Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e3135302e3231302e302f32342d3234203d3e203239383032.roa
File: 3139342e3135302e3231302e302f32342d3234203d3e203239383032.roa (raw, json)
Hash identifier: xnxtrVEJ4jgTieKiLVrLmXgwS+MhKUeM+dBkJGGi38c=
Subject key identifier: 89:16:FD:D4:F5:65:A7:C0:51:A6:1D:DA:73:15:94:BA:48:0F:28:A6
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 3DA39AA2F371FDA9ACE50C294A7256621317A20A
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e3135302e3231302e302f32342d3234203d3e203239383032.roa
Signing time: Fri 19 Sep 2025 11:55:07 +0000
ROA not before: Fri 19 Sep 2025 11:50:07 +0000
ROA not after: Fri 18 Sep 2026 11:55:07 +0000
asID: 29802
IP address blocks: 194.150.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.mft
rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 04:18:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:a3:9a:a2:f3:71:fd:a9:ac:e5:0c:29:4a:72:56:62:13:17:a2:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Sep 19 11:50:07 2025 GMT
Not After : Sep 18 11:55:07 2026 GMT
Subject: CN=8916FDD4F565A7C051A61DDA731594BA480F28A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e7:01:1a:dd:5d:7f:a9:49:02:6a:50:f4:b0:
fd:69:5a:0c:f5:3d:ca:23:40:e8:cd:fc:c6:78:85:
02:01:0d:b6:11:2d:e0:68:c2:4d:b8:73:7d:45:a5:
40:bb:5d:82:d0:4b:2c:ab:3d:c7:ee:02:0d:69:48:
d2:5c:9a:ac:3f:f2:3c:23:03:5a:a4:b1:dc:66:e4:
d9:66:53:c6:2a:83:ca:d9:a2:01:15:4c:de:82:23:
08:ea:ac:5a:b2:e1:4a:8d:20:80:b0:f8:99:7a:f7:
40:b4:55:ae:c6:56:2f:7a:2e:ec:84:f2:cc:0f:c0:
e2:6c:b9:fe:05:cd:5e:40:13:dc:47:e4:08:ba:a3:
29:85:3a:48:c0:54:59:d5:1a:4a:83:e4:93:5d:84:
d5:0e:9b:70:e0:3a:40:b0:cf:02:a0:02:5e:f8:6c:
36:8e:da:3f:1b:d6:e7:93:d9:d3:f1:be:76:c7:23:
a1:a9:07:4e:2e:b3:c1:82:a9:53:a4:41:8d:1e:08:
25:db:db:71:cf:44:47:02:b7:bf:13:2d:17:a6:cb:
3b:37:9d:04:34:84:7a:1f:15:ef:b2:2a:bb:f3:36:
f0:e2:1a:2f:5b:b9:31:37:7a:f8:b9:02:2b:3b:d1:
dc:05:b6:ed:3c:5b:e4:fb:83:45:04:46:20:ec:41:
c7:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:16:FD:D4:F5:65:A7:C0:51:A6:1D:DA:73:15:94:BA:48:0F:28:A6
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e3135302e3231302e302f32342d3234203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.150.210.0/24
Signature Algorithm: sha256WithRSAEncryption
91:c4:97:ee:31:0f:be:ef:b4:cd:b6:84:18:b1:58:42:fd:37:
b1:89:9a:f2:90:60:c8:ad:60:af:54:bb:65:85:ca:a9:25:94:
ad:ce:27:f7:73:8a:54:4c:60:57:cb:c5:35:b8:a8:15:9e:b4:
35:18:12:54:6c:c2:a1:c8:85:02:4b:8f:75:c5:3a:ce:0e:5f:
63:25:b5:67:b5:32:7f:d9:24:66:01:e5:da:55:41:34:44:d5:
ee:ec:e0:23:37:e3:96:5e:5a:3a:f2:1b:fc:5a:2f:9f:37:94:
c9:7a:12:28:2f:2b:ed:16:db:d6:95:75:f3:c9:fe:eb:19:d0:
a0:6e:1a:7f:49:fe:20:fd:47:39:03:d3:c3:05:bd:22:19:e2:
af:79:89:39:3b:6f:a1:bc:af:71:ad:d6:5b:8b:9f:85:e5:15:
dd:51:8a:e0:6a:75:59:84:e0:41:d4:31:70:29:79:88:66:67:
04:10:cf:bc:39:c3:a7:87:ab:df:74:0e:8b:0b:63:b0:a8:26:
79:74:f7:74:07:31:22:e1:61:b2:dc:b1:09:e1:11:df:82:f5:
c0:1a:67:6a:de:6d:ff:c1:86:d5:55:a2:d6:ab:47:ce:14:9a:
ed:a1:9f:1f:a6:27:2f:f1:c9:a5:7d:a6:47:ec:17:a4:36:f2:
e8:a4:f7:22
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUPaOaovNx/ams5QwpSnJWYhMXogowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNTA5MTkxMTUwMDdaFw0yNjA5MTgxMTU1MDdaMDMxMTAvBgNV
BAMTKDg5MTZGREQ0RjU2NUE3QzA1MUE2MUREQTczMTU5NEJBNDgwRjI4QTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCi5wEa3V1/qUkCalD0sP1pWgz1
PcojQOjN/MZ4hQIBDbYRLeBowk24c31FpUC7XYLQSyyrPcfuAg1pSNJcmqw/8jwj
A1qksdxm5NlmU8Yqg8rZogEVTN6CIwjqrFqy4UqNIICw+Jl690C0Va7GVi96LuyE
8swPwOJsuf4FzV5AE9xH5Ai6oymFOkjAVFnVGkqD5JNdhNUOm3DgOkCwzwKgAl74
bDaO2j8b1ueT2dPxvnbHI6GpB04us8GCqVOkQY0eCCXb23HPREcCt78TLRemyzs3
nQQ0hHofFe+yKrvzNvDiGi9buTE3evi5Ais70dwFtu08W+T7g0UERiDsQcdhAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUiRb91PVlp8BRph3acxWUukgPKKYwHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzEzOTM0MmUzMTM1MzAyZTMy
MzEzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzkzODMwMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCltIwDQYJKoZIhvcNAQELBQADggEBAJHEl+4xD77vtM22hBixWEL9N7GJmvKQ
YMitYK9Uu2WFyqkllK3OJ/dzilRMYFfLxTW4qBWetDUYElRswqHIhQJLj3XFOs4O
X2MltWe1Mn/ZJGYB5dpVQTRE1e7s4CM345ZeWjryG/xaL583lMl6EigvK+0W29aV
dfPJ/usZ0KBuGn9J/iD9RzkD08MFvSIZ4q95iTk7b6G8r3Gt1luLn4XlFd1RiuBq
dVmE4EHUMXApeYhmZwQQz7w5w6eHq990DosLY7CoJnl093QHMSLhYbLcsQnhEd+C
9cAaZ2rebf/BhtVVotarR84Umu2hnx+mJy/xyaV9pkfsF6Q28uik9yI=
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:00:55 2025 by rpki-client