Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/3133392e32382e32342e302f32342d3234203d3e20323131343430.roa
File: 3133392e32382e32342e302f32342d3234203d3e20323131343430.roa (raw, json)
Hash identifier: eR+xyo+zY+fM9l50cFs0swlGeIX2NljYGKvE5SQX83U=
Subject key identifier: DE:3A:E8:E2:5C:92:A2:B2:99:24:A2:FB:48:58:A3:38:27:3E:2D:7E
Certificate issuer: /CN=637fd1ba3fed44454d6d7030247709d28db3491a
Certificate serial: 2CE7CEE098A73ACEFCDAA9330312B240DF30BB78
Authority key identifier: 63:7F:D1:BA:3F:ED:44:45:4D:6D:70:30:24:77:09:D2:8D:B3:49:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y3_Ruj_tREVNbXAwJHcJ0o2zSRo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/3133392e32382e32342e302f32342d3234203d3e20323131343430.roa
Signing time: Fri 29 Aug 2025 14:54:58 +0000
ROA not before: Fri 29 Aug 2025 14:49:58 +0000
ROA not after: Fri 28 Aug 2026 14:54:58 +0000
asID: 211440
IP address blocks: 139.28.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/637FD1BA3FED44454D6D7030247709D28DB3491A.crl
rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/637FD1BA3FED44454D6D7030247709D28DB3491A.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y3_Ruj_tREVNbXAwJHcJ0o2zSRo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 08:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:e7:ce:e0:98:a7:3a:ce:fc:da:a9:33:03:12:b2:40:df:30:bb:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=637fd1ba3fed44454d6d7030247709d28db3491a
Validity
Not Before: Aug 29 14:49:58 2025 GMT
Not After : Aug 28 14:54:58 2026 GMT
Subject: CN=DE3AE8E25C92A2B29924A2FB4858A338273E2D7E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f9:db:76:75:fe:ac:e8:48:29:f0:38:40:bc:
77:d4:40:55:ad:48:e8:28:29:31:c2:8f:9a:fa:ae:
79:c2:21:31:09:b0:3e:6d:6d:1b:07:42:26:6b:4a:
57:de:fd:85:44:f3:ad:09:cf:0d:f0:69:02:bc:e9:
d3:4e:20:c7:da:cd:ef:7c:6d:c8:30:90:9f:b8:b4:
19:f8:34:da:a9:fd:84:38:84:1b:12:82:9c:35:71:
31:e2:b9:56:70:2a:d9:20:95:f4:b3:90:22:94:e6:
bc:f0:41:47:b7:9c:d4:f9:42:f4:11:2e:db:6a:e1:
ac:c0:94:80:1d:9a:56:21:a7:a5:75:5f:3a:a9:6c:
5f:d4:e1:8e:de:02:d6:df:8e:6e:bc:d8:19:ae:fb:
ba:8f:40:1e:33:8d:5c:df:e7:95:64:9b:25:1a:72:
99:9d:36:14:0b:fc:31:d5:f2:5e:29:97:34:d3:dc:
5e:db:f0:f4:e6:2f:9b:f3:83:08:80:e6:0b:67:7a:
a9:b4:51:36:ce:11:76:c5:72:08:53:df:67:a9:91:
5a:b3:58:1a:32:1a:79:94:f0:f3:29:5f:10:c7:8b:
69:a8:56:73:21:d6:1a:3c:45:1f:1e:86:4c:52:e0:
57:b3:c5:b4:60:a8:9a:4f:92:5e:87:42:89:e9:bd:
3a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:3A:E8:E2:5C:92:A2:B2:99:24:A2:FB:48:58:A3:38:27:3E:2D:7E
X509v3 Authority Key Identifier:
keyid:63:7F:D1:BA:3F:ED:44:45:4D:6D:70:30:24:77:09:D2:8D:B3:49:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/637FD1BA3FED44454D6D7030247709D28DB3491A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y3_Ruj_tREVNbXAwJHcJ0o2zSRo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/3133392e32382e32342e302f32342d3234203d3e20323131343430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.24.0/24
Signature Algorithm: sha256WithRSAEncryption
19:f6:cf:35:3f:2e:2e:e9:7e:05:77:97:f6:d4:02:fa:6d:75:
fa:1b:d2:b1:f1:73:31:58:fc:43:4a:3d:70:81:90:e7:99:d0:
11:57:4f:5f:72:fa:0b:ff:25:c4:db:52:7c:5f:6a:93:3f:38:
aa:75:40:ed:cb:ec:f5:ed:7d:44:5b:18:d5:e1:5f:73:ca:b0:
85:f8:52:47:58:f1:dd:84:93:74:a5:a5:05:47:4d:15:ae:82:
db:3c:40:88:bf:2a:72:a5:de:5b:eb:da:82:17:9e:be:aa:3e:
2a:6a:55:7a:fc:85:7d:cb:27:50:f9:c1:93:50:3b:36:0a:93:
25:bb:2a:f2:7c:fe:af:8f:7a:4f:7b:81:bb:b6:4f:71:a6:78:
ed:af:a4:07:64:8f:d8:32:89:bf:12:7e:5f:34:25:50:d3:4c:
81:b0:0c:9f:cb:14:09:0e:31:9a:cf:e9:a5:11:9b:39:ae:2f:
4d:81:08:45:9d:3b:57:0e:b6:83:35:31:c0:22:89:a0:20:47:
f5:0b:d3:eb:50:23:b5:17:a3:45:25:ef:39:9f:2b:51:ff:14:
eb:6c:cb:a3:f2:64:61:a1:e4:bb:1c:53:f1:83:96:9e:8d:bb:
38:04:00:d1:d0:46:39:76:6e:14:f1:43:2f:3c:b6:dd:a9:41:
5d:a1:e7:d6
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIULOfO4JinOs782qkzAxKyQN8wu3gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM3ZmQxYmEzZmVkNDQ0NTRkNmQ3MDMwMjQ3NzA5ZDI4
ZGIzNDkxYTAeFw0yNTA4MjkxNDQ5NThaFw0yNjA4MjgxNDU0NThaMDMxMTAvBgNV
BAMTKERFM0FFOEUyNUM5MkEyQjI5OTI0QTJGQjQ4NThBMzM4MjczRTJEN0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCt+dt2df6s6Egp8DhAvHfUQFWt
SOgoKTHCj5r6rnnCITEJsD5tbRsHQiZrSlfe/YVE860Jzw3waQK86dNOIMfaze98
bcgwkJ+4tBn4NNqp/YQ4hBsSgpw1cTHiuVZwKtkglfSzkCKU5rzwQUe3nNT5QvQR
Lttq4azAlIAdmlYhp6V1XzqpbF/U4Y7eAtbfjm682Bmu+7qPQB4zjVzf55VkmyUa
cpmdNhQL/DHV8l4plzTT3F7b8PTmL5vzgwiA5gtneqm0UTbOEXbFcghT32epkVqz
WBoyGnmU8PMpXxDHi2moVnMh1ho8RR8ehkxS4FezxbRgqJpPkl6HQonpvTofAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU3jro4lySorKZJKL7SFijOCc+LX4wHwYDVR0j
BBgwFoAUY3/Ruj/tREVNbXAwJHcJ0o2zSRowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTk0ZGY3MTQtZDM3ZC00OTQyLThlOTQtOTFkZDg1M2Vm
N2UzLzAvNjM3RkQxQkEzRkVENDQ0NTRENkQ3MDMwMjQ3NzA5RDI4REIzNDkxQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1kzX1J1al90UkVWTmJYQXdKSGNKMG8y
elNSby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTk0ZGY3MTQt
ZDM3ZC00OTQyLThlOTQtOTFkZDg1M2VmN2UzLzAvMzEzMzM5MmUzMjM4MmUzMjM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMxMzQzNDMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ixwYMA0GCSqGSIb3DQEBCwUAA4IBAQAZ9s81Py4u6X4Fd5f21AL6bXX6G9Kx8XMx
WPxDSj1wgZDnmdARV09fcvoL/yXE21J8X2qTPziqdUDty+z17X1EWxjV4V9zyrCF
+FJHWPHdhJN0paUFR00VroLbPECIvypypd5b69qCF56+qj4qalV6/IV9yydQ+cGT
UDs2CpMluyryfP6vj3pPe4G7tk9xpnjtr6QHZI/YMom/En5fNCVQ00yBsAyfyxQJ
DjGaz+mlEZs5ri9NgQhFnTtXDraDNTHAIomgIEf1C9PrUCO1F6NFJe85nytR/xTr
bMuj8mRhoeS7HFPxg5aejbs4BADR0EY5dm4U8UMvPLbdqUFdoefW
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:49:14 2025 by rpki-client