Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3231332e3232352e3233362e302f32342d3234203d3e20333239303937.roa
File: 3231332e3232352e3233362e302f32342d3234203d3e20333239303937.roa (raw, json)
Hash identifier: V4nWrAqYogYLhOaQiLzsxwLWwHJQjIGX7Xia4HxPj88=
Subject key identifier: 07:11:D2:B9:B9:89:F9:0C:E6:ED:54:2F:D5:32:0C:4F:01:65:CF:4B
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 2B539675EFEE46C08FEBDD9285A53B1721346A24
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3231332e3232352e3233362e302f32342d3234203d3e20333239303937.roa
Signing time: Thu 09 Oct 2025 11:55:08 +0000
ROA not before: Thu 09 Oct 2025 11:50:08 +0000
ROA not after: Thu 08 Oct 2026 11:55:08 +0000
asID: 329097
IP address blocks: 213.225.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 00:58:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:53:96:75:ef:ee:46:c0:8f:eb:dd:92:85:a5:3b:17:21:34:6a:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Oct 9 11:50:08 2025 GMT
Not After : Oct 8 11:55:08 2026 GMT
Subject: CN=0711D2B9B989F90CE6ED542FD5320C4F0165CF4B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e5:9c:ae:44:34:0e:97:05:01:d0:be:0c:99:
bf:58:ff:72:29:df:51:a7:99:73:d3:1b:61:2c:ce:
d6:41:a4:b8:13:0f:cd:33:be:79:b7:68:ca:d9:5b:
4d:5f:0a:05:45:89:6d:cc:30:83:d7:e5:24:0b:4a:
db:eb:15:07:13:2d:2d:42:44:77:83:6d:49:3b:ce:
a8:37:08:03:12:9b:92:5a:16:b9:8d:c9:55:ea:95:
1b:24:b1:0b:ea:64:92:21:0c:a1:f6:27:9c:6d:12:
2d:3b:8f:c8:75:d0:14:3f:7e:2e:ce:1a:7a:f6:84:
31:bb:4d:0e:fe:1d:82:f2:3c:fd:29:b3:d9:bf:43:
c7:77:f1:81:b4:b5:22:13:8a:b6:37:62:03:9f:ab:
0e:2f:38:54:e7:95:dc:05:76:93:e9:11:ff:a6:1c:
de:56:e5:d3:fa:66:0f:1c:38:54:ce:9d:8f:c4:9f:
98:fa:7b:70:8d:47:1e:3a:d0:9d:74:e7:14:62:8e:
c2:8b:71:1b:86:eb:48:51:6c:5d:0d:96:84:84:3a:
b4:bd:e9:d6:c9:8c:8d:29:a7:99:06:b9:71:30:2b:
ca:49:b8:94:e2:b3:42:e9:28:29:94:4f:cd:d9:9b:
71:7a:02:df:ac:c7:8a:1b:8c:79:8d:85:87:71:b1:
8e:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:11:D2:B9:B9:89:F9:0C:E6:ED:54:2F:D5:32:0C:4F:01:65:CF:4B
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3231332e3232352e3233362e302f32342d3234203d3e20333239303937.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.225.236.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:2c:6c:55:30:cb:92:41:e3:0a:ca:e2:0c:a0:f2:d3:07:e2:
74:04:50:94:9d:01:d3:51:47:b6:b2:e2:96:1b:ec:75:be:81:
f4:d7:3d:1b:a6:2a:d3:c4:16:4e:e2:c2:b7:f2:82:bc:cd:88:
07:69:e2:0d:85:30:24:a8:38:dd:0e:80:c6:22:89:92:83:59:
f4:11:09:fc:e8:a7:f3:70:62:00:e5:00:5e:29:e0:ae:56:46:
56:6a:1d:04:e7:b7:1f:66:fd:86:4f:72:ae:db:b8:a4:22:26:
93:65:9b:8b:13:b9:70:57:67:74:1e:fa:1e:4c:cf:87:6c:a4:
8d:c5:9c:61:3f:b8:7c:4d:bb:4f:29:60:39:9d:3b:05:92:38:
14:f7:6e:e5:21:a6:1d:31:b7:54:75:09:87:6c:ba:f5:2d:3a:
7a:92:ca:9a:d7:68:17:a5:72:38:45:ae:0f:1b:8b:2e:08:56:
3d:40:3c:97:b5:e7:8a:77:80:ad:a7:77:91:cf:93:48:29:73:
d0:e5:47:22:01:48:91:bb:e2:46:48:42:7d:36:31:f8:15:f2:
3a:76:39:a3:45:09:0c:b7:3b:25:40:eb:09:d5:9c:72:2a:62:
22:bb:49:9b:1a:e1:a8:8e:d6:a3:d0:1e:d8:96:64:64:92:24:
db:1b:73:f3
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUK1OWde/uRsCP692ShaU7FyE0aiQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNTEwMDkxMTUwMDhaFw0yNjEwMDgxMTU1MDhaMDMxMTAvBgNV
BAMTKDA3MTFEMkI5Qjk4OUY5MENFNkVENTQyRkQ1MzIwQzRGMDE2NUNGNEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC75ZyuRDQOlwUB0L4Mmb9Y/3Ip
31GnmXPTG2EsztZBpLgTD80zvnm3aMrZW01fCgVFiW3MMIPX5SQLStvrFQcTLS1C
RHeDbUk7zqg3CAMSm5JaFrmNyVXqlRsksQvqZJIhDKH2J5xtEi07j8h10BQ/fi7O
Gnr2hDG7TQ7+HYLyPP0ps9m/Q8d38YG0tSITirY3YgOfqw4vOFTnldwFdpPpEf+m
HN5W5dP6Zg8cOFTOnY/En5j6e3CNRx460J105xRijsKLcRuG60hRbF0NloSEOrS9
6dbJjI0pp5kGuXEwK8pJuJTis0LpKCmUT83Zm3F6At+sx4objHmNhYdxsY5TAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUBxHSubmJ+Qzm7VQv1TIMTwFlz0swHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzIzMTMzMmUzMjMyMzUyZTMy
MzMzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzIzOTMwMzkzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANXh7DANBgkqhkiG9w0BAQsFAAOCAQEAtixsVTDLkkHjCsriDKDy0wfidARQ
lJ0B01FHtrLilhvsdb6B9Nc9G6Yq08QWTuLCt/KCvM2IB2niDYUwJKg43Q6AxiKJ
koNZ9BEJ/Oin83BiAOUAXingrlZGVmodBOe3H2b9hk9yrtu4pCImk2WbixO5cFdn
dB76HkzPh2ykjcWcYT+4fE27TylgOZ07BZI4FPdu5SGmHTG3VHUJh2y69S06epLK
mtdoF6VyOEWuDxuLLghWPUA8l7XnineArad3kc+TSClz0OVHIgFIkbviRkhCfTYx
+BXyOnY5o0UJDLc7JUDrCdWccipiIrtJmxrhqI7Wo9Ae2JZkZJIk2xtz8w==
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:00:12 2025 by rpki-client