Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS1299.roa
File: AS1299.roa (raw, json)
Hash identifier: QRjuT5gLqFjCoKnnfQdI4WBqCzLpkKA1df3P68v7Vt4=
Subject key identifier: 5C:AF:C0:A1:BE:90:AA:C3:5D:73:E2:13:7A:1B:35:3A:EC:18:53:9A
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 5A1521B854E4252CEC8356F64CC2A0F254EB95DE
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS1299.roa
Signing time: Wed 15 Oct 2025 09:55:08 +0000
ROA not before: Wed 15 Oct 2025 09:50:08 +0000
ROA not after: Wed 14 Oct 2026 09:55:08 +0000
asID: 1299
IP address blocks: 92.112.248.0/24 maxlen: 24
92.112.249.0/24 maxlen: 24
92.112.250.0/24 maxlen: 24
92.112.251.0/24 maxlen: 24
92.112.252.0/24 maxlen: 24
92.112.253.0/24 maxlen: 24
92.112.254.0/24 maxlen: 24
92.112.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:15:21:b8:54:e4:25:2c:ec:83:56:f6:4c:c2:a0:f2:54:eb:95:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Oct 15 09:50:08 2025 GMT
Not After : Oct 14 09:55:08 2026 GMT
Subject: CN=5CAFC0A1BE90AAC35D73E2137A1B353AEC18539A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:60:db:3d:d3:1a:89:56:58:56:8b:22:dc:5f:
17:c5:c3:6b:9c:c1:31:d7:30:65:87:ef:d7:69:ef:
46:9a:ab:32:6e:f7:3a:ea:49:15:c6:35:7f:73:ac:
80:f9:c8:0b:fb:74:97:54:ae:60:d5:ef:7f:4e:96:
e5:09:22:61:23:69:21:5d:a5:2d:be:27:44:90:01:
42:e6:e2:0f:52:b1:3e:50:be:e6:e0:b2:77:2d:07:
71:7d:ae:cf:a8:82:24:22:32:3c:85:17:d6:de:6b:
3e:ec:0c:6f:d3:ac:f2:9f:73:7a:9d:cb:0a:ee:6f:
c5:86:f7:42:1f:5a:d3:61:f8:70:d8:8c:48:27:22:
72:b2:b8:db:19:24:87:39:21:91:d4:90:58:63:09:
f2:e9:60:33:06:1e:86:b5:8f:87:2a:d7:13:6d:00:
e2:23:2b:c8:0b:57:bd:e1:79:d2:17:9a:79:26:65:
cf:ea:4a:ce:ad:07:8b:1b:d3:77:81:4d:87:06:80:
7f:61:d4:8d:5a:a1:64:f3:7c:60:a5:33:cc:c2:7f:
36:fd:a4:65:32:09:44:c9:d2:a9:6c:09:30:b2:85:
5b:f6:bf:7a:52:69:f2:8b:6c:a2:72:9e:4d:ba:ed:
6f:c3:1b:46:e9:f8:16:c4:81:a5:8d:bc:43:f5:77:
07:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:AF:C0:A1:BE:90:AA:C3:5D:73:E2:13:7A:1B:35:3A:EC:18:53:9A
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS1299.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.112.248.0/21
Signature Algorithm: sha256WithRSAEncryption
19:2e:d3:bc:82:a1:e1:d8:a1:c8:c2:2f:08:83:34:19:33:9d:
0c:0f:a7:be:6a:d0:c0:6c:19:ee:ca:7a:4f:1c:3c:59:0d:a1:
3a:7b:ab:b4:74:82:4d:37:4e:0a:00:2c:20:7c:08:80:d0:44:
f5:38:71:ad:bb:2b:f4:8e:17:63:73:5f:2f:ee:01:4c:1c:eb:
43:8e:1d:b6:8f:d2:48:69:87:2d:69:ba:5f:64:74:79:15:b7:
07:ce:ee:2a:67:c9:73:b9:1e:2a:c4:55:f2:9a:35:1a:c5:66:
28:9c:20:fe:0f:63:0e:3f:2b:e2:8d:ca:21:35:d0:cf:73:6d:
ad:c0:95:bf:c8:5f:1f:46:52:40:dd:34:17:de:dd:a2:7d:c2:
4e:12:53:4a:15:9a:22:ba:0e:59:40:6a:5f:04:14:e0:6f:89:
ef:8c:8f:68:da:fb:29:63:87:9a:8f:44:82:03:dc:f9:4a:09:
dc:29:7b:0c:b4:e8:7b:c6:52:14:96:31:09:5c:e8:ce:3d:1e:
58:79:06:f6:01:e7:5f:4c:f9:30:98:f0:6f:1d:a5:3c:28:95:
54:c4:d1:d0:a7:05:a0:35:67:aa:24:5c:61:42:90:28:81:ac:
a6:0e:44:a5:55:14:2d:a2:f2:f1:e7:82:2c:69:d8:80:d1:45:
48:f7:da:79
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIUWhUhuFTkJSzsg1b2TMKg8lTrld4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTEwMTUwOTUwMDhaFw0yNjEwMTQwOTU1MDhaMDMxMTAvBgNV
BAMTKDVDQUZDMEExQkU5MEFBQzM1RDczRTIxMzdBMUIzNTNBRUMxODUzOUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4YNs90xqJVlhWiyLcXxfFw2uc
wTHXMGWH79dp70aaqzJu9zrqSRXGNX9zrID5yAv7dJdUrmDV739OluUJImEjaSFd
pS2+J0SQAULm4g9SsT5QvubgsnctB3F9rs+ogiQiMjyFF9beaz7sDG/TrPKfc3qd
ywrub8WG90IfWtNh+HDYjEgnInKyuNsZJIc5IZHUkFhjCfLpYDMGHoa1j4cq1xNt
AOIjK8gLV73hedIXmnkmZc/qSs6tB4sb03eBTYcGgH9h1I1aoWTzfGClM8zCfzb9
pGUyCUTJ0qlsCTCyhVv2v3pSafKLbKJynk267W/DG0bp+BbEgaWNvEP1dwczAgMB
AAGjggIIMIICBDAdBgNVHQ4EFgQUXK/Aob6QqsNdc+ITehs1OuwYU5owHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTI5OS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1xw+DAN
BgkqhkiG9w0BAQsFAAOCAQEAGS7TvIKh4dihyMIvCIM0GTOdDA+nvmrQwGwZ7sp6
Txw8WQ2hOnurtHSCTTdOCgAsIHwIgNBE9Thxrbsr9I4XY3NfL+4BTBzrQ44dto/S
SGmHLWm6X2R0eRW3B87uKmfJc7keKsRV8po1GsVmKJwg/g9jDj8r4o3KITXQz3Nt
rcCVv8hfH0ZSQN00F97don3CThJTShWaIroOWUBqXwQU4G+J74yPaNr7KWOHmo9E
ggPc+UoJ3Cl7DLToe8ZSFJYxCVzozj0eWHkG9gHnX0z5MJjwbx2lPCiVVMTR0KcF
oDVnqiRcYUKQKIGspg5EpVUULaLy8eeCLGnYgNFFSPfaeQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 19:31:12 2025 by rpki-client