Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS1030.roa
File: AS1030.roa (raw, json)
Hash identifier: d4vAWBjRsv/PKvsA9eMBhL3aT2gj8EK5vjRtloXTC94=
Subject key identifier: E9:C8:65:E3:07:E7:7F:A6:27:2D:34:D2:E4:FE:83:4B:D8:19:85:7F
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 60E48F6DAD093AD8473CB6419B7494985E58546F
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS1030.roa
Signing time: Tue 30 Sep 2025 15:55:08 +0000
ROA not before: Tue 30 Sep 2025 15:50:08 +0000
ROA not after: Tue 29 Sep 2026 15:55:08 +0000
asID: 1030
IP address blocks: 141.11.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:e4:8f:6d:ad:09:3a:d8:47:3c:b6:41:9b:74:94:98:5e:58:54:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Sep 30 15:50:08 2025 GMT
Not After : Sep 29 15:55:08 2026 GMT
Subject: CN=E9C865E307E77FA6272D34D2E4FE834BD819857F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:64:77:70:e3:ea:a2:ec:30:3d:3b:53:37:83:
35:f3:8e:be:af:1b:0a:d7:bc:9d:83:d5:8a:28:0f:
6c:55:f7:06:41:3f:87:c2:8b:49:1f:5d:6e:2e:b6:
4e:83:52:ef:a2:e0:2f:03:59:20:1b:35:be:42:55:
4d:f6:43:be:91:e5:d2:26:fc:ed:6c:35:e3:88:7b:
6c:91:96:52:5b:eb:bb:f1:a6:04:e6:f9:ea:1c:0c:
3e:ab:96:bc:cc:a5:f3:f5:61:0a:d0:e4:f8:6c:6d:
e4:81:8a:9b:22:eb:dd:3a:12:0f:79:15:99:56:89:
ae:fb:1d:9d:f0:c3:3d:67:97:9f:91:29:20:c5:ce:
d1:46:a9:ac:bf:67:70:b9:18:12:47:d7:f1:3a:e7:
7c:85:49:f0:85:cd:4e:de:25:5d:12:10:3c:11:47:
81:a7:a9:07:b2:34:2d:32:35:43:9b:2c:6d:61:0e:
65:da:7b:8a:f0:27:cf:fe:b9:7b:1b:e3:47:bc:84:
dc:dc:3b:5d:2a:b8:24:a5:2d:2c:89:44:e9:e7:07:
d6:71:ba:82:5a:6a:85:80:4f:19:e4:3f:fc:22:e0:
46:aa:c6:01:38:17:4c:ee:51:f3:95:b6:4e:25:da:
70:12:d2:74:9f:54:da:80:4d:71:0d:fb:35:fc:cc:
d6:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:C8:65:E3:07:E7:7F:A6:27:2D:34:D2:E4:FE:83:4B:D8:19:85:7F
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS1030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.111.0/24
Signature Algorithm: sha256WithRSAEncryption
88:e6:c6:97:85:f9:cb:97:b0:e5:9f:e7:40:46:d3:ad:59:ab:
c6:e2:20:78:7a:fa:74:76:09:b9:ef:6d:78:a9:0b:b9:c2:0e:
2e:33:79:81:d0:07:68:fa:2c:fd:58:b4:c3:34:c5:34:1b:32:
a4:28:27:7d:e3:21:f8:39:d2:de:92:23:a3:1a:60:fa:36:bb:
db:ed:53:91:f6:25:0e:d2:9a:b6:36:d7:46:c6:2a:97:f0:b3:
82:88:ea:f3:1c:ae:a1:60:d8:33:00:7f:ae:89:ff:e2:bd:34:
fb:8c:72:13:ff:09:c0:ad:d2:85:8d:f9:a6:f2:61:86:1f:e6:
84:20:36:03:69:76:12:95:f4:90:a3:48:e6:6f:87:e9:a8:37:
42:52:2b:76:9f:89:ef:8e:92:b0:d1:d2:d8:4e:38:df:bc:78:
9c:4b:07:1a:8e:50:a5:4e:91:01:55:41:29:0a:08:de:4c:c1:
62:3f:e3:55:8d:d1:3d:9d:a9:6d:ee:79:0d:42:99:a6:bc:d9:
68:86:75:15:78:6c:9a:a4:61:06:5b:fb:fb:34:3c:be:dc:be:
a7:44:1c:d0:13:a2:1d:5e:01:09:1a:55:39:ef:3f:1e:3f:1c:
fa:ef:1a:2b:f7:fc:0e:1e:30:d2:21:1a:9d:05:c9:c5:cd:1f:
6c:54:c2:41
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIUYOSPba0JOthHPLZBm3SUmF5YVG8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTA5MzAxNTUwMDhaFw0yNjA5MjkxNTU1MDhaMDMxMTAvBgNV
BAMTKEU5Qzg2NUUzMDdFNzdGQTYyNzJEMzREMkU0RkU4MzRCRDgxOTg1N0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQZHdw4+qi7DA9O1M3gzXzjr6v
GwrXvJ2D1YooD2xV9wZBP4fCi0kfXW4utk6DUu+i4C8DWSAbNb5CVU32Q76R5dIm
/O1sNeOIe2yRllJb67vxpgTm+eocDD6rlrzMpfP1YQrQ5PhsbeSBipsi6906Eg95
FZlWia77HZ3wwz1nl5+RKSDFztFGqay/Z3C5GBJH1/E653yFSfCFzU7eJV0SEDwR
R4GnqQeyNC0yNUObLG1hDmXae4rwJ8/+uXsb40e8hNzcO10quCSlLSyJROnnB9Zx
uoJaaoWATxnkP/wi4EaqxgE4F0zuUfOVtk4l2nAS0nSfVNqATXEN+zX8zNb3AgMB
AAGjggIIMIICBDAdBgNVHQ4EFgQU6chl4wfnf6YnLTTS5P6DS9gZhX8wHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMTAzMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAI0LbzAN
BgkqhkiG9w0BAQsFAAOCAQEAiObGl4X5y5ew5Z/nQEbTrVmrxuIgeHr6dHYJue9t
eKkLucIOLjN5gdAHaPos/Vi0wzTFNBsypCgnfeMh+DnS3pIjoxpg+ja72+1TkfYl
DtKatjbXRsYql/Czgojq8xyuoWDYMwB/ron/4r00+4xyE/8JwK3ShY35pvJhhh/m
hCA2A2l2EpX0kKNI5m+H6ag3QlIrdp+J746SsNHS2E4437x4nEsHGo5QpU6RAVVB
KQoI3kzBYj/jVY3RPZ2pbe55DUKZprzZaIZ1FXhsmqRhBlv7+zQ8vty+p0Qc0BOi
HV4BCRpVOe8/Hj8c+u8aK/f8Dh4w0iEanQXJxc0fbFTCQQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:10:08 2025 by rpki-client