Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/3133392e32382e32372e302f32342d3234203d3e20323036313530.roa
File: 3133392e32382e32372e302f32342d3234203d3e20323036313530.roa (raw, json)
Hash identifier: spk6NtqPTGXoBo4XJMsULHBo1PCje3tyvN9b3jHB/pA=
Subject key identifier: E5:48:9D:A9:C3:8B:42:A3:5D:54:92:41:ED:03:46:DF:E9:39:6A:EB
Certificate issuer: /CN=637fd1ba3fed44454d6d7030247709d28db3491a
Certificate serial: 5FE97AB417AD1F6BF35205A5FF4DD1BDA6473988
Authority key identifier: 63:7F:D1:BA:3F:ED:44:45:4D:6D:70:30:24:77:09:D2:8D:B3:49:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y3_Ruj_tREVNbXAwJHcJ0o2zSRo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/3133392e32382e32372e302f32342d3234203d3e20323036313530.roa
Signing time: Fri 29 Aug 2025 14:54:58 +0000
ROA not before: Fri 29 Aug 2025 14:49:58 +0000
ROA not after: Fri 28 Aug 2026 14:54:58 +0000
asID: 206150
IP address blocks: 139.28.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/637FD1BA3FED44454D6D7030247709D28DB3491A.crl
rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/637FD1BA3FED44454D6D7030247709D28DB3491A.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y3_Ruj_tREVNbXAwJHcJ0o2zSRo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 08:25:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:e9:7a:b4:17:ad:1f:6b:f3:52:05:a5:ff:4d:d1:bd:a6:47:39:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=637fd1ba3fed44454d6d7030247709d28db3491a
Validity
Not Before: Aug 29 14:49:58 2025 GMT
Not After : Aug 28 14:54:58 2026 GMT
Subject: CN=E5489DA9C38B42A35D549241ED0346DFE9396AEB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ca:3d:08:18:58:5b:86:b1:df:14:11:e5:89:
73:f0:14:04:40:db:2c:c8:d8:e5:54:d5:a7:e5:e1:
45:5e:a3:88:0e:52:d1:1c:1b:44:df:43:76:ea:b5:
d4:84:73:27:95:34:4d:35:91:f4:e1:ef:7f:79:53:
d2:12:4b:62:6d:c3:ad:31:ab:eb:8a:17:ba:15:3c:
cc:47:91:b6:5e:79:91:4c:18:b4:7e:8e:1b:02:49:
44:35:cc:2b:4c:27:b4:3e:13:53:bd:78:d7:f3:7b:
55:ae:92:c4:bd:49:f4:47:fe:10:5a:01:e1:66:20:
0d:47:94:26:bb:2a:9b:8b:e9:22:5b:cd:cb:ea:8b:
83:4e:ca:12:ce:75:df:87:e6:cd:fc:db:03:7f:ba:
2b:98:05:ce:51:b9:40:11:f0:a3:a6:54:91:4e:3e:
bb:06:5f:3d:70:80:fb:ef:b0:fc:d1:0f:c9:f2:08:
f2:15:54:76:3c:0d:9c:5c:3b:6f:45:13:2c:83:de:
7f:85:44:9c:30:30:8e:bc:7f:16:f9:22:05:04:e7:
2a:35:76:71:d5:ef:2e:d7:4a:dc:da:92:5d:46:21:
1c:13:3e:4c:59:f2:dd:bd:b8:8b:0a:e2:10:d6:11:
10:e4:fe:f3:04:57:3e:32:ea:0d:7e:3b:f3:e4:0b:
01:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:48:9D:A9:C3:8B:42:A3:5D:54:92:41:ED:03:46:DF:E9:39:6A:EB
X509v3 Authority Key Identifier:
keyid:63:7F:D1:BA:3F:ED:44:45:4D:6D:70:30:24:77:09:D2:8D:B3:49:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/637FD1BA3FED44454D6D7030247709D28DB3491A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y3_Ruj_tREVNbXAwJHcJ0o2zSRo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/3133392e32382e32372e302f32342d3234203d3e20323036313530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.27.0/24
Signature Algorithm: sha256WithRSAEncryption
78:fb:56:4b:27:0f:46:ba:be:41:12:e3:07:3b:1d:83:27:9d:
a1:b5:2f:51:f5:d0:b2:0b:9c:0a:45:2c:d9:9a:bc:62:4c:28:
b9:ce:77:99:2b:0f:1f:27:0a:d7:22:43:f1:7f:10:5d:86:d3:
e8:20:78:9f:eb:70:b4:ec:1a:6e:0d:a9:34:90:f8:3f:4b:15:
5e:cc:40:34:1d:9a:75:3e:cb:42:f5:0e:a7:f5:81:95:d4:c7:
de:a9:68:51:44:e4:9c:70:d8:de:cd:dc:ea:af:d3:38:a4:4a:
9d:82:7d:c9:da:fd:5f:3b:bc:44:a5:08:72:08:a1:65:0a:88:
02:60:5a:ae:8b:b1:52:92:8e:e3:27:9f:37:5b:5f:37:1d:a5:
56:ef:c0:b3:bc:c0:bc:ae:90:a1:02:f9:7f:a3:39:46:31:48:
33:86:67:98:93:77:b7:4d:78:79:a7:d8:d5:c1:f5:0c:05:eb:
15:75:57:bb:87:13:2f:9d:95:98:c0:8b:69:f6:64:cf:4b:7c:
63:1d:ab:38:88:e3:9e:2d:32:d1:51:e3:f2:68:33:83:bd:c8:
48:19:fd:14:95:95:2b:1f:6f:a4:d8:4d:c9:b5:08:cf:3f:ce:
34:24:ff:6f:ed:c1:0b:8b:1b:57:5d:b6:21:15:81:88:f3:ed:
97:81:4a:3e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUX+l6tBetH2vzUgWl/03RvaZHOYgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM3ZmQxYmEzZmVkNDQ0NTRkNmQ3MDMwMjQ3NzA5ZDI4
ZGIzNDkxYTAeFw0yNTA4MjkxNDQ5NThaFw0yNjA4MjgxNDU0NThaMDMxMTAvBgNV
BAMTKEU1NDg5REE5QzM4QjQyQTM1RDU0OTI0MUVEMDM0NkRGRTkzOTZBRUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXyj0IGFhbhrHfFBHliXPwFARA
2yzI2OVU1afl4UVeo4gOUtEcG0TfQ3bqtdSEcyeVNE01kfTh7395U9ISS2Jtw60x
q+uKF7oVPMxHkbZeeZFMGLR+jhsCSUQ1zCtMJ7Q+E1O9eNfze1WuksS9SfRH/hBa
AeFmIA1HlCa7KpuL6SJbzcvqi4NOyhLOdd+H5s382wN/uiuYBc5RuUAR8KOmVJFO
PrsGXz1wgPvvsPzRD8nyCPIVVHY8DZxcO29FEyyD3n+FRJwwMI68fxb5IgUE5yo1
dnHV7y7XStzakl1GIRwTPkxZ8t29uIsK4hDWERDk/vMEVz4y6g1+O/PkCwFpAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU5UidqcOLQqNdVJJB7QNG3+k5auswHwYDVR0j
BBgwFoAUY3/Ruj/tREVNbXAwJHcJ0o2zSRowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTk0ZGY3MTQtZDM3ZC00OTQyLThlOTQtOTFkZDg1M2Vm
N2UzLzAvNjM3RkQxQkEzRkVENDQ0NTRENkQ3MDMwMjQ3NzA5RDI4REIzNDkxQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1kzX1J1al90UkVWTmJYQXdKSGNKMG8y
elNSby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTk0ZGY3MTQt
ZDM3ZC00OTQyLThlOTQtOTFkZDg1M2VmN2UzLzAvMzEzMzM5MmUzMjM4MmUzMjM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM2MzEzNTMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ixwbMA0GCSqGSIb3DQEBCwUAA4IBAQB4+1ZLJw9Gur5BEuMHOx2DJ52htS9R9dCy
C5wKRSzZmrxiTCi5zneZKw8fJwrXIkPxfxBdhtPoIHif63C07BpuDak0kPg/SxVe
zEA0HZp1PstC9Q6n9YGV1MfeqWhRROSccNjezdzqr9M4pEqdgn3J2v1fO7xEpQhy
CKFlCogCYFqui7FSko7jJ583W183HaVW78CzvMC8rpChAvl/ozlGMUgzhmeYk3e3
TXh5p9jVwfUMBesVdVe7hxMvnZWYwItp9mTPS3xjHas4iOOeLTLRUePyaDODvchI
Gf0UlZUrH2+k2E3JtQjPP840JP9v7cELixtXXbYhFYGI8+2XgUo+
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:44:23 2025 by rpki-client