Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139362e302f32342d3234203d3e203230333236.roa
File: 3139332e3130392e3139362e302f32342d3234203d3e203230333236.roa (raw, json)
Hash identifier: 7RTNo0eEANdC0ASr1qgIOdN200YOiouWRQjs5/PhWEA=
Subject key identifier: 2B:D5:E1:45:16:FF:82:52:5A:BB:E4:55:A8:DD:4A:DD:81:57:E3:29
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 049E0FD148C98992C440D0725C7603E9358E53
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139362e302f32342d3234203d3e203230333236.roa
Signing time: Thu 02 Oct 2025 16:55:08 +0000
ROA not before: Thu 02 Oct 2025 16:50:08 +0000
ROA not after: Thu 01 Oct 2026 16:55:08 +0000
asID: 20326
IP address blocks: 193.109.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 16:03:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:9e:0f:d1:48:c9:89:92:c4:40:d0:72:5c:76:03:e9:35:8e:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Oct 2 16:50:08 2025 GMT
Not After : Oct 1 16:55:08 2026 GMT
Subject: CN=2BD5E14516FF82525ABBE455A8DD4ADD8157E329
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a5:6e:e4:69:1f:0d:53:80:27:e9:ec:7c:24:
d4:76:a7:10:a9:8b:16:a1:4a:46:11:81:23:48:7d:
38:e0:29:b4:cf:5f:58:9c:82:e5:1e:c7:ae:c7:88:
44:da:1e:e2:a2:1b:69:84:e6:1c:50:ee:e7:e5:d6:
26:a2:04:da:e4:54:7f:61:3c:8d:fe:d2:da:07:41:
38:20:1f:89:a3:9b:5d:6d:ac:8c:ff:81:75:22:5d:
79:52:09:30:ad:56:4d:97:df:b7:7f:8f:97:c9:1b:
d4:8e:04:d2:30:00:e8:5c:df:fe:4e:a4:a6:ba:ed:
b0:26:9c:5d:26:72:32:21:e6:a5:d9:15:d9:ea:15:
ef:fa:2c:de:f1:1e:1b:26:ef:80:13:82:c1:48:95:
72:ba:e0:d9:86:05:a6:63:83:7c:60:d9:74:50:78:
4c:d1:04:47:b1:fd:9b:d3:eb:63:34:61:13:0f:72:
89:74:af:a5:85:2f:3f:b0:c7:23:b4:d6:20:a1:60:
3f:5e:28:bb:d8:5e:9b:52:fb:e4:10:83:e5:f4:51:
72:e8:49:d2:ab:c2:0a:c3:9a:84:0c:72:a4:3f:6a:
31:96:2f:a2:29:9f:9e:e2:11:fc:5b:d2:bd:e9:fa:
95:f2:c7:27:2f:f6:5e:e4:30:76:22:f1:5b:c7:e9:
e1:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:D5:E1:45:16:FF:82:52:5A:BB:E4:55:A8:DD:4A:DD:81:57:E3:29
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139362e302f32342d3234203d3e203230333236.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.196.0/24
Signature Algorithm: sha256WithRSAEncryption
98:7d:29:b6:bd:bd:20:26:6a:88:ed:fe:d4:5e:07:b4:d5:00:
55:b7:05:09:11:a5:dd:ed:f6:f5:32:00:94:4f:02:b7:a7:44:
29:43:19:f6:67:69:41:f8:47:50:15:ee:37:23:6b:4c:28:03:
14:73:cb:81:37:c0:64:5f:a4:d1:df:f8:a2:d3:77:9f:5b:c6:
d4:02:01:34:3e:00:12:a7:b4:1e:d3:38:a3:ad:d5:79:52:62:
74:90:50:af:07:d7:83:5e:83:7c:b7:fe:a5:c1:c5:f7:d6:c8:
a1:89:7f:fa:df:f3:aa:6a:cf:33:cf:ac:5a:04:4e:42:ab:e2:
8d:e7:4e:5f:f1:9b:de:62:68:f9:67:c6:f1:fe:ec:19:dd:e2:
aa:7d:2d:70:bb:d3:50:53:85:bc:ed:64:c9:75:dd:5d:d4:49:
b3:10:57:99:08:eb:66:b5:21:76:d1:05:1a:0f:37:d8:b0:90:
6e:e2:b3:e6:29:47:07:5b:01:04:78:0a:3c:04:39:64:13:ca:
50:d7:a6:2a:4e:65:06:76:86:8f:15:fd:92:f3:60:18:2b:28:
e6:97:f6:49:67:5d:4c:5e:6d:9b:ee:2a:e5:97:23:af:76:bf:
86:a6:88:66:c3:f5:35:96:75:77:1e:94:0c:7b:22:6b:ef:0a:
55:e0:b4:2d
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgITBJ4P0UjJiZLEQNByXHYD6TWOUzANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyhkYzk0M2NjMmE3Y2RjMzc4YTM3NzAyNTczYmI0ZjgyMTE3
MGI1MzBkMB4XDTI1MTAwMjE2NTAwOFoXDTI2MTAwMTE2NTUwOFowMzExMC8GA1UE
AxMoMkJENUUxNDUxNkZGODI1MjVBQkJFNDU1QThERDRBREQ4MTU3RTMyOTCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALelbuRpHw1TgCfp7Hwk1HanEKmL
FqFKRhGBI0h9OOAptM9fWJyC5R7HrseIRNoe4qIbaYTmHFDu5+XWJqIE2uRUf2E8
jf7S2gdBOCAfiaObXW2sjP+BdSJdeVIJMK1WTZfft3+Pl8kb1I4E0jAA6Fzf/k6k
prrtsCacXSZyMiHmpdkV2eoV7/os3vEeGybvgBOCwUiVcrrg2YYFpmODfGDZdFB4
TNEER7H9m9PrYzRhEw9yiXSvpYUvP7DHI7TWIKFgP14ou9hem1L75BCD5fRRcuhJ
0qvCCsOahAxypD9qMZYvoimfnuIR/FvSven6lfLHJy/2XuQwdiLxW8fp4YcCAwEA
AaOCAj8wggI7MB0GA1UdDgQWBBQr1eFFFv+CUlq75FWo3UrdgVfjKTAfBgNVHSME
GDAWgBTclDzCp83DeKN3Alc7tPghFwtTDTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5u
ZXQvcmVwb3NpdG9yeS82YWIwNzIyZi02NGQ4LTRjYTktOTI2Ny00ZTUxNTQ0MzQx
MDEvMC9EQzk0M0NDMkE3Q0RDMzc4QTM3NzAyNTczQkI0RjgyMTE3MEI1MzBELmNy
bDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM0pROHdxZk53M2lqZHdKWE83VDRJUmNM
VXcwLmNlcjCBrwYIKwYBBQUHAQsEgaIwgZ8wgZwGCCsGAQUFBzALhoGPcnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS82YWIwNzIyZi02
NGQ4LTRjYTktOTI2Ny00ZTUxNTQ0MzQxMDEvMC8zMTM5MzMyZTMxMzAzOTJlMzEz
OTM2MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMzMzIzNi5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AMFtxDANBgkqhkiG9w0BAQsFAAOCAQEAmH0ptr29ICZqiO3+1F4HtNUAVbcFCRGl
3e329TIAlE8Ct6dEKUMZ9mdpQfhHUBXuNyNrTCgDFHPLgTfAZF+k0d/4otN3n1vG
1AIBND4AEqe0HtM4o63VeVJidJBQrwfXg16DfLf+pcHF99bIoYl/+t/zqmrPM8+s
WgROQqvijedOX/Gb3mJo+WfG8f7sGd3iqn0tcLvTUFOFvO1kyXXdXdRJsxBXmQjr
ZrUhdtEFGg832LCQbuKz5ilHB1sBBHgKPAQ5ZBPKUNemKk5lBnaGjxX9kvNgGCso
5pf2SWddTF5tm+4q5Zcjr3a/hqaIZsP1NZZ1dx6UDHsia+8KVeC0LQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:46:47 2025 by rpki-client