Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e3bd2d2e-f40e-472e-9f8f-8984feaaa5c7/0/3139342e3135362e37362e302f32342d3234203d3e20323132323338.roa
File: 3139342e3135362e37362e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: +FUmQfKGqa7l1UgyL4zjqDbJWdoQDDjzi+PS6gpsjlM=
Subject key identifier: C6:80:FE:11:5E:2F:63:A1:A8:61:79:4A:40:6D:84:D1:27:2C:CE:DF
Certificate issuer: /CN=0993289b168a37d449bc0d44b1ad35e532025cf1
Certificate serial: 51F10CD1CAB00EDA01E57A9750D341B6E4C6FD6F
Authority key identifier: 09:93:28:9B:16:8A:37:D4:49:BC:0D:44:B1:AD:35:E5:32:02:5C:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CZMomxaKN9RJvA1Esa015TICXPE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e3bd2d2e-f40e-472e-9f8f-8984feaaa5c7/0/3139342e3135362e37362e302f32342d3234203d3e20323132323338.roa
Signing time: Thu 14 Aug 2025 19:54:13 +0000
ROA not before: Thu 14 Aug 2025 19:49:13 +0000
ROA not after: Thu 13 Aug 2026 19:54:13 +0000
asID: 212238
IP address blocks: 194.156.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e3bd2d2e-f40e-472e-9f8f-8984feaaa5c7/0/0993289B168A37D449BC0D44B1AD35E532025CF1.crl
rsync://rsync.paas.rpki.ripe.net/repository/e3bd2d2e-f40e-472e-9f8f-8984feaaa5c7/0/0993289B168A37D449BC0D44B1AD35E532025CF1.mft
rsync://rpki.ripe.net/repository/DEFAULT/CZMomxaKN9RJvA1Esa015TICXPE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:f1:0c:d1:ca:b0:0e:da:01:e5:7a:97:50:d3:41:b6:e4:c6:fd:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0993289b168a37d449bc0d44b1ad35e532025cf1
Validity
Not Before: Aug 14 19:49:13 2025 GMT
Not After : Aug 13 19:54:13 2026 GMT
Subject: CN=C680FE115E2F63A1A861794A406D84D1272CCEDF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:0e:90:21:82:05:50:be:5e:68:c4:7c:c1:95:
2b:c7:07:c3:50:2e:89:2d:9d:4d:f2:5b:55:4b:d5:
ab:f1:37:74:6c:0c:2e:18:85:1a:cc:f5:29:41:be:
a9:de:53:c8:b2:a8:44:ab:01:50:54:50:05:1f:b9:
2c:0d:4c:d1:2c:84:96:3e:89:58:43:5f:e3:f7:57:
20:ec:5e:f7:e8:b3:05:81:a9:ec:92:65:f7:8c:f8:
65:12:ab:4d:a8:b0:d7:ae:a0:9e:d6:b8:b0:86:84:
0b:7b:80:1b:6d:84:57:d0:ae:e4:62:1d:2f:67:86:
2a:6d:a1:ad:bf:32:30:64:5a:3a:1a:78:47:74:49:
fa:f6:75:93:5a:06:fb:82:e8:a7:ca:d3:9f:b0:79:
50:58:84:e4:ee:87:c6:7a:d9:89:ca:2e:46:c3:b1:
82:b9:5f:49:30:ea:a4:86:45:b0:c3:8b:c9:71:26:
7e:cc:98:bf:9f:c1:63:15:c5:83:32:e5:9b:38:6b:
c9:97:2c:b8:2f:1c:7e:42:02:4d:db:27:7c:68:dd:
bb:08:1b:a7:59:ef:d9:b5:63:b8:52:bb:83:f7:bb:
d5:73:8b:66:99:57:01:5c:93:56:2e:62:03:8f:0a:
c7:42:08:30:ab:40:e4:01:a6:cd:0f:dd:30:2e:dd:
4a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:80:FE:11:5E:2F:63:A1:A8:61:79:4A:40:6D:84:D1:27:2C:CE:DF
X509v3 Authority Key Identifier:
keyid:09:93:28:9B:16:8A:37:D4:49:BC:0D:44:B1:AD:35:E5:32:02:5C:F1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e3bd2d2e-f40e-472e-9f8f-8984feaaa5c7/0/0993289B168A37D449BC0D44B1AD35E532025CF1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CZMomxaKN9RJvA1Esa015TICXPE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e3bd2d2e-f40e-472e-9f8f-8984feaaa5c7/0/3139342e3135362e37362e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.156.76.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:c4:61:c5:b5:d6:e6:6c:ae:62:80:36:d2:63:20:d9:c7:f4:
88:3d:06:6a:38:31:7d:74:f9:4c:5d:ff:67:f1:7e:5b:0d:d1:
cd:90:db:e5:d6:ba:99:1f:59:a5:d2:d7:1b:70:1b:97:ab:9b:
71:60:5f:67:e6:2f:93:bb:0d:e1:ef:44:2d:84:09:72:67:11:
81:f6:7a:85:d9:0b:c8:08:f9:33:ac:ca:4b:b2:fd:46:04:d6:
2a:74:e3:43:62:c2:b8:b1:9c:61:6a:a0:c6:72:ba:75:61:7a:
0e:31:ee:ae:32:4e:90:b0:ea:48:b5:6d:6f:d7:46:19:f7:f4:
41:2b:43:bd:f3:c4:e9:97:b1:25:ee:d7:ae:de:67:07:5a:8f:
cc:41:11:a0:a9:9d:60:0b:5a:c1:77:98:62:49:7b:d0:0b:35:
49:69:62:e6:b5:8a:fa:fa:2f:73:03:32:c4:2e:97:6b:63:81:
0e:08:79:ee:4c:aa:1c:b5:6c:e4:bb:7d:81:cb:8a:b5:f0:64:
28:6c:5c:0b:50:75:dd:69:9b:b1:af:42:19:19:15:a0:c5:0c:
7f:a0:cd:9e:5b:67:a1:55:bd:c2:8e:88:83:e3:11:69:4f:49:
10:83:14:7d:fc:ac:4a:e8:a1:aa:79:1f:9d:cc:54:bf:10:56:
c6:7e:bf:bb
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUUfEM0cqwDtoB5XqXUNNBtuTG/W8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk5MzI4OWIxNjhhMzdkNDQ5YmMwZDQ0YjFhZDM1ZTUz
MjAyNWNmMTAeFw0yNTA4MTQxOTQ5MTNaFw0yNjA4MTMxOTU0MTNaMDMxMTAvBgNV
BAMTKEM2ODBGRTExNUUyRjYzQTFBODYxNzk0QTQwNkQ4NEQxMjcyQ0NFREYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiDpAhggVQvl5oxHzBlSvHB8NQ
LoktnU3yW1VL1avxN3RsDC4YhRrM9SlBvqneU8iyqESrAVBUUAUfuSwNTNEshJY+
iVhDX+P3VyDsXvfoswWBqeySZfeM+GUSq02osNeuoJ7WuLCGhAt7gBtthFfQruRi
HS9nhiptoa2/MjBkWjoaeEd0Sfr2dZNaBvuC6KfK05+weVBYhOTuh8Z62YnKLkbD
sYK5X0kw6qSGRbDDi8lxJn7MmL+fwWMVxYMy5Zs4a8mXLLgvHH5CAk3bJ3xo3bsI
G6dZ79m1Y7hSu4P3u9Vzi2aZVwFck1YuYgOPCsdCCDCrQOQBps0P3TAu3UoNAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUxoD+EV4vY6GoYXlKQG2E0Scszt8wHwYDVR0j
BBgwFoAUCZMomxaKN9RJvA1Esa015TICXPEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTNiZDJkMmUtZjQwZS00NzJlLTlmOGYtODk4NGZlYWFh
NWM3LzAvMDk5MzI4OUIxNjhBMzdENDQ5QkMwRDQ0QjFBRDM1RTUzMjAyNUNGMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NaTW9teGFLTjlSSnZBMUVzYTAxNVRJ
Q1hQRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTNiZDJkMmUt
ZjQwZS00NzJlLTlmOGYtODk4NGZlYWFhNWM3LzAvMzEzOTM0MmUzMTM1MzYyZTM3
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMjMzMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCnEwwDQYJKoZIhvcNAQELBQADggEBAC3EYcW11uZsrmKANtJjINnH9Ig9Bmo4
MX10+Uxd/2fxflsN0c2Q2+XWupkfWaXS1xtwG5erm3FgX2fmL5O7DeHvRC2ECXJn
EYH2eoXZC8gI+TOsykuy/UYE1ip040NiwrixnGFqoMZyunVheg4x7q4yTpCw6ki1
bW/XRhn39EErQ73zxOmXsSXu167eZwdaj8xBEaCpnWALWsF3mGJJe9ALNUlpYua1
ivr6L3MDMsQul2tjgQ4Iee5Mqhy1bOS7fYHLirXwZChsXAtQdd1pm7GvQhkZFaDF
DH+gzZ5bZ6FVvcKOiIPjEWlPSRCDFH38rErooap5H53MVL8QVsZ+v7s=
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:40:15 2025 by rpki-client