Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/39332e39322e32302e302f32342d3234203d3e2035353131.roa
File: 39332e39322e32302e302f32342d3234203d3e2035353131.roa (raw, json)
Hash identifier: 7VcdQni9NXqci+IjZbxirF6Td9GD5nyYwAr4qpAAeg4=
Subject key identifier: 03:7F:BB:06:94:C9:4F:06:01:9F:43:1F:4D:8F:EE:4F:5D:27:FA:D5
Certificate issuer: /CN=d01ba013bc1e6d86f0d6d58eafa54e27fada3444
Certificate serial: 3BB42157205FC0C8EA6C0AB0E4D8DF7150220444
Authority key identifier: D0:1B:A0:13:BC:1E:6D:86:F0:D6:D5:8E:AF:A5:4E:27:FA:DA:34:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/39332e39322e32302e302f32342d3234203d3e2035353131.roa
Signing time: Fri 10 Oct 2025 14:55:08 +0000
ROA not before: Fri 10 Oct 2025 14:50:08 +0000
ROA not after: Fri 09 Oct 2026 14:55:08 +0000
asID: 5511
IP address blocks: 93.92.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.crl
rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.mft
rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:b4:21:57:20:5f:c0:c8:ea:6c:0a:b0:e4:d8:df:71:50:22:04:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d01ba013bc1e6d86f0d6d58eafa54e27fada3444
Validity
Not Before: Oct 10 14:50:08 2025 GMT
Not After : Oct 9 14:55:08 2026 GMT
Subject: CN=037FBB0694C94F06019F431F4D8FEE4F5D27FAD5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:80:60:6e:d4:c1:5e:0e:51:4f:a3:94:ab:dc:
14:3d:db:86:8e:5b:8a:b1:ff:57:bc:8e:ae:d1:20:
91:0d:15:b2:d3:67:fd:9a:11:6e:42:77:f5:09:b4:
a5:fe:fc:56:4f:e4:0e:35:86:78:07:5b:c9:c3:bc:
1b:d2:f7:65:a6:9f:d8:89:ef:20:23:5b:97:5a:a5:
23:52:72:72:61:fa:d7:46:29:b7:7a:f8:2e:a3:37:
d0:e6:d4:ce:36:e9:a6:1f:dc:19:8a:78:e7:6c:f4:
5d:f2:18:57:32:b5:99:9c:17:80:d9:b8:55:41:b7:
d4:14:82:2e:a7:ef:6b:bb:1c:09:4e:bb:8c:01:f5:
f6:1e:31:ca:17:56:00:61:1c:7a:16:18:ca:79:46:
e3:30:54:68:34:d7:12:55:d2:d3:2a:ce:57:03:f5:
46:92:a2:d3:f3:fe:62:23:ad:c4:9b:8e:22:8c:21:
86:c3:b5:80:43:bb:99:ad:40:85:a0:c2:9c:ca:e7:
3b:32:e8:44:e2:a9:30:a9:5d:e4:ad:f7:3b:52:da:
8c:0b:e0:a3:62:5c:f9:2d:8c:86:95:12:17:c1:d8:
86:67:0b:f1:d7:31:bf:a8:46:36:14:6b:e9:31:2d:
2a:aa:7a:f1:fe:c2:16:19:b0:22:ab:0d:69:02:72:
0b:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:7F:BB:06:94:C9:4F:06:01:9F:43:1F:4D:8F:EE:4F:5D:27:FA:D5
X509v3 Authority Key Identifier:
keyid:D0:1B:A0:13:BC:1E:6D:86:F0:D6:D5:8E:AF:A5:4E:27:FA:DA:34:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/39332e39322e32302e302f32342d3234203d3e2035353131.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.92.20.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:cc:61:2a:d2:1d:37:f7:b9:5c:57:13:4b:88:bd:55:51:96:
e2:28:56:1c:d0:b5:50:8a:86:38:17:3d:6d:9a:4a:60:b4:52:
e7:c9:70:8f:7a:c0:3e:70:a8:a0:f1:1f:9e:66:44:c8:6c:8d:
86:a3:d1:5c:6b:bf:28:a3:71:fe:3a:69:3a:d6:f5:37:3b:00:
6a:eb:2e:ad:2b:34:6a:60:34:17:c8:c6:98:55:f6:dd:aa:12:
fc:0f:b2:d3:ac:b0:7e:01:91:4f:c3:5c:18:f6:e7:bb:17:0f:
09:d9:48:41:a8:20:7e:4a:39:db:d0:23:16:d2:03:d3:6a:8e:
93:f9:f9:e8:d4:3a:34:7e:f2:84:e0:c2:ea:e6:49:a4:ce:4c:
3a:c3:a7:a5:bf:b6:5b:c1:8f:37:ba:7e:e4:43:f7:95:e9:ba:
9f:9e:e3:db:d9:56:30:13:d6:80:2a:18:2a:e6:f2:d4:69:8a:
a8:f0:06:29:97:24:b0:98:03:21:c7:bc:e8:77:5b:50:df:73:
ee:49:71:20:98:08:ba:53:12:2e:0b:3a:94:e1:0a:ad:2e:4b:
ac:23:ed:d1:b0:80:df:49:85:01:b8:a7:fd:f8:4f:84:33:69:
18:ab:7b:4f:69:4e:21:8e:4e:83:97:1e:7a:00:10:e1:f3:60:
38:d2:d6:4d
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUO7QhVyBfwMjqbAqw5NjfcVAiBEQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDAxYmEwMTNiYzFlNmQ4NmYwZDZkNThlYWZhNTRlMjdm
YWRhMzQ0NDAeFw0yNTEwMTAxNDUwMDhaFw0yNjEwMDkxNDU1MDhaMDMxMTAvBgNV
BAMTKDAzN0ZCQjA2OTRDOTRGMDYwMTlGNDMxRjREOEZFRTRGNUQyN0ZBRDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfgGBu1MFeDlFPo5Sr3BQ924aO
W4qx/1e8jq7RIJENFbLTZ/2aEW5Cd/UJtKX+/FZP5A41hngHW8nDvBvS92Wmn9iJ
7yAjW5dapSNScnJh+tdGKbd6+C6jN9Dm1M426aYf3BmKeOds9F3yGFcytZmcF4DZ
uFVBt9QUgi6n72u7HAlOu4wB9fYeMcoXVgBhHHoWGMp5RuMwVGg01xJV0tMqzlcD
9UaSotPz/mIjrcSbjiKMIYbDtYBDu5mtQIWgwpzK5zsy6ETiqTCpXeSt9ztS2owL
4KNiXPktjIaVEhfB2IZnC/HXMb+oRjYUa+kxLSqqevH+whYZsCKrDWkCcgtlAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUA3+7BpTJTwYBn0MfTY/uT10n+tUwHwYDVR0j
BBgwFoAU0BugE7webYbw1tWOr6VOJ/raNEQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTUyMmE1MmYtNjUzNC00MTY1LWE2YTctZWY5Zjc0ZWY5
NDMxLzEvRDAxQkEwMTNCQzFFNkQ4NkYwRDZENThFQUZBNTRFMjdGQURBMzQ0NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBCdWdFN3dlYllidzF0V09yNlZPSl9y
YU5FUS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTUyMmE1MmYt
NjUzNC00MTY1LWE2YTctZWY5Zjc0ZWY5NDMxLzEvMzkzMzJlMzkzMjJlMzIzMDJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzUzMTMxLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXVwUMA0G
CSqGSIb3DQEBCwUAA4IBAQB/zGEq0h0397lcVxNLiL1VUZbiKFYc0LVQioY4Fz1t
mkpgtFLnyXCPesA+cKig8R+eZkTIbI2Go9Fca78oo3H+Omk61vU3OwBq6y6tKzRq
YDQXyMaYVfbdqhL8D7LTrLB+AZFPw1wY9ue7Fw8J2UhBqCB+Sjnb0CMW0gPTao6T
+fno1Do0fvKE4MLq5kmkzkw6w6elv7ZbwY83un7kQ/eV6bqfnuPb2VYwE9aAKhgq
5vLUaYqo8AYplySwmAMhx7zod1tQ33PuSXEgmAi6UxIuCzqU4QqtLkusI+3RsIDf
SYUBuKf9+E+EM2kYq3tPaU4hjk6Dlx56ABDh82A40tZN
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:00:57 2025 by rpki-client