Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136372e302f32342d3234203d3e203239383032.roa
File: 3130392e3131302e3136372e302f32342d3234203d3e203239383032.roa (raw, json)
Hash identifier: LXdYIAh8QwBDpWUkrzvH06XXy4888ZUfhzWsir+x7lc=
Subject key identifier: 24:10:ED:48:47:F2:E2:D1:9A:7E:4D:0D:C9:04:0B:37:93:00:08:0A
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 27020B1C04CFE16077528D07CF796BB28E468320
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136372e302f32342d3234203d3e203239383032.roa
Signing time: Mon 06 Oct 2025 16:55:08 +0000
ROA not before: Mon 06 Oct 2025 16:50:08 +0000
ROA not after: Mon 05 Oct 2026 16:55:08 +0000
asID: 29802
IP address blocks: 109.110.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:08:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:02:0b:1c:04:cf:e1:60:77:52:8d:07:cf:79:6b:b2:8e:46:83:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Oct 6 16:50:08 2025 GMT
Not After : Oct 5 16:55:08 2026 GMT
Subject: CN=2410ED4847F2E2D19A7E4D0DC9040B379300080A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:4f:5d:0b:31:5b:53:26:7d:d5:bc:15:20:14:
e5:ad:ee:20:f8:14:fd:61:8c:19:53:19:c1:b0:88:
55:c0:98:6b:f4:6a:dd:79:8d:b0:69:c9:8b:80:7d:
20:38:5e:75:db:ed:ca:5b:12:ab:3a:13:97:e8:5a:
30:8f:52:51:cf:cd:28:f2:c4:e7:3d:06:15:ff:c6:
a4:f8:ea:5d:a5:73:3c:9a:fe:88:4e:3a:f0:2a:ea:
f2:8d:7d:34:e4:4b:29:c6:b1:85:f3:70:2f:1f:76:
70:ca:1c:89:2a:95:4f:45:bf:da:bf:4e:ce:c6:a6:
ff:80:b9:20:d5:5d:79:d8:0a:1a:da:55:9a:64:f2:
2c:dd:10:3b:56:29:13:19:c8:66:37:32:2a:9c:cc:
6b:c4:ac:81:8d:99:9f:39:99:a0:cb:c9:24:b5:d6:
42:9d:9a:bc:46:1c:6a:d5:bf:03:16:7c:ac:2b:02:
05:b6:12:b0:da:57:81:e3:41:8e:ec:f0:83:1d:40:
ed:30:eb:84:ba:b1:a3:76:eb:74:f7:9a:3a:7d:b5:
17:78:ec:1f:dc:36:28:84:86:ba:de:ee:02:79:17:
59:f6:e6:cc:16:db:13:2f:43:ac:20:83:d8:d4:b2:
cf:d5:30:8e:71:33:4d:c8:1d:9e:1e:22:0e:28:8d:
54:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:10:ED:48:47:F2:E2:D1:9A:7E:4D:0D:C9:04:0B:37:93:00:08:0A
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136372e302f32342d3234203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.167.0/24
Signature Algorithm: sha256WithRSAEncryption
12:55:17:c5:ff:4a:ee:37:8f:f8:42:0b:f1:dc:c0:2b:60:80:
7c:1e:19:4a:b4:d9:01:f6:29:c0:35:0e:a6:27:24:36:31:ac:
83:6b:ba:03:be:86:27:81:8b:df:a2:0e:ea:57:c0:b8:31:6f:
9c:f1:98:e4:b8:cf:3b:d3:49:4d:31:1f:ba:40:ed:9f:9b:2a:
6c:ca:fb:4a:18:6b:8a:24:e5:0a:2e:9e:4c:93:df:18:27:0e:
0d:e2:78:17:57:c5:fa:38:0d:76:7a:0b:20:0e:ff:8d:0e:ba:
8e:59:b8:48:36:57:87:2f:2d:5f:91:fa:fd:6b:d4:66:74:33:
12:61:ae:c4:f8:19:d9:6d:a8:7d:96:d8:33:1d:19:f6:53:72:
49:dd:98:72:28:76:76:87:46:c5:ed:a3:2d:a7:1b:da:40:fa:
f2:3c:74:50:91:48:14:34:fe:43:d9:e7:1f:87:b1:23:8f:39:
1c:c8:20:ae:d1:aa:f9:71:c2:98:a8:08:03:9f:a3:45:b3:35:
47:43:e5:73:76:c8:17:d1:e7:09:50:c0:07:cd:8f:c0:36:d7:
1a:5d:f9:71:57:c7:d0:a9:52:e7:08:b9:08:b5:fb:60:d9:ca:
f1:c9:68:39:8c:ea:49:76:7f:7e:47:a0:8c:fa:07:08:cf:15:
c7:49:49:14
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJwILHATP4WB3Uo0Hz3lrso5GgyAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNTEwMDYxNjUwMDhaFw0yNjEwMDUxNjU1MDhaMDMxMTAvBgNV
BAMTKDI0MTBFRDQ4NDdGMkUyRDE5QTdFNEQwREM5MDQwQjM3OTMwMDA4MEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxT10LMVtTJn3VvBUgFOWt7iD4
FP1hjBlTGcGwiFXAmGv0at15jbBpyYuAfSA4XnXb7cpbEqs6E5foWjCPUlHPzSjy
xOc9BhX/xqT46l2lczya/ohOOvAq6vKNfTTkSynGsYXzcC8fdnDKHIkqlU9Fv9q/
Ts7Gpv+AuSDVXXnYChraVZpk8izdEDtWKRMZyGY3MiqczGvErIGNmZ85maDLySS1
1kKdmrxGHGrVvwMWfKwrAgW2ErDaV4HjQY7s8IMdQO0w64S6saN263T3mjp9tRd4
7B/cNiiEhrre7gJ5F1n25swW2xMvQ6wgg9jUss/VMI5xM03IHZ4eIg4ojVRvAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUJBDtSEfy4tGafk0NyQQLN5MACAowHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzYzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzkzODMwMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABtbqcwDQYJKoZIhvcNAQELBQADggEBABJVF8X/Su43j/hCC/HcwCtggHweGUq0
2QH2KcA1DqYnJDYxrINrugO+hieBi9+iDupXwLgxb5zxmOS4zzvTSU0xH7pA7Z+b
KmzK+0oYa4ok5QounkyT3xgnDg3ieBdXxfo4DXZ6CyAO/40Ouo5ZuEg2V4cvLV+R
+v1r1GZ0MxJhrsT4GdltqH2W2DMdGfZTckndmHIodnaHRsXtoy2nG9pA+vI8dFCR
SBQ0/kPZ5x+HsSOPORzIIK7RqvlxwpioCAOfo0WzNUdD5XN2yBfR5wlQwAfNj8A2
1xpd+XFXx9CpUucIuQi1+2DZyvHJaDmM6kl2f35HoIz6BwjPFcdJSRQ=
-----END CERTIFICATE-----
Generated at Mon Oct 20 00:07:08 2025 by rpki-client