Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/3130332e34392e3132392e302f32342d3234203d3e20313437323631.roa
File: 3130332e34392e3132392e302f32342d3234203d3e20313437323631.roa (raw, json)
Hash identifier: OkLNRr7sKDDa5HQaSwaNeYF6CO01e+JHe9kYR/VqYg4=
Subject key identifier: 6A:28:11:F7:98:C8:C9:C1:0F:9D:4A:03:C1:63:AE:9F:10:1D:8F:6B
Certificate issuer: /CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Certificate serial: 3538B97CDD8065AECAB5C3A0FBB2672274FDD2EC
Authority key identifier: C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/3130332e34392e3132392e302f32342d3234203d3e20313437323631.roa
Signing time: Sun 19 Oct 2025 04:46:46 +0000
ROA not before: Sun 19 Oct 2025 04:41:46 +0000
ROA not after: Sun 18 Oct 2026 04:46:46 +0000
asID: 147261
IP address blocks: 103.49.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.mft
rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 07:31:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:38:b9:7c:dd:80:65:ae:ca:b5:c3:a0:fb:b2:67:22:74:fd:d2:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Validity
Not Before: Oct 19 04:41:46 2025 GMT
Not After : Oct 18 04:46:46 2026 GMT
Subject: CN=6A2811F798C8C9C10F9D4A03C163AE9F101D8F6B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:34:f9:ed:9f:df:31:76:d9:10:b3:27:88:76:
46:75:03:61:22:85:3e:9c:ba:1f:22:78:8c:23:e2:
79:18:bd:cf:d1:77:38:ba:a8:10:bd:18:a1:f0:ca:
cb:86:48:6f:64:8d:c9:8b:54:1d:2d:1e:b2:d2:af:
9c:d1:1e:91:6f:fd:9f:45:5e:16:71:8d:39:89:d5:
e9:ec:18:a3:ae:93:31:9a:c0:d6:ae:47:f3:51:ed:
1f:0b:d4:f5:9b:d8:b0:bd:6d:f0:16:bd:b4:2c:32:
b3:02:b9:83:64:cf:f0:71:31:bf:d5:4b:86:b9:53:
e8:87:56:b9:85:b3:3c:d9:4c:62:a3:a3:d7:c6:ab:
29:4d:3a:ff:8c:c1:1a:2e:ae:45:ef:e0:fc:7b:94:
68:c8:75:80:9c:4f:c7:ff:ff:5c:19:1b:9c:5c:94:
c3:5c:f3:a1:10:63:6e:ee:a4:d4:7a:98:38:c4:a6:
a2:57:11:92:50:b6:c1:73:f0:ab:03:d0:f6:4c:74:
ca:6e:56:60:4a:b2:86:e6:65:7c:69:fb:8f:60:cc:
53:cd:01:3c:3f:ae:88:78:55:77:80:74:7f:47:0f:
30:c5:84:13:69:83:b5:0e:91:2c:3e:43:8a:bb:d3:
26:d6:5a:04:b5:d6:ae:1c:a0:cc:83:ed:9a:7a:d9:
e9:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:28:11:F7:98:C8:C9:C1:0F:9D:4A:03:C1:63:AE:9F:10:1D:8F:6B
X509v3 Authority Key Identifier:
keyid:C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/3130332e34392e3132392e302f32342d3234203d3e20313437323631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.49.129.0/24
Signature Algorithm: sha256WithRSAEncryption
36:78:af:87:cd:a7:19:e9:2c:72:07:07:03:b8:a4:bc:5e:57:
33:2c:59:85:e0:0b:5e:87:a8:8c:f6:3b:db:53:1c:39:a9:0d:
50:1f:58:94:c5:d3:28:87:5b:7e:b5:c8:77:ed:b2:b3:28:02:
a3:62:65:bc:28:83:1c:77:1a:94:dd:30:8f:1e:b3:f4:fc:cf:
62:a8:61:d3:09:27:66:ea:0b:69:b3:9e:2a:4c:2e:e9:dc:10:
ac:e9:7e:04:76:0e:e9:10:47:fe:0d:ca:15:1a:92:15:cb:49:
fe:2e:db:1a:10:1e:b8:71:e2:7e:89:3e:f0:bf:14:64:d1:61:
09:f1:c9:2a:43:70:04:1a:48:55:61:ee:83:a1:85:fa:b7:e9:
9c:5a:e6:a3:e4:8a:67:c5:ac:12:5a:40:9b:85:2f:74:2a:fc:
2a:66:ad:2e:7d:a3:fb:3c:9e:af:2e:f4:30:18:19:5b:1b:36:
83:70:51:54:e5:62:ad:f8:d3:71:65:d1:c5:86:3e:be:96:ca:
14:49:79:2b:12:29:3b:09:74:77:b5:65:0d:82:d2:d8:ed:74:
2f:ca:2b:d0:69:e9:b0:07:2a:5d:ac:64:7f:ac:a1:78:fb:3f:
2a:cc:16:bd:84:3a:ab:f9:07:fc:c4:99:67:26:c4:d9:75:2d:
90:e8:1f:18
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUNTi5fN2AZa7KtcOg+7JnInT90uwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzc3MGY0MzM1OGI5N2JhMGFhOWJkYzYyYmJkNTExZTkw
YWVhYjI5ZDAeFw0yNTEwMTkwNDQxNDZaFw0yNjEwMTgwNDQ2NDZaMDMxMTAvBgNV
BAMTKDZBMjgxMUY3OThDOEM5QzEwRjlENEEwM0MxNjNBRTlGMTAxRDhGNkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUNPntn98xdtkQsyeIdkZ1A2Ei
hT6cuh8ieIwj4nkYvc/Rdzi6qBC9GKHwysuGSG9kjcmLVB0tHrLSr5zRHpFv/Z9F
XhZxjTmJ1ensGKOukzGawNauR/NR7R8L1PWb2LC9bfAWvbQsMrMCuYNkz/BxMb/V
S4a5U+iHVrmFszzZTGKjo9fGqylNOv+MwRourkXv4Px7lGjIdYCcT8f//1wZG5xc
lMNc86EQY27upNR6mDjEpqJXEZJQtsFz8KsD0PZMdMpuVmBKsobmZXxp+49gzFPN
ATw/roh4VXeAdH9HDzDFhBNpg7UOkSw+Q4q70ybWWgS11q4coMyD7Zp62enjAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUaigR95jIycEPnUoDwWOunxAdj2swHwYDVR0j
BBgwFoAUx3D0M1i5e6Cqm9xiu9UR6Qrqsp0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQtNmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2
NjIwLzAvQzc3MEY0MzM1OEI5N0JBMEFBOUJEQzYyQkJENTExRTkwQUVBQjI5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3gzRDBNMWk1ZTZDcW05eGl1OVVSNlFy
cXNwMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQt
NmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2NjIwLzAvMzEzMDMzMmUzNDM5MmUzMTMy
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM0MzczMjM2MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABnMYEwDQYJKoZIhvcNAQELBQADggEBADZ4r4fNpxnpLHIHBwO4pLxeVzMsWYXg
C16HqIz2O9tTHDmpDVAfWJTF0yiHW361yHftsrMoAqNiZbwogxx3GpTdMI8es/T8
z2KoYdMJJ2bqC2mznipMLuncEKzpfgR2DukQR/4NyhUakhXLSf4u2xoQHrhx4n6J
PvC/FGTRYQnxySpDcAQaSFVh7oOhhfq36Zxa5qPkimfFrBJaQJuFL3Qq/CpmrS59
o/s8nq8u9DAYGVsbNoNwUVTlYq3403Fl0cWGPr6WyhRJeSsSKTsJdHe1ZQ2C0tjt
dC/KK9Bp6bAHKl2sZH+soXj7PyrMFr2EOqv5B/zEmWcmxNl1LZDoHxg=
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:09:10 2025 by rpki-client