Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS205896.roa
File: AS205896.roa (raw, json)
Hash identifier: SWsjmWYfHJ90cmnTKEZ9JpzZyf3yGe0hK4BceJbYt8o=
Subject key identifier: B6:AE:E4:DB:B4:C8:98:19:74:8B:59:D0:40:AF:36:17:D9:4B:B0:86
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 6EFB2B0DE973A1A22F17BB8F2EC27B053E30EB16
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS205896.roa
Signing time: Mon 29 Sep 2025 09:21:29 +0000
ROA not before: Mon 29 Sep 2025 09:16:29 +0000
ROA not after: Mon 28 Sep 2026 09:21:29 +0000
asID: 205896
IP address blocks: 139.28.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 13:54:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:fb:2b:0d:e9:73:a1:a2:2f:17:bb:8f:2e:c2:7b:05:3e:30:eb:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Sep 29 09:16:29 2025 GMT
Not After : Sep 28 09:21:29 2026 GMT
Subject: CN=B6AEE4DBB4C89819748B59D040AF3617D94BB086
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:55:67:c5:d0:bc:0e:99:f5:01:2d:d1:53:fd:
b9:14:ed:e9:b6:1d:75:a4:98:b8:c0:0e:0b:6d:8d:
0e:6b:9e:6b:09:3d:8a:b0:ad:38:bb:bb:95:a2:a8:
f5:30:64:ba:2d:a4:a5:f4:8c:20:c4:2b:7a:23:b5:
53:84:f3:87:af:a0:f6:b3:f3:5a:8c:1b:46:48:ae:
7c:95:ff:90:49:d5:a9:b9:99:3b:06:99:b6:19:18:
fe:46:16:06:f4:34:f7:e7:50:24:64:5d:1a:28:1b:
50:91:39:b0:1a:d2:b8:fb:71:f1:d3:84:54:15:a8:
77:17:03:7f:19:aa:0b:ad:b6:ba:b8:32:d0:fb:03:
a1:27:7f:41:1c:76:a7:9d:fb:3a:54:5f:4b:19:ff:
4d:6c:64:0a:d3:aa:e3:3c:d5:22:97:20:92:14:66:
f5:41:d4:23:9f:88:43:40:bf:1b:89:e9:e8:f3:2a:
38:0d:9e:86:05:e8:36:2c:81:8c:e2:75:2d:ff:8c:
c2:af:98:33:57:8c:11:35:b8:89:3e:6a:ce:92:f0:
c8:f2:0e:2c:77:39:5c:c6:e2:53:78:63:f1:5a:72:
1a:59:46:49:07:a4:20:f5:86:46:34:76:be:e5:03:
64:ac:5e:ae:03:2e:73:81:5d:79:a4:b3:61:8c:97:
89:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:AE:E4:DB:B4:C8:98:19:74:8B:59:D0:40:AF:36:17:D9:4B:B0:86
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS205896.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.50.0/24
Signature Algorithm: sha256WithRSAEncryption
46:2f:8c:0c:84:21:86:45:ad:bd:f4:ec:e3:41:51:ad:c4:c7:
c1:d9:57:d0:5d:ec:f7:a5:79:8b:2e:ee:f2:3c:0c:d0:4e:e5:
99:91:c3:4a:44:d2:a0:eb:0b:8d:a6:cf:31:20:0d:31:0a:47:
c0:1d:62:75:69:e8:6f:51:17:c8:45:bb:b5:34:f4:42:eb:94:
b2:64:82:3e:c0:14:03:eb:c5:aa:75:76:05:99:7f:df:f0:53:
5f:57:ad:b1:f7:6c:8b:58:c8:ec:7a:0f:c6:1c:24:6d:cc:6f:
42:dd:33:2b:75:03:c3:53:a1:a1:33:47:a6:44:d8:7e:14:2c:
a3:07:94:24:74:e4:a2:e8:9e:e9:8c:da:42:65:fd:78:bc:40:
59:68:5c:36:a9:f8:bb:90:e2:80:ac:90:37:9f:c1:dc:d6:80:
be:04:d1:85:f6:57:5e:37:67:25:87:c9:34:0d:46:7f:0e:54:
2c:ae:cc:13:bf:d3:44:64:0c:91:af:e8:24:32:b3:18:a1:b6:
96:37:ee:98:c3:7e:e3:e4:f7:0c:d9:10:5c:8a:93:39:46:e7:
dd:19:c4:b9:22:72:cd:fc:39:e3:9f:d7:16:b6:5f:46:1f:2a:
d3:27:08:bf:76:16:6f:82:61:73:fb:ef:57:f3:85:c3:77:1f:
f9:15:3e:66
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUbvsrDelzoaIvF7uPLsJ7BT4w6xYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTA5MjkwOTE2MjlaFw0yNjA5MjgwOTIxMjlaMDMxMTAvBgNV
BAMTKEI2QUVFNERCQjRDODk4MTk3NDhCNTlEMDQwQUYzNjE3RDk0QkIwODYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqVWfF0LwOmfUBLdFT/bkU7em2
HXWkmLjADgttjQ5rnmsJPYqwrTi7u5WiqPUwZLotpKX0jCDEK3ojtVOE84evoPaz
81qMG0ZIrnyV/5BJ1am5mTsGmbYZGP5GFgb0NPfnUCRkXRooG1CRObAa0rj7cfHT
hFQVqHcXA38Zqguttrq4MtD7A6Enf0Ecdqed+zpUX0sZ/01sZArTquM81SKXIJIU
ZvVB1COfiENAvxuJ6ejzKjgNnoYF6DYsgYzidS3/jMKvmDNXjBE1uIk+as6S8Mjy
Dix3OVzG4lN4Y/FachpZRkkHpCD1hkY0dr7lA2SsXq4DLnOBXXmks2GMl4mZAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUtq7k27TImBl0i1nQQK82F9lLsIYwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMjA1ODk2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAixwy
MA0GCSqGSIb3DQEBCwUAA4IBAQBGL4wMhCGGRa299OzjQVGtxMfB2VfQXez3pXmL
Lu7yPAzQTuWZkcNKRNKg6wuNps8xIA0xCkfAHWJ1aehvURfIRbu1NPRC65SyZII+
wBQD68WqdXYFmX/f8FNfV62x92yLWMjseg/GHCRtzG9C3TMrdQPDU6GhM0emRNh+
FCyjB5QkdOSi6J7pjNpCZf14vEBZaFw2qfi7kOKArJA3n8Hc1oC+BNGF9ldeN2cl
h8k0DUZ/DlQsrswTv9NEZAyRr+gkMrMYobaWN+6Yw37j5PcM2RBcipM5RufdGcS5
InLN/Dnjn9cWtl9GHyrTJwi/dhZvgmFz++9X84XDdx/5FT5m
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:18:28 2025 by rpki-client