Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3139342e32362e32312e302f32342d3234203d3e20343031383338.roa
File: 3139342e32362e32312e302f32342d3234203d3e20343031383338.roa (raw, json)
Hash identifier: W6OrrdK1OeSj0zhiikePRhbHjS9VOD7qyg5G4TQyO4k=
Subject key identifier: 68:DD:79:22:5F:47:4C:22:C1:2F:58:2A:E2:45:7A:04:0A:DE:84:80
Certificate issuer: /CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Certificate serial: 0BC87481A220BD52CACE88254CA30E462CD3A5C8
Authority key identifier: 45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3139342e32362e32312e302f32342d3234203d3e20343031383338.roa
Signing time: Wed 13 Aug 2025 05:14:20 +0000
ROA not before: Wed 13 Aug 2025 05:09:20 +0000
ROA not after: Wed 12 Aug 2026 05:14:20 +0000
asID: 401838
IP address blocks: 194.26.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Aug 2025 22:50:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:c8:74:81:a2:20:bd:52:ca:ce:88:25:4c:a3:0e:46:2c:d3:a5:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Validity
Not Before: Aug 13 05:09:20 2025 GMT
Not After : Aug 12 05:14:20 2026 GMT
Subject: CN=68DD79225F474C22C12F582AE2457A040ADE8480
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:14:5a:ab:45:83:dd:a7:07:83:06:6e:42:e1:
d5:89:24:2b:ed:25:ce:a2:fb:fa:49:79:de:90:25:
e6:86:46:30:67:46:17:f2:da:dc:22:45:9b:dc:8e:
27:80:98:62:04:ec:42:64:d0:87:2d:34:23:e5:ed:
10:d2:fc:4d:7b:9c:34:f5:96:77:8b:4f:30:6e:fe:
04:26:d7:93:55:e9:d3:56:02:e3:2e:c3:ae:82:99:
bb:42:5d:42:e5:24:31:dc:ec:10:d8:8d:e8:ff:9a:
76:56:9c:b5:cd:51:b0:04:d7:c7:61:e4:06:58:81:
42:fd:b5:9a:8d:52:03:e9:fe:46:99:7a:63:8d:3f:
45:a8:ab:ac:bd:16:4e:ad:a6:ab:c7:d7:e6:00:03:
f4:69:3d:01:91:9a:c0:e5:4e:65:be:20:53:c0:3b:
a6:61:a8:b2:0c:cd:ef:ec:93:c7:58:1d:86:b6:c9:
ec:6f:ee:0b:8e:1b:e7:ae:21:fb:c9:e6:48:f4:a5:
92:1b:ea:2b:bf:46:a2:ed:c9:fd:bf:84:66:19:be:
ba:77:2a:2c:b8:86:62:b8:14:31:21:0b:10:62:b6:
bb:96:e4:33:df:b2:30:ca:e1:a2:7d:a0:71:d6:bb:
4e:2c:17:c7:ab:c3:42:31:0b:85:f7:97:d8:27:bb:
86:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:DD:79:22:5F:47:4C:22:C1:2F:58:2A:E2:45:7A:04:0A:DE:84:80
X509v3 Authority Key Identifier:
keyid:45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3139342e32362e32312e302f32342d3234203d3e20343031383338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.26.21.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:72:f4:18:1b:07:6c:89:66:e5:fa:93:e6:0d:d3:d7:9f:b0:
17:1e:96:fd:69:8c:5b:28:7d:1d:5e:b1:e9:8c:cb:e0:e8:0c:
d0:85:f4:1c:53:84:f8:d0:84:04:91:a1:d7:c5:23:5e:cb:1d:
8a:87:43:da:f0:0d:d7:9e:2d:ab:e7:a8:bf:4a:f2:0c:87:4c:
c1:5a:5c:52:78:2c:b7:29:ac:98:eb:55:50:d3:8f:92:52:3c:
54:04:58:6f:e5:c7:95:bc:86:99:31:5c:4b:ae:65:8f:97:ab:
23:b9:d7:4e:c8:6c:bc:80:23:f1:d8:d0:16:81:44:ac:fb:50:
bf:e4:f8:fe:7b:81:43:ac:57:38:8e:4e:14:bf:75:0f:7e:65:
a6:83:45:83:48:c1:93:d4:7c:4b:d3:9e:5d:29:cf:41:22:75:
b2:58:b6:bd:df:dd:ee:d3:6f:21:da:76:a9:83:ed:86:f7:23:
0d:ad:77:2a:75:40:05:48:e2:72:5f:a3:c2:99:dc:5f:2d:d6:
af:a0:57:76:c2:fd:58:60:fa:8b:09:cc:e2:c2:c8:ac:0b:06:
ba:f6:b8:4a:e0:f3:7f:55:6c:38:bb:57:cf:0a:93:80:58:bb:
7b:0e:06:86:3b:16:42:8f:24:e7:c3:4d:c7:e3:69:04:d2:ed:
2a:89:51:71
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUC8h0gaIgvVLKzoglTKMORizTpcgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDVlODY0OGU0NDVkY2NkMGQ4ZWU2OTlmNTE0MGJiODE0
ZTQzYWUxYjAeFw0yNTA4MTMwNTA5MjBaFw0yNjA4MTIwNTE0MjBaMDMxMTAvBgNV
BAMTKDY4REQ3OTIyNUY0NzRDMjJDMTJGNTgyQUUyNDU3QTA0MEFERTg0ODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtFFqrRYPdpweDBm5C4dWJJCvt
Jc6i+/pJed6QJeaGRjBnRhfy2twiRZvcjieAmGIE7EJk0IctNCPl7RDS/E17nDT1
lneLTzBu/gQm15NV6dNWAuMuw66CmbtCXULlJDHc7BDYjej/mnZWnLXNUbAE18dh
5AZYgUL9tZqNUgPp/kaZemONP0Woq6y9Fk6tpqvH1+YAA/RpPQGRmsDlTmW+IFPA
O6ZhqLIMze/sk8dYHYa2yexv7guOG+euIfvJ5kj0pZIb6iu/RqLtyf2/hGYZvrp3
Kiy4hmK4FDEhCxBitruW5DPfsjDK4aJ9oHHWu04sF8erw0IxC4X3l9gnu4bdAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUaN15Il9HTCLBL1gq4kV6BArehIAwHwYDVR0j
BBgwFoAURehkjkRdzNDY7mmfUUC7gU5DrhswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTMzYjJmZDctMzFjMS00NTFjLTgyODgtYzFhYTBhYTEy
NzUwLzAvNDVFODY0OEU0NDVEQ0NEMEQ4RUU2OTlGNTE0MEJCODE0RTQzQUUxQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JlaGtqa1Jkek5EWTdtbWZVVUM3Z1U1
RHJocy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTMzYjJmZDct
MzFjMS00NTFjLTgyODgtYzFhYTBhYTEyNzUwLzAvMzEzOTM0MmUzMjM2MmUzMjMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMDMxMzgzMzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
whoVMA0GCSqGSIb3DQEBCwUAA4IBAQCPcvQYGwdsiWbl+pPmDdPXn7AXHpb9aYxb
KH0dXrHpjMvg6AzQhfQcU4T40IQEkaHXxSNeyx2Kh0Pa8A3Xni2r56i/SvIMh0zB
WlxSeCy3KayY61VQ04+SUjxUBFhv5ceVvIaZMVxLrmWPl6sjuddOyGy8gCPx2NAW
gUSs+1C/5Pj+e4FDrFc4jk4Uv3UPfmWmg0WDSMGT1HxL055dKc9BInWyWLa9393u
028h2napg+2G9yMNrXcqdUAFSOJyX6PCmdxfLdavoFd2wv1YYPqLCcziwsisCwa6
9rhK4PN/VWw4u1fPCpOAWLt7DgaGOxZCjyTnw03H42kE0u0qiVFx
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:42:12 2025 by rpki-client