Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3137332e302f32342d3234203d3e20323135303335.roa
File: 3130392e3131302e3137332e302f32342d3234203d3e20323135303335.roa (raw, json)
Hash identifier: ykUl/d8LcwFx/nTVTeOXD1srxBGtTXtOecyktI8+Ns0=
Subject key identifier: 8C:18:EE:47:49:06:83:06:36:88:DF:1E:F1:AC:17:06:9F:6B:B1:52
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 236377E0D948BF0192A8FD23EF1011846CE1F9DE
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3137332e302f32342d3234203d3e20323135303335.roa
Signing time: Fri 03 Oct 2025 15:55:08 +0000
ROA not before: Fri 03 Oct 2025 15:50:08 +0000
ROA not after: Fri 02 Oct 2026 15:55:08 +0000
asID: 215035
IP address blocks: 109.110.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:08:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:63:77:e0:d9:48:bf:01:92:a8:fd:23:ef:10:11:84:6c:e1:f9:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Oct 3 15:50:08 2025 GMT
Not After : Oct 2 15:55:08 2026 GMT
Subject: CN=8C18EE47490683063688DF1EF1AC17069F6BB152
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:af:41:24:07:27:69:d9:b1:08:f2:d5:d3:c1:
bd:74:dd:11:27:a9:df:cf:28:f0:2a:27:4c:66:a4:
d6:68:c3:73:92:d9:92:51:68:3f:74:2a:84:b7:23:
69:c5:d1:41:29:ec:01:2d:b5:09:18:9e:2b:82:3f:
d3:ff:1d:2c:e8:1b:ee:0a:0e:31:75:48:a3:3d:83:
01:0a:08:0a:06:81:41:cc:25:dc:59:77:a9:cb:bd:
b1:e4:d2:54:1a:6f:6b:70:40:a7:de:d9:9f:c3:6b:
f7:c8:db:70:ba:7a:80:1f:ac:fd:9a:c7:fb:4a:3e:
d7:69:65:c8:ef:2e:c0:f3:6e:a7:7d:b4:fd:1c:f3:
58:f1:09:5c:c3:44:72:ed:1b:a7:9c:ee:f4:1d:cd:
52:10:a2:ee:41:a1:0f:c7:68:e6:43:14:4c:47:61:
7e:8b:22:6d:e2:ad:1b:b1:83:a2:76:46:1d:0b:db:
59:20:c3:d8:4e:e7:b0:65:ea:36:12:50:71:0f:c3:
9d:89:2c:8b:22:06:ce:c8:87:dd:8c:81:71:03:a2:
cc:79:b8:19:99:b9:3d:9c:eb:6f:b4:83:97:b0:a7:
e3:38:ee:17:e8:8e:4b:0d:58:5e:67:c5:1c:bb:71:
3d:00:47:63:0c:c5:2f:74:87:b3:93:b2:1c:9e:2a:
ff:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:18:EE:47:49:06:83:06:36:88:DF:1E:F1:AC:17:06:9F:6B:B1:52
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3137332e302f32342d3234203d3e20323135303335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.173.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:48:73:74:5a:f7:24:91:c4:14:19:09:a5:fc:06:10:a5:cc:
9e:93:04:74:63:b0:a9:f7:f0:ed:be:01:81:0e:59:ad:a8:f5:
b8:6a:bc:ac:f4:dd:53:a3:62:7c:36:5a:8e:34:62:f2:97:bd:
eb:2f:95:c0:79:20:0a:57:83:48:40:59:1c:6d:ab:55:71:46:
07:fc:49:06:d9:b3:e4:c9:0e:02:1d:be:cb:74:d5:08:bc:05:
f1:ed:9b:35:d7:28:1f:41:ed:67:d2:cb:0f:47:90:c4:12:e3:
d8:03:4c:96:c2:8b:f7:6b:da:71:4e:e4:28:09:5f:26:a7:0e:
4a:4c:8d:ed:30:02:2d:13:d1:b6:35:d2:2b:8f:b3:12:7d:4a:
fa:55:ae:3c:25:fb:dc:2b:f7:ea:dd:4d:7f:fe:3f:8e:5d:54:
22:d4:85:ee:6a:91:c1:52:50:b9:cf:e4:6b:e8:ef:18:23:3d:
65:64:a1:cb:fe:64:bc:c0:5a:04:63:02:e2:36:b6:c7:4f:96:
45:2e:2f:38:20:0d:f2:e1:32:59:f0:1c:2d:51:c7:16:72:b3:
5c:45:0b:a5:b4:5b:17:f7:fb:7f:22:1f:ed:75:4c:0b:8c:3f:
2c:ad:3d:c7:14:53:74:c8:7d:4f:aa:22:ab:43:6e:8d:21:6f:
d1:14:be:55
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUI2N34NlIvwGSqP0j7xARhGzh+d4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNTEwMDMxNTUwMDhaFw0yNjEwMDIxNTU1MDhaMDMxMTAvBgNV
BAMTKDhDMThFRTQ3NDkwNjgzMDYzNjg4REYxRUYxQUMxNzA2OUY2QkIxNTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpr0EkBydp2bEI8tXTwb103REn
qd/PKPAqJ0xmpNZow3OS2ZJRaD90KoS3I2nF0UEp7AEttQkYniuCP9P/HSzoG+4K
DjF1SKM9gwEKCAoGgUHMJdxZd6nLvbHk0lQab2twQKfe2Z/Da/fI23C6eoAfrP2a
x/tKPtdpZcjvLsDzbqd9tP0c81jxCVzDRHLtG6ec7vQdzVIQou5BoQ/HaOZDFExH
YX6LIm3irRuxg6J2Rh0L21kgw9hO57Bl6jYSUHEPw52JLIsiBs7Ih92MgXEDosx5
uBmZuT2c62+0g5ewp+M47hfojksNWF5nxRy7cT0AR2MMxS90h7OTshyeKv+5AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUjBjuR0kGgwY2iN8e8awXBp9rsVIwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzczMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNTMwMzMzNS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAG1urTANBgkqhkiG9w0BAQsFAAOCAQEApUhzdFr3JJHEFBkJpfwGEKXMnpME
dGOwqffw7b4BgQ5Zraj1uGq8rPTdU6NifDZajjRi8pe96y+VwHkgCleDSEBZHG2r
VXFGB/xJBtmz5MkOAh2+y3TVCLwF8e2bNdcoH0HtZ9LLD0eQxBLj2ANMlsKL92va
cU7kKAlfJqcOSkyN7TACLRPRtjXSK4+zEn1K+lWuPCX73Cv36t1Nf/4/jl1UItSF
7mqRwVJQuc/ka+jvGCM9ZWShy/5kvMBaBGMC4ja2x0+WRS4vOCAN8uEyWfAcLVHH
FnKzXEULpbRbF/f7fyIf7XVMC4w/LK09xxRTdMh9T6oiq0NujSFv0RS+VQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:51:52 2025 by rpki-client