Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138392e302f32342d3234203d3e203633393032.roa
File: 3130392e3131302e3138392e302f32342d3234203d3e203633393032.roa (raw, json)
Hash identifier: gaTZCuFFOenuIRHn7bEdTXUs0XVSyUdb0Iz7G0n8PqU=
Subject key identifier: BA:CE:FB:F7:1B:F8:81:41:95:11:E0:0C:0E:D5:74:74:28:46:E2:8C
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 22535DCD556342B3119DEB4EF1069789A77035E9
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138392e302f32342d3234203d3e203633393032.roa
Signing time: Wed 15 Oct 2025 08:34:19 +0000
ROA not before: Wed 15 Oct 2025 08:29:19 +0000
ROA not after: Wed 14 Oct 2026 08:34:19 +0000
asID: 63902
IP address blocks: 109.110.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:08:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:53:5d:cd:55:63:42:b3:11:9d:eb:4e:f1:06:97:89:a7:70:35:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Oct 15 08:29:19 2025 GMT
Not After : Oct 14 08:34:19 2026 GMT
Subject: CN=BACEFBF71BF881419511E00C0ED574742846E28C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:8d:97:f5:d9:02:11:c6:82:b6:66:99:f7:31:
7a:83:58:a4:78:74:82:0c:ac:d9:fd:36:92:73:69:
cd:b2:61:8b:29:bb:34:f0:2c:dc:95:4e:b6:ff:52:
bc:6f:5b:f0:8f:24:ec:73:7d:e0:34:74:e3:c6:f5:
5c:a0:ba:d7:ed:93:64:6e:3e:d4:03:d8:cc:3d:7f:
db:11:b3:19:f1:90:de:f9:9b:75:88:bd:9b:36:06:
cd:33:f2:a1:59:d2:07:3e:49:d3:be:3b:ab:5e:79:
07:ba:d7:93:2d:15:58:0f:c4:f7:4e:bc:92:0e:83:
c7:a9:dc:b5:44:b2:69:50:73:01:6b:92:4c:09:cc:
ce:7c:69:59:32:cc:21:a1:c6:d9:6f:d9:58:47:20:
eb:ce:d1:98:c2:f6:42:97:39:6d:a7:09:ab:f4:63:
d8:0d:dd:fc:5f:05:d4:da:f5:8c:f8:ba:7b:60:58:
f5:05:e3:ce:95:f3:28:9f:e1:1a:b7:d4:fd:1f:cb:
c3:ef:b1:74:c4:2e:a8:5f:89:f3:58:77:c4:f9:15:
1e:e6:04:28:48:fa:24:17:a5:60:ed:57:8b:7d:71:
5a:d4:8a:c9:2f:ec:31:99:85:2a:f1:52:fd:ec:59:
44:b1:07:c3:90:69:94:d5:08:c5:c1:e8:b5:48:7b:
f1:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:CE:FB:F7:1B:F8:81:41:95:11:E0:0C:0E:D5:74:74:28:46:E2:8C
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138392e302f32342d3234203d3e203633393032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.189.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:79:6a:87:28:ad:59:5d:f3:d1:34:42:f9:8a:4c:96:be:43:
c6:3b:50:3b:28:17:2c:b1:7d:6a:18:4b:e8:16:11:a8:b8:dc:
d2:7e:5f:40:33:98:30:28:51:9e:63:29:44:8c:49:38:a3:99:
e7:e8:7f:e7:0d:90:46:54:6b:40:20:67:e5:bb:58:ac:ba:0b:
36:e3:c8:70:a6:1f:5d:6e:63:76:1b:77:a9:d5:eb:8a:5c:18:
6e:e5:ff:89:b5:91:88:1d:e1:ec:b2:44:61:f0:5a:79:25:c8:
7f:8e:46:c0:34:28:e0:0e:5b:03:e7:af:10:ca:94:d1:a8:b3:
e8:01:ce:92:dd:87:67:5b:0a:ab:ea:80:ac:36:3e:63:d4:40:
4a:ee:4d:be:01:85:f9:50:94:5b:fb:78:bc:96:0f:65:87:be:
79:4c:4f:f6:50:12:ba:e5:b6:25:9b:92:23:e5:5e:7d:b4:42:
c1:5f:bc:5a:84:57:d3:4e:f6:c9:3a:09:bd:a9:04:58:92:2d:
a9:22:65:8d:85:9f:d3:85:87:3d:d5:68:54:22:ae:df:c6:23:
76:8c:56:2f:e1:dd:dd:8b:74:f3:1d:24:e8:b8:ed:8d:aa:46:
26:8f:d7:d8:fd:d3:2b:fa:1b:4a:eb:46:54:07:5a:32:2e:07:
69:00:74:c4
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUIlNdzVVjQrMRnetO8QaXiadwNekwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNTEwMTUwODI5MTlaFw0yNjEwMTQwODM0MTlaMDMxMTAvBgNV
BAMTKEJBQ0VGQkY3MUJGODgxNDE5NTExRTAwQzBFRDU3NDc0Mjg0NkUyOEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCajZf12QIRxoK2Zpn3MXqDWKR4
dIIMrNn9NpJzac2yYYspuzTwLNyVTrb/UrxvW/CPJOxzfeA0dOPG9Vygutftk2Ru
PtQD2Mw9f9sRsxnxkN75m3WIvZs2Bs0z8qFZ0gc+SdO+O6teeQe615MtFVgPxPdO
vJIOg8ep3LVEsmlQcwFrkkwJzM58aVkyzCGhxtlv2VhHIOvO0ZjC9kKXOW2nCav0
Y9gN3fxfBdTa9Yz4untgWPUF486V8yif4Rq31P0fy8PvsXTELqhfifNYd8T5FR7m
BChI+iQXpWDtV4t9cVrUiskv7DGZhSrxUv3sWUSxB8OQaZTVCMXB6LVIe/GJAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUus779xv4gUGVEeAMDtV0dChG4owwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzgzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzMzOTMwMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABtbr0wDQYJKoZIhvcNAQELBQADggEBAHp5aocorVld89E0QvmKTJa+Q8Y7UDso
FyyxfWoYS+gWEai43NJ+X0AzmDAoUZ5jKUSMSTijmefof+cNkEZUa0AgZ+W7WKy6
CzbjyHCmH11uY3Ybd6nV64pcGG7l/4m1kYgd4eyyRGHwWnklyH+ORsA0KOAOWwPn
rxDKlNGos+gBzpLdh2dbCqvqgKw2PmPUQEruTb4BhflQlFv7eLyWD2WHvnlMT/ZQ
ErrltiWbkiPlXn20QsFfvFqEV9NO9sk6Cb2pBFiSLakiZY2Fn9OFhz3VaFQirt/G
I3aMVi/h3d2LdPMdJOi47Y2qRiaP19j90yv6G0rrRlQHWjIuB2kAdMQ=
-----END CERTIFICATE-----
Generated at Mon Oct 20 00:04:46 2025 by rpki-client