Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/3139342e3132342e3233342e302f32342d3234203d3e20343031383338.roa
File: 3139342e3132342e3233342e302f32342d3234203d3e20343031383338.roa (raw, json)
Hash identifier: dg4srvpWF3uIRgfQMdk/wAV5BokR1veRJ6lDUvN1tY0=
Subject key identifier: 52:C1:D2:AF:FD:FB:59:70:C7:1B:34:4D:94:04:12:76:64:A4:DD:96
Certificate issuer: /CN=cb29a77669df5a7a5cb506d839ee8aa4337ccaac
Certificate serial: 69D5088B113086F946838B3DF056677F06929892
Authority key identifier: CB:29:A7:76:69:DF:5A:7A:5C:B5:06:D8:39:EE:8A:A4:33:7C:CA:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yymndmnfWnpctQbYOe6KpDN8yqw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/3139342e3132342e3233342e302f32342d3234203d3e20343031383338.roa
Signing time: Wed 13 Aug 2025 05:13:27 +0000
ROA not before: Wed 13 Aug 2025 05:08:27 +0000
ROA not after: Wed 12 Aug 2026 05:13:27 +0000
asID: 401838
IP address blocks: 194.124.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/CB29A77669DF5A7A5CB506D839EE8AA4337CCAAC.crl
rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/CB29A77669DF5A7A5CB506D839EE8AA4337CCAAC.mft
rsync://rpki.ripe.net/repository/DEFAULT/yymndmnfWnpctQbYOe6KpDN8yqw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:d5:08:8b:11:30:86:f9:46:83:8b:3d:f0:56:67:7f:06:92:98:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb29a77669df5a7a5cb506d839ee8aa4337ccaac
Validity
Not Before: Aug 13 05:08:27 2025 GMT
Not After : Aug 12 05:13:27 2026 GMT
Subject: CN=52C1D2AFFDFB5970C71B344D9404127664A4DD96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c3:49:e8:cd:4a:0b:9d:5d:61:db:3c:6e:f1:
36:8b:91:3b:d8:e5:3f:f1:1f:07:9b:b8:4d:9e:66:
1a:fa:22:f9:9f:47:db:74:61:91:46:a4:4b:16:cb:
ae:df:dd:97:0a:d7:9c:f1:6d:4a:a1:21:a1:05:27:
78:b6:d0:10:88:a6:ad:f7:b8:ac:9e:45:48:4c:fb:
5e:c4:c2:0e:d8:10:0f:ad:a1:19:ae:90:68:7c:01:
bc:a9:45:49:5a:58:a0:fe:2b:6b:ec:83:0e:dd:b0:
a6:0a:ba:4c:2d:08:44:5a:e6:aa:6d:08:5f:25:db:
b6:e1:d8:7a:9b:2c:31:eb:e7:54:55:ce:79:81:55:
90:c3:88:00:53:2b:64:85:d8:5a:b7:9b:8b:f3:c8:
56:c5:50:92:c3:33:9a:24:d7:e7:44:ec:ec:a0:fb:
55:10:84:10:42:11:3a:46:c4:eb:b6:88:2e:86:7c:
50:18:20:3d:04:4a:46:0b:f6:64:c0:11:19:94:8a:
f1:14:a1:59:43:a1:11:22:21:25:ae:5e:ae:7e:4c:
5e:35:91:54:5a:09:91:54:93:b9:96:1d:ea:f9:1c:
b4:da:7c:ad:24:78:5b:ba:1c:cf:46:b1:6f:a1:e4:
c8:64:ca:46:f4:49:31:51:76:7c:71:6d:74:95:ea:
24:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:C1:D2:AF:FD:FB:59:70:C7:1B:34:4D:94:04:12:76:64:A4:DD:96
X509v3 Authority Key Identifier:
keyid:CB:29:A7:76:69:DF:5A:7A:5C:B5:06:D8:39:EE:8A:A4:33:7C:CA:AC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/CB29A77669DF5A7A5CB506D839EE8AA4337CCAAC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yymndmnfWnpctQbYOe6KpDN8yqw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/3139342e3132342e3233342e302f32342d3234203d3e20343031383338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.124.234.0/24
Signature Algorithm: sha256WithRSAEncryption
17:af:af:a2:21:47:4f:df:59:12:56:5c:7d:89:56:88:ef:6b:
a4:70:98:2c:77:d5:6c:9f:ca:59:80:f0:b2:6e:96:10:bd:7e:
22:af:f5:15:b2:7b:42:25:b5:06:80:cc:cf:81:11:14:35:4b:
31:65:4c:42:49:5e:81:3e:81:31:0f:91:bf:a3:d2:28:7d:f0:
80:80:3a:ab:65:36:f3:d7:5d:53:31:5a:3e:26:fd:05:70:af:
ef:c0:a8:25:e2:a4:51:07:0e:ca:1e:b5:2f:0a:79:93:0d:de:
9c:6a:d8:ad:0f:83:84:7a:a3:46:29:aa:11:f8:b8:fc:1b:63:
89:1f:82:19:f0:3f:b1:d1:12:73:2b:f1:60:0b:63:b1:ba:03:
26:b9:be:54:8d:7a:3e:e9:fc:ce:50:dd:73:be:d3:92:9d:1a:
0d:1e:51:49:31:3c:56:d0:09:c7:b9:79:3a:20:63:81:8c:9b:
62:3d:d6:b4:83:7d:31:fd:7b:58:b4:3e:00:9d:d7:82:0d:81:
aa:b8:cd:e0:f5:ac:cd:f5:68:ba:d6:86:34:a7:16:45:3f:d3:
00:ff:3f:c3:c0:d8:c6:c0:54:37:8f:8c:76:ad:1b:ba:ad:c8:
0c:07:a7:8b:98:51:aa:ed:40:3b:1e:38:02:a2:21:54:51:7e:
0f:d1:58:66
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUadUIixEwhvlGg4s98FZnfwaSmJIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2IyOWE3NzY2OWRmNWE3YTVjYjUwNmQ4MzllZThhYTQz
MzdjY2FhYzAeFw0yNTA4MTMwNTA4MjdaFw0yNjA4MTIwNTEzMjdaMDMxMTAvBgNV
BAMTKDUyQzFEMkFGRkRGQjU5NzBDNzFCMzQ0RDk0MDQxMjc2NjRBNEREOTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2w0nozUoLnV1h2zxu8TaLkTvY
5T/xHwebuE2eZhr6IvmfR9t0YZFGpEsWy67f3ZcK15zxbUqhIaEFJ3i20BCIpq33
uKyeRUhM+17Ewg7YEA+toRmukGh8AbypRUlaWKD+K2vsgw7dsKYKukwtCERa5qpt
CF8l27bh2HqbLDHr51RVznmBVZDDiABTK2SF2Fq3m4vzyFbFUJLDM5ok1+dE7Oyg
+1UQhBBCETpGxOu2iC6GfFAYID0ESkYL9mTAERmUivEUoVlDoREiISWuXq5+TF41
kVRaCZFUk7mWHer5HLTafK0keFu6HM9GsW+h5Mhkykb0STFRdnxxbXSV6iSDAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUUsHSr/37WXDHGzRNlAQSdmSk3ZYwHwYDVR0j
BBgwFoAUyymndmnfWnpctQbYOe6KpDN8yqwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmIyNWQwNjgtN2Y5Yy00YjBlLWE2OTUtMTc3OWI3ZDhm
MDZlLzAvQ0IyOUE3NzY2OURGNUE3QTVDQjUwNkQ4MzlFRThBQTQzMzdDQ0FBQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3l5bW5kbW5mV25wY3RRYllPZTZLcERO
OHlxdy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmIyNWQwNjgt
N2Y5Yy00YjBlLWE2OTUtMTc3OWI3ZDhmMDZlLzAvMzEzOTM0MmUzMTMyMzQyZTMy
MzMzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzAzMTM4MzMzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMJ86jANBgkqhkiG9w0BAQsFAAOCAQEAF6+voiFHT99ZElZcfYlWiO9rpHCY
LHfVbJ/KWYDwsm6WEL1+Iq/1FbJ7QiW1BoDMz4ERFDVLMWVMQklegT6BMQ+Rv6PS
KH3wgIA6q2U289ddUzFaPib9BXCv78CoJeKkUQcOyh61Lwp5kw3enGrYrQ+DhHqj
RimqEfi4/BtjiR+CGfA/sdEScyvxYAtjsboDJrm+VI16Pun8zlDdc77Tkp0aDR5R
STE8VtAJx7l5OiBjgYybYj3WtIN9Mf17WLQ+AJ3Xgg2BqrjN4PWszfVoutaGNKcW
RT/TAP8/w8DYxsBUN4+Mdq0buq3IDAeni5hRqu1AOx44AqIhVFF+D9FYZg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:20:29 2025 by rpki-client