Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/38392e34322e3131312e302f32342d3234203d3e203631333137.roa
File: 38392e34322e3131312e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: T+9QQX64dOYanRzHKI9rhWnUyaZt9GgRQXrvhvIBrgs=
Subject key identifier: DD:26:4B:C7:4E:98:C7:1D:17:49:A4:CF:21:29:6E:64:65:9C:BC:BB
Certificate issuer: /CN=ed9edb2a15871785fbae38e23c38820dbfa2cca4
Certificate serial: 0C2C7E54B004D5CCADB139A856C266C059D51A5C
Authority key identifier: ED:9E:DB:2A:15:87:17:85:FB:AE:38:E2:3C:38:82:0D:BF:A2:CC:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7Z7bKhWHF4X7rjjiPDiCDb-izKQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/38392e34322e3131312e302f32342d3234203d3e203631333137.roa
Signing time: Wed 25 Jun 2025 12:54:11 +0000
ROA not before: Wed 25 Jun 2025 12:49:11 +0000
ROA not after: Wed 24 Jun 2026 12:54:11 +0000
asID: 61317
IP address blocks: 89.42.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/ED9EDB2A15871785FBAE38E23C38820DBFA2CCA4.crl
rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/ED9EDB2A15871785FBAE38E23C38820DBFA2CCA4.mft
rsync://rpki.ripe.net/repository/DEFAULT/7Z7bKhWHF4X7rjjiPDiCDb-izKQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:2c:7e:54:b0:04:d5:cc:ad:b1:39:a8:56:c2:66:c0:59:d5:1a:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed9edb2a15871785fbae38e23c38820dbfa2cca4
Validity
Not Before: Jun 25 12:49:11 2025 GMT
Not After : Jun 24 12:54:11 2026 GMT
Subject: CN=DD264BC74E98C71D1749A4CF21296E64659CBCBB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ed:95:20:f6:99:ac:5a:b0:87:91:ca:ff:e2:
7b:07:46:82:39:63:b7:2b:55:5c:82:f3:3b:60:df:
60:e4:08:10:c6:3a:83:b0:db:ce:38:04:f7:02:5e:
7c:b2:a7:1c:ca:15:d6:b5:7b:bc:74:2f:c3:41:13:
0e:65:20:bb:bb:e8:1c:03:69:4e:0a:e2:bc:e1:b2:
c2:fc:66:a8:72:34:03:30:92:a5:0f:80:ff:81:28:
71:20:cf:76:d5:a0:0b:58:ea:3f:40:f7:96:ad:ff:
bc:21:46:bd:6c:e6:62:c3:62:86:d1:ca:ce:1e:e1:
20:ba:46:d7:25:ba:26:ed:ea:6f:e5:19:c5:dd:32:
e6:1b:f2:ac:d3:6d:8f:41:ca:2c:2b:00:32:91:4f:
91:49:fe:66:d3:72:9c:bc:c8:a5:8c:77:06:c9:8d:
83:6d:d7:57:37:96:1c:2e:55:1f:98:6a:17:b5:52:
6c:b0:c5:c1:c6:77:cf:49:7e:38:5a:53:52:6f:90:
04:14:6b:76:ce:c5:14:91:00:54:53:43:db:a2:f3:
76:6c:a9:80:60:c1:25:b9:47:c8:7b:99:62:6b:70:
0b:e8:05:a0:8b:d9:3d:5a:e2:e3:e7:34:51:2c:13:
73:5e:08:5d:a1:2d:69:e6:f2:c7:78:da:e8:0f:cb:
3b:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:26:4B:C7:4E:98:C7:1D:17:49:A4:CF:21:29:6E:64:65:9C:BC:BB
X509v3 Authority Key Identifier:
keyid:ED:9E:DB:2A:15:87:17:85:FB:AE:38:E2:3C:38:82:0D:BF:A2:CC:A4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/ED9EDB2A15871785FBAE38E23C38820DBFA2CCA4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7Z7bKhWHF4X7rjjiPDiCDb-izKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/38392e34322e3131312e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.111.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:80:5e:e2:bf:fa:dd:05:c1:b4:86:1c:3e:e6:22:01:f6:55:
da:49:30:4a:18:e9:a9:02:23:ff:f7:31:29:2e:62:9c:e6:91:
d2:58:d2:d4:b3:d9:2d:9a:34:ff:25:22:45:af:59:e9:ab:07:
1a:d2:33:60:08:5b:68:7c:07:da:0c:db:4e:90:89:c2:ce:36:
e4:e5:ee:5e:63:f8:ce:fd:75:68:95:5f:d8:7d:e1:3a:0f:81:
f0:24:3a:b0:cb:c6:53:0e:6c:89:b2:7f:08:0b:f8:1e:94:b8:
91:c2:76:47:55:1c:2a:a4:76:71:2e:b9:3d:e2:05:d3:97:ff:
b0:fe:b5:58:23:93:0c:6a:89:3f:dd:c6:5b:ac:d2:c7:0e:94:
3e:fb:91:5a:18:a7:5c:bd:bc:6c:06:d3:27:17:9c:7b:10:81:
e2:bb:84:cc:90:f6:42:0c:c0:6e:c3:be:4e:54:34:6a:38:be:
22:a8:65:f5:3e:dd:95:ce:8d:2d:c8:18:7f:2b:5a:91:49:25:
96:f7:9d:ed:0a:27:b6:df:dc:f9:87:19:b4:a5:ea:69:96:6f:
7f:6a:d1:4b:ac:7e:1f:85:af:65:e6:41:73:9a:e9:16:bc:f0:
6c:1b:c8:fd:b4:e3:67:90:47:bb:75:2a:93:59:55:25:83:83:
1a:61:d3:6d
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUDCx+VLAE1cytsTmoVsJmwFnVGlwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZWQ5ZWRiMmExNTg3MTc4NWZiYWUzOGUyM2MzODgyMGRi
ZmEyY2NhNDAeFw0yNTA2MjUxMjQ5MTFaFw0yNjA2MjQxMjU0MTFaMDMxMTAvBgNV
BAMTKEREMjY0QkM3NEU5OEM3MUQxNzQ5QTRDRjIxMjk2RTY0NjU5Q0JDQkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC7ZUg9pmsWrCHkcr/4nsHRoI5
Y7crVVyC8ztg32DkCBDGOoOw2844BPcCXnyypxzKFda1e7x0L8NBEw5lILu76BwD
aU4K4rzhssL8ZqhyNAMwkqUPgP+BKHEgz3bVoAtY6j9A95at/7whRr1s5mLDYobR
ys4e4SC6Rtcluibt6m/lGcXdMuYb8qzTbY9ByiwrADKRT5FJ/mbTcpy8yKWMdwbJ
jYNt11c3lhwuVR+Yahe1UmywxcHGd89JfjhaU1JvkAQUa3bOxRSRAFRTQ9ui83Zs
qYBgwSW5R8h7mWJrcAvoBaCL2T1a4uPnNFEsE3NeCF2hLWnm8sd42ugPyzv1AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU3SZLx06Yxx0XSaTPISluZGWcvLswHwYDVR0j
BBgwFoAU7Z7bKhWHF4X7rjjiPDiCDb+izKQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWEwZGU5N2YtN2VlOC00Y2UwLWIwNDUtZWZhYzhjMjQz
Yzc5LzAvRUQ5RURCMkExNTg3MTc4NUZCQUUzOEUyM0MzODgyMERCRkEyQ0NBNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdaN2JLaFdIRjRYN3JqamlQRGlDRGIt
aXpLUS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWEwZGU5N2Yt
N2VlOC00Y2UwLWIwNDUtZWZhYzhjMjQzYzc5LzAvMzgzOTJlMzQzMjJlMzEzMTMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMTMzMzEzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFkq
bzANBgkqhkiG9w0BAQsFAAOCAQEAToBe4r/63QXBtIYcPuYiAfZV2kkwShjpqQIj
//cxKS5inOaR0ljS1LPZLZo0/yUiRa9Z6asHGtIzYAhbaHwH2gzbTpCJws425OXu
XmP4zv11aJVf2H3hOg+B8CQ6sMvGUw5sibJ/CAv4HpS4kcJ2R1UcKqR2cS65PeIF
05f/sP61WCOTDGqJP93GW6zSxw6UPvuRWhinXL28bAbTJxecexCB4ruEzJD2QgzA
bsO+TlQ0aji+Iqhl9T7dlc6NLcgYfytakUkllved7Qontt/c+YcZtKXqaZZvf2rR
S6x+H4WvZeZBc5rpFrzwbBvI/bTjZ5BHu3Uqk1lVJYODGmHTbQ==
-----END CERTIFICATE-----
Generated at Tue Jul 1 16:54:13 2025 by rpki-client