Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ac0e13d8-bfe0-4235-afb4-d53edfbacdd2/0/3231332e3235342e3137302e302f32342d3234203d3e203438363738.roa
File: 3231332e3235342e3137302e302f32342d3234203d3e203438363738.roa (raw, json)
Hash identifier: ttSPLNkVmnmfbB1Jg0U4OFMRv4cZWxzTg6oBluFltrk=
Subject key identifier: 0F:AC:1B:9C:B2:2C:E5:0C:D5:A2:1A:98:4B:52:52:DA:3D:69:14:58
Certificate issuer: /CN=5ecb4cadbbadd500f49ca697d566a2761e017608
Certificate serial: 56A5D7222187CA56CC7545FB5337593D89C8BAE9
Authority key identifier: 5E:CB:4C:AD:BB:AD:D5:00:F4:9C:A6:97:D5:66:A2:76:1E:01:76:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XstMrbut1QD0nKaX1Waidh4Bdgg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ac0e13d8-bfe0-4235-afb4-d53edfbacdd2/0/3231332e3235342e3137302e302f32342d3234203d3e203438363738.roa
Signing time: Mon 13 Oct 2025 18:55:08 +0000
ROA not before: Mon 13 Oct 2025 18:50:08 +0000
ROA not after: Mon 12 Oct 2026 18:55:08 +0000
asID: 48678
IP address blocks: 213.254.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ac0e13d8-bfe0-4235-afb4-d53edfbacdd2/0/5ECB4CADBBADD500F49CA697D566A2761E017608.crl
rsync://rsync.paas.rpki.ripe.net/repository/ac0e13d8-bfe0-4235-afb4-d53edfbacdd2/0/5ECB4CADBBADD500F49CA697D566A2761E017608.mft
rsync://rpki.ripe.net/repository/DEFAULT/XstMrbut1QD0nKaX1Waidh4Bdgg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 05:04:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:a5:d7:22:21:87:ca:56:cc:75:45:fb:53:37:59:3d:89:c8:ba:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ecb4cadbbadd500f49ca697d566a2761e017608
Validity
Not Before: Oct 13 18:50:08 2025 GMT
Not After : Oct 12 18:55:08 2026 GMT
Subject: CN=0FAC1B9CB22CE50CD5A21A984B5252DA3D691458
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:27:10:e7:58:75:e8:73:22:23:16:98:d3:db:
c4:30:2b:92:54:70:ec:10:61:60:25:5c:2f:d7:30:
b9:72:7f:dc:23:ba:83:48:ec:1f:89:38:d0:93:2d:
1e:49:da:02:96:10:fa:1e:6e:e1:22:71:37:1b:3c:
4d:ab:30:51:7e:3e:c7:12:da:e5:d4:5c:1c:c8:ec:
1e:c6:52:82:e8:ab:72:bb:3f:47:73:5d:83:2b:c0:
c8:45:36:af:1e:b0:43:81:f6:cc:08:b7:e5:19:8d:
7f:35:79:cf:69:f1:54:a5:19:9c:72:b6:3d:55:c5:
8e:51:c8:af:f5:e6:96:cf:ac:21:31:b9:cd:c7:39:
72:fa:ef:65:44:1c:18:4f:db:42:a0:5b:d0:90:07:
90:b6:ca:19:fb:99:0c:ad:d5:e8:0e:77:e1:55:06:
b5:9f:37:78:27:8a:6d:73:dc:be:50:02:96:23:66:
56:33:65:11:20:57:38:bc:9f:7c:eb:9d:25:30:43:
7b:d5:64:41:3d:b2:1d:86:7b:4a:7f:fb:53:6f:9b:
4b:de:58:4c:1b:ef:54:e8:51:94:29:ef:2e:61:03:
b4:28:6a:3b:8f:97:d3:ee:18:61:7c:20:b1:de:ff:
ee:47:e6:f8:f9:46:9a:fd:bb:93:ab:34:66:d9:6a:
57:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:AC:1B:9C:B2:2C:E5:0C:D5:A2:1A:98:4B:52:52:DA:3D:69:14:58
X509v3 Authority Key Identifier:
keyid:5E:CB:4C:AD:BB:AD:D5:00:F4:9C:A6:97:D5:66:A2:76:1E:01:76:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ac0e13d8-bfe0-4235-afb4-d53edfbacdd2/0/5ECB4CADBBADD500F49CA697D566A2761E017608.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XstMrbut1QD0nKaX1Waidh4Bdgg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ac0e13d8-bfe0-4235-afb4-d53edfbacdd2/0/3231332e3235342e3137302e302f32342d3234203d3e203438363738.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.254.170.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:03:da:c3:77:03:3c:36:6e:96:ea:18:1a:13:e9:84:7e:53:
1d:97:f1:e5:d2:bd:3f:22:96:5a:29:78:bb:07:16:0b:59:b2:
ca:9d:d9:df:fe:3a:c7:ec:81:32:da:4c:bd:f2:ab:86:ec:d8:
c4:e9:33:07:38:41:51:22:37:e5:18:55:19:01:05:bc:4e:d0:
bf:9c:77:88:1a:63:93:5b:a9:b7:99:f1:eb:42:d5:cc:f1:53:
38:f8:05:3a:8b:c1:e8:ac:c6:d6:49:64:4a:49:e1:a9:a6:77:
00:ee:d2:c2:d3:ff:cc:87:0c:bb:f6:f8:a1:30:c7:0e:c8:5c:
5f:00:c9:84:b7:eb:17:43:f6:15:7d:bf:96:41:da:db:e0:71:
0c:22:50:46:60:13:e5:f7:b3:d2:7f:80:74:b3:f1:ac:dc:c5:
cb:b7:cb:2e:39:db:8c:e3:6b:e1:42:e2:57:97:da:f7:1a:70:
aa:ae:d8:2d:c5:ce:96:97:5d:39:75:a4:8f:cb:6d:37:84:8f:
c3:d0:ff:06:6a:59:6e:6c:cc:0e:47:2b:8f:bc:35:d1:ec:76:
81:70:c0:59:b3:1a:00:57:69:61:4e:47:51:7f:09:9e:fb:b5:
e2:c1:cc:ab:55:57:52:db:f8:6a:84:de:62:ea:0b:01:f6:bb:
7e:ce:d6:93
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUVqXXIiGHylbMdUX7UzdZPYnIuukwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWVjYjRjYWRiYmFkZDUwMGY0OWNhNjk3ZDU2NmEyNzYx
ZTAxNzYwODAeFw0yNTEwMTMxODUwMDhaFw0yNjEwMTIxODU1MDhaMDMxMTAvBgNV
BAMTKDBGQUMxQjlDQjIyQ0U1MENENUEyMUE5ODRCNTI1MkRBM0Q2OTE0NTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfJxDnWHXocyIjFpjT28QwK5JU
cOwQYWAlXC/XMLlyf9wjuoNI7B+JONCTLR5J2gKWEPoebuEicTcbPE2rMFF+PscS
2uXUXBzI7B7GUoLoq3K7P0dzXYMrwMhFNq8esEOB9swIt+UZjX81ec9p8VSlGZxy
tj1VxY5RyK/15pbPrCExuc3HOXL672VEHBhP20KgW9CQB5C2yhn7mQyt1egOd+FV
BrWfN3gnim1z3L5QApYjZlYzZREgVzi8n3zrnSUwQ3vVZEE9sh2Ge0p/+1Nvm0ve
WEwb71ToUZQp7y5hA7QoajuPl9PuGGF8ILHe/+5H5vj5Rpr9u5OrNGbZalfBAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUD6wbnLIs5QzVohqYS1JS2j1pFFgwHwYDVR0j
BBgwFoAUXstMrbut1QD0nKaX1Waidh4BdggwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWMwZTEzZDgtYmZlMC00MjM1LWFmYjQtZDUzZWRmYmFj
ZGQyLzAvNUVDQjRDQURCQkFERDUwMEY0OUNBNjk3RDU2NkEyNzYxRTAxNzYwOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hzdE1yYnV0MVFEMG5LYVgxV2FpZGg0
QmRnZy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWMwZTEzZDgt
YmZlMC00MjM1LWFmYjQtZDUzZWRmYmFjZGQyLzAvMzIzMTMzMmUzMjM1MzQyZTMx
MzczMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzgzNjM3Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADV/qowDQYJKoZIhvcNAQELBQADggEBAH8D2sN3Azw2bpbqGBoT6YR+Ux2X8eXS
vT8illopeLsHFgtZssqd2d/+OsfsgTLaTL3yq4bs2MTpMwc4QVEiN+UYVRkBBbxO
0L+cd4gaY5NbqbeZ8etC1czxUzj4BTqLweisxtZJZEpJ4ammdwDu0sLT/8yHDLv2
+KEwxw7IXF8AyYS36xdD9hV9v5ZB2tvgcQwiUEZgE+X3s9J/gHSz8azcxcu3yy45
24zja+FC4leX2vcacKqu2C3FzpaXXTl1pI/LbTeEj8PQ/wZqWW5szA5HK4+8NdHs
doFwwFmzGgBXaWFOR1F/CZ77teLBzKtVV1Lb+GqE3mLqCwH2u37O1pM=
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:33:01 2025 by rpki-client