Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/34362e3235302e3232342e302f32302d3234203d3e20313431393935.roa
File: 34362e3235302e3232342e302f32302d3234203d3e20313431393935.roa (raw, json)
Hash identifier: ht90MUomGkgWhJETWF0rvugOS8SI8qvW9OndsUlGu80=
Subject key identifier: ED:7B:87:26:1A:C2:B8:47:14:97:B5:E7:29:8C:E8:6D:80:20:63:01
Certificate issuer: /CN=f29fbab4db867f6bd9a7eff6aa55d98c162e1aad
Certificate serial: 521A23C9CC944FEE5B8FAA3A9A52E4FCE920B7C3
Authority key identifier: F2:9F:BA:B4:DB:86:7F:6B:D9:A7:EF:F6:AA:55:D9:8C:16:2E:1A:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/34362e3235302e3232342e302f32302d3234203d3e20313431393935.roa
Signing time: Fri 15 Aug 2025 10:54:13 +0000
ROA not before: Fri 15 Aug 2025 10:49:13 +0000
ROA not after: Fri 14 Aug 2026 10:54:13 +0000
asID: 141995
IP address blocks: 46.250.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.crl
rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.mft
rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Aug 2025 23:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:1a:23:c9:cc:94:4f:ee:5b:8f:aa:3a:9a:52:e4:fc:e9:20:b7:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f29fbab4db867f6bd9a7eff6aa55d98c162e1aad
Validity
Not Before: Aug 15 10:49:13 2025 GMT
Not After : Aug 14 10:54:13 2026 GMT
Subject: CN=ED7B87261AC2B8471497B5E7298CE86D80206301
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:03:30:82:d3:0a:00:9b:8e:ae:e3:34:40:0f:
08:69:86:51:4d:d0:77:f2:b8:15:06:0f:ac:0e:b5:
04:d8:90:ce:ad:09:04:23:76:37:d3:0b:e1:f8:d4:
bb:cc:dd:18:72:b3:19:0f:07:51:a5:9f:1c:8c:57:
6f:f7:03:7d:72:76:55:51:c9:43:f7:09:57:f8:fa:
73:9a:02:74:38:a5:1d:a6:79:68:0a:48:6a:6a:4d:
e8:f5:6c:8b:4a:85:7f:eb:ed:48:77:f5:e9:a5:dc:
f7:9d:7f:6a:e0:db:b0:81:1f:30:5f:80:65:71:d1:
6e:df:3d:8d:12:9c:8f:1b:17:f6:46:a2:2e:87:b1:
07:55:d3:75:67:12:1b:d1:78:b9:f5:25:b7:b3:1b:
db:ea:0f:01:01:73:9f:b0:ee:1d:1e:23:93:7d:b3:
5f:52:2e:03:1e:97:63:c3:9e:53:f8:11:b5:04:6b:
fd:c0:ff:5c:d3:8f:b1:89:cd:59:47:45:39:57:08:
7c:40:89:a9:90:76:0d:fa:60:f6:3b:b3:19:ea:96:
38:90:d2:f9:d0:34:ab:15:3e:00:d3:cc:64:f9:a1:
e5:42:99:77:49:72:32:e4:40:2e:61:06:18:24:94:
65:ad:db:04:aa:aa:c8:06:68:af:97:15:3a:4e:34:
93:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:7B:87:26:1A:C2:B8:47:14:97:B5:E7:29:8C:E8:6D:80:20:63:01
X509v3 Authority Key Identifier:
keyid:F2:9F:BA:B4:DB:86:7F:6B:D9:A7:EF:F6:AA:55:D9:8C:16:2E:1A:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/34362e3235302e3232342e302f32302d3234203d3e20313431393935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.250.224.0/20
Signature Algorithm: sha256WithRSAEncryption
91:9f:17:90:f3:ad:6a:12:75:d1:81:58:50:7f:7c:04:09:a5:
8c:b9:cf:1c:c5:1e:0c:0e:d0:75:5f:76:0a:09:5f:d8:31:60:
55:d7:e2:d7:40:9d:cb:96:f4:17:39:11:0e:d7:da:19:65:1b:
84:db:65:11:99:b6:ca:ce:cb:52:8c:e3:76:24:a9:5e:31:94:
6c:eb:7f:55:96:03:2a:f3:45:bd:ee:e2:e5:a9:86:3a:94:13:
bf:29:27:c2:64:24:8f:b2:ce:f2:38:36:dc:1c:04:61:ae:19:
92:9b:96:a5:a1:13:bf:33:93:9a:03:c0:48:24:f1:8c:08:0a:
26:26:36:12:5e:93:73:11:96:29:36:70:77:2f:bc:ce:f6:88:
33:31:ab:ea:8e:00:49:ee:17:2c:05:ff:d0:6b:3d:04:21:95:
d6:34:4c:00:8e:4a:72:a7:fe:15:1c:3d:03:f6:a9:3f:ce:70:
32:3e:30:88:49:4c:61:42:0c:06:d4:b5:02:b2:12:85:fb:fc:
ab:8a:f4:f0:c2:f9:37:fd:2f:0c:33:5e:32:02:c8:e6:38:02:
17:f3:59:3a:80:30:f9:3f:2c:fd:4c:15:05:bf:d3:80:63:60:
38:aa:9a:8b:fd:df:80:a9:2b:9f:bd:bc:7e:22:4c:bf:d2:0e:
9d:4e:ce:78
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUUhojycyUT+5bj6o6mlLk/Okgt8MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjI5ZmJhYjRkYjg2N2Y2YmQ5YTdlZmY2YWE1NWQ5OGMx
NjJlMWFhZDAeFw0yNTA4MTUxMDQ5MTNaFw0yNjA4MTQxMDU0MTNaMDMxMTAvBgNV
BAMTKEVEN0I4NzI2MUFDMkI4NDcxNDk3QjVFNzI5OENFODZEODAyMDYzMDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrAzCC0woAm46u4zRADwhphlFN
0HfyuBUGD6wOtQTYkM6tCQQjdjfTC+H41LvM3RhysxkPB1GlnxyMV2/3A31ydlVR
yUP3CVf4+nOaAnQ4pR2meWgKSGpqTej1bItKhX/r7Uh39eml3Pedf2rg27CBHzBf
gGVx0W7fPY0SnI8bF/ZGoi6HsQdV03VnEhvReLn1JbezG9vqDwEBc5+w7h0eI5N9
s19SLgMel2PDnlP4EbUEa/3A/1zTj7GJzVlHRTlXCHxAiamQdg36YPY7sxnqljiQ
0vnQNKsVPgDTzGT5oeVCmXdJcjLkQC5hBhgklGWt2wSqqsgGaK+XFTpONJNrAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU7XuHJhrCuEcUl7XnKYzobYAgYwEwHwYDVR0j
BBgwFoAU8p+6tNuGf2vZp+/2qlXZjBYuGq0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmY1MmQ4MTQtM2QyZi00ZGY0LTgxNDAtZGZiNTMwZjc0
OTEyLzAvRjI5RkJBQjREQjg2N0Y2QkQ5QTdFRkY2QUE1NUQ5OEMxNjJFMUFBRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhwLTZ0TnVHZjJ2WnAtXzJxbFhaakJZ
dUdxMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmY1MmQ4MTQt
M2QyZi00ZGY0LTgxNDAtZGZiNTMwZjc0OTEyLzAvMzQzNjJlMzIzNTMwMmUzMjMy
MzQyZTMwMmYzMjMwMmQzMjM0MjAzZDNlMjAzMTM0MzEzOTM5MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAQu+uAwDQYJKoZIhvcNAQELBQADggEBAJGfF5DzrWoSddGBWFB/fAQJpYy5zxzF
HgwO0HVfdgoJX9gxYFXX4tdAncuW9Bc5EQ7X2hllG4TbZRGZtsrOy1KM43YkqV4x
lGzrf1WWAyrzRb3u4uWphjqUE78pJ8JkJI+yzvI4NtwcBGGuGZKblqWhE78zk5oD
wEgk8YwICiYmNhJek3MRlik2cHcvvM72iDMxq+qOAEnuFywF/9BrPQQhldY0TACO
SnKn/hUcPQP2qT/OcDI+MIhJTGFCDAbUtQKyEoX7/KuK9PDC+Tf9LwwzXjICyOY4
AhfzWTqAMPk/LP1MFQW/04BjYDiqmov934CpK5+9vH4iTL/SDp1Ozng=
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:52:24 2025 by rpki-client