Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3233312e302f32342d3234203d3e203135343430.roa
File: 38352e3230392e3233312e302f32342d3234203d3e203135343430.roa (raw, json)
Hash identifier: 5P7OofszcYzyRXLoqtlNETBM0YQubML8godGGz1Zc2U=
Subject key identifier: 70:4F:99:5E:5B:32:7D:93:86:BD:78:BC:4E:5D:8C:AD:5D:B7:CC:D2
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 11575139A90B45B39FBDA2A018890C9B95FAAA59
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3233312e302f32342d3234203d3e203135343430.roa
Signing time: Sat 20 Sep 2025 13:55:07 +0000
ROA not before: Sat 20 Sep 2025 13:50:07 +0000
ROA not after: Sat 19 Sep 2026 13:55:07 +0000
asID: 15440
IP address blocks: 85.209.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:57:51:39:a9:0b:45:b3:9f:bd:a2:a0:18:89:0c:9b:95:fa:aa:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Sep 20 13:50:07 2025 GMT
Not After : Sep 19 13:55:07 2026 GMT
Subject: CN=704F995E5B327D9386BD78BC4E5D8CAD5DB7CCD2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d6:04:2d:61:2f:13:b2:bc:74:f3:d2:10:78:
9d:da:d9:6e:c2:22:00:3a:79:3a:e3:a9:98:74:12:
12:bf:b6:71:1d:47:9d:c1:75:2e:54:14:04:6e:b9:
6e:f4:83:28:48:fd:07:20:26:5d:42:98:35:b6:71:
72:03:02:8a:a0:d1:27:8e:ec:9a:cd:aa:c0:d6:38:
63:90:02:1a:1b:f7:fe:91:55:2e:79:56:93:5b:92:
d5:97:82:2f:7c:8c:7e:26:2a:44:d9:d5:70:48:72:
32:4a:29:ef:f8:5c:0a:62:45:74:2f:c5:c1:b2:4e:
bf:48:15:af:05:d7:0d:a0:f9:3b:3c:31:f8:df:8e:
9c:00:46:49:bf:59:36:13:58:4d:a6:85:6d:6d:d0:
e5:92:4d:a9:1a:ba:a3:78:8c:15:d4:36:ab:80:e9:
f4:9b:99:ca:ea:35:f1:b0:a0:db:d4:56:a1:36:3c:
2b:90:11:cf:10:6f:3e:31:e5:3f:da:55:80:53:b2:
97:52:33:8d:3a:6b:7c:bb:6c:c4:15:6c:69:81:07:
a3:51:13:13:fc:a0:f3:36:af:f0:81:a8:3b:1e:f1:
3b:79:ce:f5:e4:db:82:a0:a9:e0:33:19:e1:5d:9c:
b1:55:5f:e1:c2:98:cc:0a:e5:e0:c3:6a:48:81:64:
43:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:4F:99:5E:5B:32:7D:93:86:BD:78:BC:4E:5D:8C:AD:5D:B7:CC:D2
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3233312e302f32342d3234203d3e203135343430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.231.0/24
Signature Algorithm: sha256WithRSAEncryption
42:1d:cd:70:73:6d:70:46:a3:ca:c9:8c:eb:f1:91:1e:48:1d:
9a:db:34:63:d1:04:9b:19:87:7a:4e:66:26:72:d7:90:54:e4:
d9:11:1d:bc:4e:79:d9:bf:c6:e5:c6:c8:63:6d:66:67:a2:a3:
48:6e:18:80:3f:b6:7b:ee:c7:d5:7e:d4:5a:a5:b1:8f:38:77:
1e:5c:4d:74:69:92:f1:28:3f:97:b5:73:bc:f3:a9:27:1f:74:
0d:0c:bc:e6:49:32:ac:af:9a:e9:e0:85:b2:6d:51:97:a5:ff:
ad:e4:40:f9:60:0e:56:b2:75:6d:be:52:c3:29:3d:ff:ac:c9:
3d:11:4e:c6:69:57:e0:69:76:a3:3d:6b:c5:4b:d1:c6:3d:85:
69:d1:d9:9a:4f:02:62:12:af:92:be:0e:52:04:d0:89:7d:7f:
2e:92:63:9c:04:43:2e:eb:2b:92:db:03:8e:c8:a6:2e:06:1b:
b8:e3:74:71:5f:85:22:b5:3e:00:80:69:ce:d7:54:f0:2d:43:
e4:77:91:f3:b4:03:a6:54:b9:03:b2:9c:ef:5b:2d:e1:0a:aa:
95:b0:c9:4b:e7:69:d0:53:57:a2:80:70:3c:d0:64:b3:0a:c9:
9e:1f:d2:4d:d4:81:5a:a9:44:fc:0c:08:e0:f4:aa:8c:31:2c:
c9:60:56:90
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUEVdROakLRbOfvaKgGIkMm5X6qlkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNTA5MjAxMzUwMDdaFw0yNjA5MTkxMzU1MDdaMDMxMTAvBgNV
BAMTKDcwNEY5OTVFNUIzMjdEOTM4NkJENzhCQzRFNUQ4Q0FENURCN0NDRDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM1gQtYS8Tsrx089IQeJ3a2W7C
IgA6eTrjqZh0EhK/tnEdR53BdS5UFARuuW70gyhI/QcgJl1CmDW2cXIDAoqg0SeO
7JrNqsDWOGOQAhob9/6RVS55VpNbktWXgi98jH4mKkTZ1XBIcjJKKe/4XApiRXQv
xcGyTr9IFa8F1w2g+Ts8MfjfjpwARkm/WTYTWE2mhW1t0OWSTakauqN4jBXUNquA
6fSbmcrqNfGwoNvUVqE2PCuQEc8Qbz4x5T/aVYBTspdSM406a3y7bMQVbGmBB6NR
ExP8oPM2r/CBqDse8Tt5zvXk24KgqeAzGeFdnLFVX+HCmMwK5eDDakiBZENVAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUcE+ZXlsyfZOGvXi8Tl2MrV23zNIwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzgzNTJlMzIzMDM5MmUzMjMz
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM1MzQzNDMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
VdHnMA0GCSqGSIb3DQEBCwUAA4IBAQBCHc1wc21wRqPKyYzr8ZEeSB2a2zRj0QSb
GYd6TmYmcteQVOTZER28TnnZv8blxshjbWZnoqNIbhiAP7Z77sfVftRapbGPOHce
XE10aZLxKD+XtXO886knH3QNDLzmSTKsr5rp4IWybVGXpf+t5ED5YA5WsnVtvlLD
KT3/rMk9EU7GaVfgaXajPWvFS9HGPYVp0dmaTwJiEq+Svg5SBNCJfX8ukmOcBEMu
6yuS2wOOyKYuBhu443RxX4UitT4AgGnO11TwLUPkd5HztAOmVLkDspzvWy3hCqqV
sMlL52nQU1eigHA80GSzCsmeH9JN1IFaqUT8DAjg9KqMMSzJYFaQ
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:20:29 2025 by rpki-client