Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/3139342e3131372e36392e302f32342d3234203d3e20333936303634.roa
File: 3139342e3131372e36392e302f32342d3234203d3e20333936303634.roa (raw, json)
Hash identifier: uPzNQdfiTlC1R9B5J33ZDfQAHE+DMHweR/VNt7ogg2k=
Subject key identifier: 09:3A:22:ED:59:7F:90:04:B7:A5:4B:5E:96:5A:01:03:E0:4A:85:C9
Certificate issuer: /CN=5cdc04bb23eaa4cecc791dfe04bb028b7e797b68
Certificate serial: 331BF51ADFF47DEC1D68434A074437FCDA6DDF63
Authority key identifier: 5C:DC:04:BB:23:EA:A4:CE:CC:79:1D:FE:04:BB:02:8B:7E:79:7B:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/3139342e3131372e36392e302f32342d3234203d3e20333936303634.roa
Signing time: Mon 13 Oct 2025 17:27:10 +0000
ROA not before: Mon 13 Oct 2025 17:22:10 +0000
ROA not after: Mon 12 Oct 2026 17:27:10 +0000
asID: 396064
IP address blocks: 194.117.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.crl
rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.mft
rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 07:42:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:1b:f5:1a:df:f4:7d:ec:1d:68:43:4a:07:44:37:fc:da:6d:df:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cdc04bb23eaa4cecc791dfe04bb028b7e797b68
Validity
Not Before: Oct 13 17:22:10 2025 GMT
Not After : Oct 12 17:27:10 2026 GMT
Subject: CN=093A22ED597F9004B7A54B5E965A0103E04A85C9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:bc:0d:9f:a3:bf:61:8f:5a:1c:3f:3a:c4:3f:
c8:a4:21:9d:47:3d:7c:da:ce:5a:b0:25:e0:da:6b:
c2:d0:66:64:24:95:27:2f:0a:f2:cc:ce:1d:b2:c7:
a7:bb:41:2f:d8:6a:08:7c:9f:99:e5:2b:c6:d5:8f:
c3:99:8d:16:19:de:e5:07:e0:26:7c:a5:9a:7a:c4:
d3:48:2c:cf:e9:5e:58:5b:ef:ed:d2:6f:6d:76:49:
0f:0f:0d:ee:f0:3b:1f:6a:36:1b:cf:df:f9:32:21:
a4:ab:25:fa:88:39:ad:0b:b8:74:0d:4b:59:d1:98:
b0:9a:7b:a3:dc:90:32:fe:10:0c:cd:d4:49:cb:75:
82:60:48:4f:e2:89:1a:e8:85:b3:b8:81:a4:22:b7:
ac:a7:d4:0d:b8:69:95:40:fe:ee:c0:67:53:b4:6e:
17:89:b2:df:b2:ce:7f:c6:91:67:ff:71:1f:9c:2d:
77:6f:6a:5f:22:96:71:88:88:19:17:24:23:14:0f:
49:7d:12:9a:60:bd:c7:be:22:9b:54:27:d7:e8:e5:
f5:a9:ca:65:b3:26:ba:2d:d7:5c:21:ed:58:be:58:
bb:04:93:e0:b1:0d:c3:75:c9:a4:df:1c:e3:9f:2e:
69:77:6f:b6:3c:91:c8:c9:b1:07:26:a7:9d:b7:23:
a3:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:3A:22:ED:59:7F:90:04:B7:A5:4B:5E:96:5A:01:03:E0:4A:85:C9
X509v3 Authority Key Identifier:
keyid:5C:DC:04:BB:23:EA:A4:CE:CC:79:1D:FE:04:BB:02:8B:7E:79:7B:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/3139342e3131372e36392e302f32342d3234203d3e20333936303634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.117.69.0/24
Signature Algorithm: sha256WithRSAEncryption
22:6c:85:62:b3:a2:de:ed:f2:dc:a5:5d:37:9b:31:a0:35:3f:
5e:eb:3d:d2:2f:fc:16:0a:f3:e3:b1:a9:2d:0e:7f:2c:06:21:
87:a3:a9:42:67:f1:20:b3:b8:2b:b0:52:0a:2e:2a:b9:73:49:
05:04:af:5e:9c:76:04:b2:f9:90:15:4b:48:8a:3b:96:6b:77:
20:8e:93:1f:c2:2b:d6:10:3a:ce:e2:c7:0e:39:86:73:a9:bb:
7c:96:67:68:a5:2d:54:81:b1:ba:68:1e:72:60:72:da:83:31:
06:be:9a:04:10:33:b3:6f:a2:e0:a1:e1:f6:a1:9d:42:0d:be:
d6:b8:35:f3:7c:ac:90:20:be:5b:03:34:fe:6b:0f:95:37:7b:
eb:a1:0a:33:9d:34:43:88:3f:40:01:b0:f8:d5:30:88:56:99:
9d:c7:09:5a:bc:65:0c:ca:28:af:82:d0:07:55:b3:f9:c9:90:
61:23:c3:27:be:b0:f7:4c:de:be:33:3b:c9:c9:57:6f:a0:f5:
ed:a4:54:ea:7f:39:cf:2d:ae:6a:b1:f7:a5:17:b1:cf:e2:5c:
5e:ee:07:01:f6:70:fe:c8:26:13:f6:1d:22:eb:af:c7:56:a8:
45:2e:b4:f5:0c:db:99:f1:d8:ee:9f:8e:e6:49:c1:63:3c:79:
03:48:76:15
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMxv1Gt/0fewdaENKB0Q3/Npt32MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWNkYzA0YmIyM2VhYTRjZWNjNzkxZGZlMDRiYjAyOGI3
ZTc5N2I2ODAeFw0yNTEwMTMxNzIyMTBaFw0yNjEwMTIxNzI3MTBaMDMxMTAvBgNV
BAMTKDA5M0EyMkVENTk3RjkwMDRCN0E1NEI1RTk2NUEwMTAzRTA0QTg1QzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPvA2fo79hj1ocPzrEP8ikIZ1H
PXzazlqwJeDaa8LQZmQklScvCvLMzh2yx6e7QS/Yagh8n5nlK8bVj8OZjRYZ3uUH
4CZ8pZp6xNNILM/pXlhb7+3Sb212SQ8PDe7wOx9qNhvP3/kyIaSrJfqIOa0LuHQN
S1nRmLCae6PckDL+EAzN1EnLdYJgSE/iiRrohbO4gaQit6yn1A24aZVA/u7AZ1O0
bheJst+yzn/GkWf/cR+cLXdval8ilnGIiBkXJCMUD0l9Eppgvce+IptUJ9fo5fWp
ymWzJrot11wh7Vi+WLsEk+CxDcN1yaTfHOOfLml3b7Y8kcjJsQcmp523I6OZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUCToi7Vl/kAS3pUtelloBA+BKhckwHwYDVR0j
BBgwFoAUXNwEuyPqpM7MeR3+BLsCi355e2gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2QxOWRiMjAtNDY1My00OGQ0LThmYzQtNTgwZDEzNjli
N2M0LzAvNUNEQzA0QkIyM0VBQTRDRUNDNzkxREZFMDRCQjAyOEI3RTc5N0I2OC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hOd0V1eVBxcE03TWVSMy1CTHNDaTM1
NWUyZy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2QxOWRiMjAt
NDY1My00OGQ0LThmYzQtNTgwZDEzNjliN2M0LzAvMzEzOTM0MmUzMTMxMzcyZTM2
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzYzMDM2MzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCdUUwDQYJKoZIhvcNAQELBQADggEBACJshWKzot7t8tylXTebMaA1P17rPdIv
/BYK8+OxqS0OfywGIYejqUJn8SCzuCuwUgouKrlzSQUEr16cdgSy+ZAVS0iKO5Zr
dyCOkx/CK9YQOs7ixw45hnOpu3yWZ2ilLVSBsbpoHnJgctqDMQa+mgQQM7NvouCh
4fahnUINvta4NfN8rJAgvlsDNP5rD5U3e+uhCjOdNEOIP0ABsPjVMIhWmZ3HCVq8
ZQzKKK+C0AdVs/nJkGEjwye+sPdM3r4zO8nJV2+g9e2kVOp/Oc8trmqx96UXsc/i
XF7uBwH2cP7IJhP2HSLrr8dWqEUutPUM25nx2O6fjuZJwWM8eQNIdhU=
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:15:27 2025 by rpki-client