Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136332e302f32342d3234203d3e20323030323630.roa
File: 3130392e3131302e3136332e302f32342d3234203d3e20323030323630.roa (raw, json)
Hash identifier: P0QslvnmncUieovF6rBlWTTueA9Nr2JqnDMZk3vYYc4=
Subject key identifier: 47:FE:75:1B:EA:EF:1A:DA:1C:D9:CE:21:24:30:8A:8C:28:79:4E:3A
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 4B1DE014619E806777D04431D3DD4948BFDB496B
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136332e302f32342d3234203d3e20323030323630.roa
Signing time: Fri 10 Oct 2025 20:55:08 +0000
ROA not before: Fri 10 Oct 2025 20:50:08 +0000
ROA not after: Fri 09 Oct 2026 20:55:08 +0000
asID: 200260
IP address blocks: 109.110.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:1d:e0:14:61:9e:80:67:77:d0:44:31:d3:dd:49:48:bf:db:49:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Oct 10 20:50:08 2025 GMT
Not After : Oct 9 20:55:08 2026 GMT
Subject: CN=47FE751BEAEF1ADA1CD9CE2124308A8C28794E3A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:86:58:de:ac:09:ec:a8:39:8f:cd:06:ce:db:
ce:81:68:60:72:12:9e:80:d7:41:5f:6e:21:fd:a6:
8b:df:64:9c:83:24:1d:69:ca:8b:2d:da:6a:dd:1b:
4c:67:bd:b4:d9:58:1c:6d:f9:d5:3a:6d:ee:6d:69:
c0:53:45:ca:fe:79:41:9b:9c:34:3d:cb:ca:17:05:
04:87:32:e6:88:d0:d5:ad:ba:5c:91:cd:1a:fc:4e:
e7:4b:69:0c:5e:53:90:80:8d:a8:30:4f:f2:4d:08:
58:9d:d0:92:33:11:a1:f5:d2:6b:d3:30:c5:2a:4d:
4b:23:76:dd:2a:4f:fa:44:d2:ed:a4:1e:de:3d:ca:
2b:44:a6:40:9e:c3:c0:6a:8f:ec:4c:0e:e1:32:8e:
a1:31:9b:f6:60:74:e7:c5:1d:33:27:a2:b6:44:77:
b2:cf:fa:cb:02:49:f8:40:b9:19:77:6e:84:e8:f1:
96:d4:ad:31:94:d5:8d:93:f0:cb:f0:a0:78:a5:5d:
5f:c9:25:45:69:e3:44:4a:56:79:f7:7f:93:1b:62:
74:fd:c0:8a:dd:87:22:0c:c3:d1:a8:27:4b:ff:4c:
e3:f9:61:66:a8:7a:f6:8f:bd:63:99:53:b5:d9:23:
87:5f:39:90:8a:e5:52:ee:35:86:86:c0:12:6d:d9:
08:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:FE:75:1B:EA:EF:1A:DA:1C:D9:CE:21:24:30:8A:8C:28:79:4E:3A
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136332e302f32342d3234203d3e20323030323630.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.163.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:5b:26:fe:23:cd:31:f4:f3:c8:13:36:10:c8:e2:0e:3a:8a:
d0:08:41:0f:ae:6b:81:21:75:48:ea:04:82:d5:db:f6:84:f0:
e3:9d:20:29:78:0c:43:e5:d6:3c:31:11:c4:31:a2:44:40:41:
a1:e5:42:65:de:aa:e2:5e:c7:92:0b:c5:a6:e7:ee:fd:6f:e5:
0c:97:86:08:ba:b7:a0:fa:59:8c:93:b7:09:66:11:c3:08:ad:
cd:72:6e:79:a3:75:6d:61:0d:32:d7:ae:a4:76:2d:f7:cf:ef:
17:a8:f6:72:1f:45:4d:6f:4b:d2:4b:95:22:7e:aa:13:5b:f7:
8e:ac:4d:0d:d2:c9:62:e8:a9:3c:64:d9:ee:cb:3f:24:94:ee:
d0:a2:de:14:56:2a:7f:55:ca:73:3a:f5:45:6d:16:43:35:96:
6d:cf:d2:21:33:77:34:2b:3c:33:65:f1:c8:f4:64:d5:6f:b2:
1d:2b:58:23:20:3e:f3:cb:51:13:f4:ad:fc:75:c3:37:aa:75:
5a:89:d6:bc:9b:4c:19:5e:8a:17:30:3e:df:46:ef:2c:e9:e1:
62:ba:61:98:09:b0:ba:ba:2d:7c:42:ef:39:02:54:78:4b:d2:
22:a7:60:ac:0f:0f:1f:32:1d:7c:cf:bc:cb:19:6d:bb:fc:80:
5a:17:80:8e
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUSx3gFGGegGd30EQx091JSL/bSWswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNTEwMTAyMDUwMDhaFw0yNjEwMDkyMDU1MDhaMDMxMTAvBgNV
BAMTKDQ3RkU3NTFCRUFFRjFBREExQ0Q5Q0UyMTI0MzA4QThDMjg3OTRFM0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBhljerAnsqDmPzQbO286BaGBy
Ep6A10FfbiH9povfZJyDJB1pyost2mrdG0xnvbTZWBxt+dU6be5tacBTRcr+eUGb
nDQ9y8oXBQSHMuaI0NWtulyRzRr8TudLaQxeU5CAjagwT/JNCFid0JIzEaH10mvT
MMUqTUsjdt0qT/pE0u2kHt49yitEpkCew8Bqj+xMDuEyjqExm/ZgdOfFHTMnorZE
d7LP+ssCSfhAuRl3boTo8ZbUrTGU1Y2T8MvwoHilXV/JJUVp40RKVnn3f5MbYnT9
wIrdhyIMw9GoJ0v/TOP5YWaoevaPvWOZU7XZI4dfOZCK5VLuNYaGwBJt2QiBAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUR/51G+rvGtoc2c4hJDCKjCh5TjowHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzYzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMDMyMzYzMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAG1uozANBgkqhkiG9w0BAQsFAAOCAQEAClsm/iPNMfTzyBM2EMjiDjqK0AhB
D65rgSF1SOoEgtXb9oTw450gKXgMQ+XWPDERxDGiREBBoeVCZd6q4l7HkgvFpufu
/W/lDJeGCLq3oPpZjJO3CWYRwwitzXJueaN1bWENMteupHYt98/vF6j2ch9FTW9L
0kuVIn6qE1v3jqxNDdLJYuipPGTZ7ss/JJTu0KLeFFYqf1XKczr1RW0WQzWWbc/S
ITN3NCs8M2XxyPRk1W+yHStYIyA+88tRE/St/HXDN6p1WonWvJtMGV6KFzA+30bv
LOnhYrphmAmwurotfELvOQJUeEvSIqdgrA8PHzIdfM+8yxltu/yAWheAjg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:12:30 2025 by rpki-client