Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139392e302f32342d3234203d3e20323132323338.roa
File: 3139332e3130392e3139392e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: KE6HQnVlijzx69LSdH2YcEQvB0EbVtMHa3SlaaOjWXk=
Subject key identifier: 5D:4A:01:9F:67:BF:67:05:82:5F:86:C6:A2:24:1C:A1:D3:78:31:3B
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 686756566CB48A11038FE2898320DB14FB6ABA4D
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139392e302f32342d3234203d3e20323132323338.roa
Signing time: Tue 02 Sep 2025 11:18:59 +0000
ROA not before: Tue 02 Sep 2025 11:13:59 +0000
ROA not after: Tue 01 Sep 2026 11:18:59 +0000
asID: 212238
IP address blocks: 193.109.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:67:56:56:6c:b4:8a:11:03:8f:e2:89:83:20:db:14:fb:6a:ba:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Sep 2 11:13:59 2025 GMT
Not After : Sep 1 11:18:59 2026 GMT
Subject: CN=5D4A019F67BF6705825F86C6A2241CA1D378313B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a9:0e:33:d5:be:32:1e:84:d2:48:cb:55:f3:
02:53:19:8e:1e:24:f2:0a:a6:12:65:a8:cc:a4:51:
5d:b5:09:17:2c:64:ff:c2:ae:f7:14:fc:fd:da:dd:
82:e4:96:43:56:53:7f:ea:7a:68:f3:b2:33:4d:c3:
53:9e:f8:d2:59:bd:bc:a5:34:23:6c:5c:b4:4a:7d:
df:9c:9d:91:be:08:fb:04:9f:b3:e6:82:89:d2:cd:
d2:f0:3d:30:9b:85:b0:25:94:81:02:d9:d0:d0:16:
8a:69:25:12:6d:14:54:a4:bf:44:5b:3a:4b:ac:12:
63:e6:93:12:73:ed:8c:ca:53:d8:2a:b1:b4:6e:d9:
0f:62:d3:f2:14:7e:62:1d:77:b7:47:2a:ca:6e:c4:
5d:07:2f:9d:65:30:5a:26:f5:20:bf:1f:4b:21:a3:
73:4d:8b:c2:1d:74:b2:7d:5d:03:e7:f3:a0:3f:a9:
ea:3e:6e:1f:48:a0:49:31:bb:99:8d:a3:5e:fc:1c:
72:e6:79:1f:0d:fe:0b:d7:19:01:7c:6e:d9:6c:e0:
cb:be:b4:25:ad:99:df:16:14:ad:0a:d7:d9:66:32:
88:c2:5e:3b:37:ae:6a:9e:be:15:56:e0:9c:6a:1c:
40:a9:ae:61:01:76:f1:97:96:33:5e:db:03:ed:cf:
c2:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:4A:01:9F:67:BF:67:05:82:5F:86:C6:A2:24:1C:A1:D3:78:31:3B
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139392e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.199.0/24
Signature Algorithm: sha256WithRSAEncryption
37:b7:e0:37:3c:38:7f:02:c5:76:d9:68:73:b6:07:e8:c1:29:
80:36:6c:1a:6f:1f:92:08:05:b3:5d:ad:80:2c:5c:0d:91:17:
10:ec:20:f5:99:1a:70:73:73:4d:e1:9c:40:8e:68:73:f8:90:
4b:cc:d4:4b:c1:52:10:9e:e5:fe:96:ed:7d:31:74:b2:d9:99:
e7:17:6e:b0:b1:7e:45:71:9e:17:0f:4c:d8:49:f9:04:76:93:
db:6a:24:b2:fa:a2:0d:7f:a1:63:e9:39:c3:35:45:d4:2a:37:
0c:87:42:53:f6:e8:57:7c:32:4d:ae:6d:30:5e:df:ce:7c:94:
f0:f5:b4:9f:f0:6a:c4:59:9b:01:60:1c:1b:df:a9:6a:d8:cf:
e8:3c:73:09:95:79:b8:fe:cc:80:78:53:03:a6:1a:c6:4d:fb:
64:12:7e:43:bb:63:42:65:af:2a:6e:3f:b8:49:d6:6c:07:56:
de:9f:04:54:7d:2f:fd:e9:07:f2:ab:bb:7f:f1:9c:d2:8c:3f:
b9:70:ef:54:6b:78:25:1c:0e:d9:1e:fe:a4:1a:e6:16:c8:a7:
75:d2:e7:f3:1a:64:54:cf:ab:0d:c6:9f:91:ae:33:27:dc:cc:
01:64:e5:91:ed:3f:5c:69:94:6c:d7:4a:d5:d5:e0:d6:f8:02:
03:3d:a9:3b
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUaGdWVmy0ihEDj+KJgyDbFPtquk0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTA5MDIxMTEzNTlaFw0yNjA5MDExMTE4NTlaMDMxMTAvBgNV
BAMTKDVENEEwMTlGNjdCRjY3MDU4MjVGODZDNkEyMjQxQ0ExRDM3ODMxM0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCqQ4z1b4yHoTSSMtV8wJTGY4e
JPIKphJlqMykUV21CRcsZP/CrvcU/P3a3YLklkNWU3/qemjzsjNNw1Oe+NJZvbyl
NCNsXLRKfd+cnZG+CPsEn7PmgonSzdLwPTCbhbAllIEC2dDQFoppJRJtFFSkv0Rb
OkusEmPmkxJz7YzKU9gqsbRu2Q9i0/IUfmIdd7dHKspuxF0HL51lMFom9SC/H0sh
o3NNi8IddLJ9XQPn86A/qeo+bh9IoEkxu5mNo178HHLmeR8N/gvXGQF8btls4Mu+
tCWtmd8WFK0K19lmMojCXjs3rmqevhVW4JxqHECprmEBdvGXljNe2wPtz8IBAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUXUoBn2e/ZwWCX4bGoiQcodN4MTswHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzOTMzMmUzMTMwMzkyZTMx
MzkzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMyMzMzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMFtxzANBgkqhkiG9w0BAQsFAAOCAQEAN7fgNzw4fwLFdtloc7YH6MEpgDZs
Gm8fkggFs12tgCxcDZEXEOwg9ZkacHNzTeGcQI5oc/iQS8zUS8FSEJ7l/pbtfTF0
stmZ5xdusLF+RXGeFw9M2En5BHaT22oksvqiDX+hY+k5wzVF1Co3DIdCU/boV3wy
Ta5tMF7fznyU8PW0n/BqxFmbAWAcG9+patjP6DxzCZV5uP7MgHhTA6Yaxk37ZBJ+
Q7tjQmWvKm4/uEnWbAdW3p8EVH0v/ekH8qu7f/Gc0ow/uXDvVGt4JRwO2R7+pBrm
FsinddLn8xpkVM+rDcafka4zJ9zMAWTlke0/XGmUbNdK1dXg1vgCAz2pOw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:41:14 2025 by rpki-client