d3234203d3e203432383331.roa (raw, json)
Hash identifier: KMAsq44hIBrFB+eRrhhDssa2B+eAZmGDL1feRYL/R5o=
Subject key identifier: 1B:A3:91:80:F3:41:12:07:56:65:F5:3F:C6:C7:F5:29:0D:44:1C:77
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 15622393380DD9F7B3243053D3BC82664BF337EE
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139372e302f32342d3234203d3e203432383331.roa
Signing time: Fri 22 Aug 2025 11:54:13 +0000
ROA not before: Fri 22 Aug 2025 11:49:13 +0000
ROA not after: Fri 21 Aug 2026 11:54:13 +0000
asID: 42831
IP address blocks: 194.31.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:62:23:93:38:0d:d9:f7:b3:24:30:53:d3:bc:82:66:4b:f3:37:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Aug 22 11:49:13 2025 GMT
Not After : Aug 21 11:54:13 2026 GMT
Subject: CN=1BA39180F34112075665F53FC6C7F5290D441C77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:28:83:da:12:9c:dd:07:8d:60:66:e7:b7:45:
72:98:bd:2f:44:cc:bb:51:a8:e9:c3:c5:54:3c:a3:
04:b6:44:c1:b2:ed:28:9a:9c:a2:6e:33:4d:c8:ea:
2e:eb:27:85:2c:a2:68:2b:58:47:39:de:57:85:bd:
d4:44:a1:9a:20:15:ec:32:6b:cf:a3:00:e9:6f:3e:
b5:83:04:b5:c6:8d:4e:58:e6:e6:b1:40:84:de:9f:
59:12:fa:ad:0c:8f:69:3c:e7:89:bb:c6:9b:f0:a8:
95:b2:3c:3c:70:01:52:52:00:56:ba:76:62:a0:f2:
ec:0c:53:c7:3f:a6:04:d8:3f:bd:78:d5:37:6d:cc:
98:d8:f5:db:95:ed:2d:30:ab:18:9d:45:d8:7a:0a:
90:98:f8:46:38:3e:a5:20:ff:d2:81:27:89:99:ec:
cf:fa:f3:ce:4a:37:b7:64:87:2b:17:f0:9c:b1:5b:
40:f6:88:2a:93:d2:14:6d:a1:a7:08:ee:3f:a2:64:
fb:ea:6e:22:c9:f8:98:5d:e0:53:3d:f0:e4:5d:11:
64:d0:5a:3b:17:57:69:ca:d8:2c:21:4a:c0:d1:33:
3a:77:a8:f5:6a:b1:d8:bf:d5:37:2f:c5:c6:43:31:
ac:b6:5b:fb:7b:e6:8f:d7:52:c4:85:d6:00:a8:d4:
f1:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:A3:91:80:F3:41:12:07:56:65:F5:3F:C6:C7:F5:29:0D:44:1C:77
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139372e302f32342d3234203d3e203432383331.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.197.0/24
Signature Algorithm: sha256WithRSAEncryption
11:4e:94:c3:ba:ac:f2:75:0a:e5:11:9e:ba:83:c5:b0:92:1d:
1f:f2:4a:e3:7b:08:75:a8:14:39:4c:27:4d:be:9b:0f:76:d1:
04:71:4d:03:f5:e6:1d:69:7e:ba:24:b8:1f:1e:11:bc:e1:52:
aa:cf:4d:2b:be:ff:45:3f:f9:3e:b6:65:ec:30:33:77:b4:48:
1d:75:42:c2:59:1e:81:5f:04:50:4e:e3:15:b6:87:27:7f:50:
9f:ed:e6:f5:18:ea:e2:b7:1a:c4:56:8a:9b:d9:f2:cf:23:c6:
52:5a:bd:54:e9:84:dd:35:3c:e3:74:36:df:7b:cf:e9:c6:56:
dc:a6:77:e8:91:b9:d7:e4:24:71:87:9a:ea:ec:17:04:d3:46:
1f:de:1a:1c:3f:af:fc:0c:cc:86:24:d4:8d:b4:bf:88:86:86:
b3:03:b9:67:58:c2:c8:2a:e2:8f:ee:ff:90:b2:7d:97:47:7c:
c9:47:05:ad:72:c2:35:47:7a:b6:dd:d2:08:e4:cf:f9:62:97:
a1:d0:e8:7b:96:f4:a1:b7:c3:f8:7c:12:64:af:97:55:b9:81:
93:87:d0:c9:de:c5:7c:b3:d2:18:43:d0:86:24:29:c3:ac:54:
dd:54:a5:28:37:31:e5:8e:73:3d:32:0d:b8:e7:ae:44:14:54:
d5:99:c5:00
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUFWIjkzgN2fezJDBT07yCZkvzN+4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNTA4MjIxMTQ5MTNaFw0yNjA4MjExMTU0MTNaMDMxMTAvBgNV
BAMTKDFCQTM5MTgwRjM0MTEyMDc1NjY1RjUzRkM2QzdGNTI5MEQ0NDFDNzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeKIPaEpzdB41gZue3RXKYvS9E
zLtRqOnDxVQ8owS2RMGy7SianKJuM03I6i7rJ4UsomgrWEc53leFvdREoZogFewy
a8+jAOlvPrWDBLXGjU5Y5uaxQITen1kS+q0Mj2k854m7xpvwqJWyPDxwAVJSAFa6
dmKg8uwMU8c/pgTYP7141TdtzJjY9duV7S0wqxidRdh6CpCY+EY4PqUg/9KBJ4mZ
7M/6885KN7dkhysX8JyxW0D2iCqT0hRtoacI7j+iZPvqbiLJ+Jhd4FM98ORdEWTQ
WjsXV2nK2CwhSsDRMzp3qPVqsdi/1TcvxcZDMay2W/t75o/XUsSF1gCo1PH7AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUG6ORgPNBEgdWZfU/xsf1KQ1EHHcwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzEzOTM0MmUzMzMxMmUzMTM5
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMyMzgzMzMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wh/FMA0GCSqGSIb3DQEBCwUAA4IBAQARTpTDuqzydQrlEZ66g8Wwkh0f8krjewh1
qBQ5TCdNvpsPdtEEcU0D9eYdaX66JLgfHhG84VKqz00rvv9FP/k+tmXsMDN3tEgd
dULCWR6BXwRQTuMVtocnf1Cf7eb1GOritxrEVoqb2fLPI8ZSWr1U6YTdNTzjdDbf
e8/pxlbcpnfokbnX5CRxh5rq7BcE00Yf3hocP6/8DMyGJNSNtL+IhoazA7lnWMLI
KuKP7v+Qsn2XR3zJRwWtcsI1R3q23dII5M/5Ypeh0Oh7lvSht8P4fBJkr5dVuYGT
h9DJ3sV8s9IYQ9CGJCnDrFTdVKUoNzHljnM9Mg24565EFFTVmcUA
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:47:54 2025 by rpki-client