Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3134312e39382e37322e302f32342d3234203d3e20333935333734.roa
File: 3134312e39382e37322e302f32342d3234203d3e20333935333734.roa (raw, json)
Hash identifier: u1fQ+rVhDflp4Ai9Ov6sYLAl6cAPMrlPrKX3yjIts6M=
Subject key identifier: 3D:5B:C3:BC:F6:06:C2:BD:05:20:AA:11:3A:B0:F3:D7:FE:80:90:B8
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 3CEB22C309252B6F424A1D5D17CDE460321CD026
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3134312e39382e37322e302f32342d3234203d3e20333935333734.roa
Signing time: Tue 09 Sep 2025 12:55:00 +0000
ROA not before: Tue 09 Sep 2025 12:50:00 +0000
ROA not after: Tue 08 Sep 2026 12:55:00 +0000
asID: 395374
IP address blocks: 141.98.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 00:58:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:eb:22:c3:09:25:2b:6f:42:4a:1d:5d:17:cd:e4:60:32:1c:d0:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Sep 9 12:50:00 2025 GMT
Not After : Sep 8 12:55:00 2026 GMT
Subject: CN=3D5BC3BCF606C2BD0520AA113AB0F3D7FE8090B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:24:6f:cd:21:4c:9d:7d:f2:e3:a2:6e:bd:af:
84:33:1e:37:50:06:a5:a1:85:d5:d3:97:6b:17:16:
fd:82:41:c0:bd:5c:34:6e:fc:b0:dd:c5:29:7e:52:
0e:64:de:3e:21:f5:55:fe:c4:d9:be:8b:ad:24:1e:
06:cc:9c:e1:b9:07:7f:9d:e2:a0:b2:0d:93:d2:c7:
6e:74:60:d8:d5:a9:82:e4:89:bf:57:02:be:2e:83:
52:bc:6f:fc:a8:6b:51:79:a2:ed:16:82:4e:b1:35:
66:4d:87:8a:a7:e1:1c:30:a0:d1:63:6a:aa:fd:0c:
6a:f7:ca:09:a6:55:72:56:a7:69:72:3e:e1:47:c6:
d2:ee:c2:aa:3d:fe:7b:72:45:5b:c1:de:16:ee:7c:
cc:18:6f:8c:e6:b6:89:e4:a9:f0:dc:ba:70:9d:6b:
9d:66:be:96:bd:14:82:ac:ff:c5:c7:c3:b4:7e:75:
49:40:d3:09:f8:04:1d:86:b0:68:29:bf:04:72:54:
5b:65:12:98:ee:c5:35:a5:1f:c5:76:eb:d7:12:3a:
89:be:bd:41:b2:55:94:88:e1:16:50:9c:6d:cc:8c:
86:b8:4a:d5:be:e6:4e:b2:6f:cc:70:2c:d2:1b:87:
e4:20:b2:3c:bb:62:b6:37:87:57:d3:24:62:9f:77:
cf:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:5B:C3:BC:F6:06:C2:BD:05:20:AA:11:3A:B0:F3:D7:FE:80:90:B8
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3134312e39382e37322e302f32342d3234203d3e20333935333734.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.72.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:ba:23:f5:18:9c:da:58:27:8e:8a:4b:f1:d8:4c:5e:79:2e:
fb:c8:71:58:b1:ad:78:07:f5:1f:fb:0a:56:09:d3:60:66:0d:
09:de:6d:fe:d2:4c:67:1b:29:21:cc:e4:f3:7f:9f:a3:f4:58:
6f:94:dc:8d:f9:9d:0a:42:07:c8:64:b7:b7:25:f4:6f:eb:6a:
f2:6e:56:65:10:f5:de:4a:63:a0:66:80:73:c9:93:1a:e4:36:
e7:64:8f:9e:bc:b3:73:8f:b7:94:67:7b:c3:50:ed:67:b3:b6:
df:0b:c7:33:9b:ba:10:17:b1:e7:d5:c9:27:45:7b:be:0c:af:
69:6b:c4:47:28:5a:25:c6:95:98:14:ee:e3:61:11:1c:6d:c3:
55:6c:e8:18:ff:54:37:e6:f2:3b:69:55:0d:f1:4f:99:92:f6:
9b:d3:4c:d5:50:75:64:84:91:46:bc:a2:d0:bf:6b:0b:dc:91:
28:8a:9a:49:d3:bc:bd:d8:04:16:4f:34:77:bd:9d:8d:1c:f3:
26:de:7b:63:43:70:d9:47:14:ec:53:87:c1:6a:94:2e:f7:33:
d5:f8:ef:99:26:df:a3:d9:de:39:f9:c7:b1:fa:94:81:5a:f9:
1c:80:95:1b:99:72:6b:6c:f5:cb:5d:0f:8d:43:fd:6f:c1:c5:
bc:62:ca:6d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUPOsiwwklK29CSh1dF83kYDIc0CYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNTA5MDkxMjUwMDBaFw0yNjA5MDgxMjU1MDBaMDMxMTAvBgNV
BAMTKDNENUJDM0JDRjYwNkMyQkQwNTIwQUExMTNBQjBGM0Q3RkU4MDkwQjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrJG/NIUydffLjom69r4QzHjdQ
BqWhhdXTl2sXFv2CQcC9XDRu/LDdxSl+Ug5k3j4h9VX+xNm+i60kHgbMnOG5B3+d
4qCyDZPSx250YNjVqYLkib9XAr4ug1K8b/yoa1F5ou0Wgk6xNWZNh4qn4RwwoNFj
aqr9DGr3ygmmVXJWp2lyPuFHxtLuwqo9/ntyRVvB3hbufMwYb4zmtonkqfDcunCd
a51mvpa9FIKs/8XHw7R+dUlA0wn4BB2GsGgpvwRyVFtlEpjuxTWlH8V269cSOom+
vUGyVZSI4RZQnG3MjIa4StW+5k6yb8xwLNIbh+Qgsjy7YrY3h1fTJGKfd89tAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUPVvDvPYGwr0FIKoROrDz1/6AkLgwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzEzNDMxMmUzOTM4MmUzNzMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMzOTM1MzMzNzM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
jWJIMA0GCSqGSIb3DQEBCwUAA4IBAQAbuiP1GJzaWCeOikvx2ExeeS77yHFYsa14
B/Uf+wpWCdNgZg0J3m3+0kxnGykhzOTzf5+j9FhvlNyN+Z0KQgfIZLe3JfRv62ry
blZlEPXeSmOgZoBzyZMa5DbnZI+evLNzj7eUZ3vDUO1ns7bfC8czm7oQF7Hn1ckn
RXu+DK9pa8RHKFolxpWYFO7jYREcbcNVbOgY/1Q35vI7aVUN8U+Zkvab00zVUHVk
hJFGvKLQv2sL3JEoippJ07y92AQWTzR3vZ2NHPMm3ntjQ3DZRxTsU4fBapQu9zPV
+O+ZJt+j2d45+cex+pSBWvkcgJUbmXJrbPXLXQ+NQ/1vwcW8Yspt
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:03:13 2025 by rpki-client