Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3134392e36322e33362e302f32342d3234203d3e20323036373636.roa
File: 3134392e36322e33362e302f32342d3234203d3e20323036373636.roa (raw, json)
Hash identifier: 9dwxpxIyP0vob+mwXKkYxlY+X2qKzUKpmj0DJbHNOIs=
Subject key identifier: 6B:A4:5A:F9:43:2A:1B:D4:91:49:21:70:76:C4:67:32:B5:71:E1:8C
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 1386FF65126FB8EB59975BA211EB8CA8BDA0D8A0
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3134392e36322e33362e302f32342d3234203d3e20323036373636.roa
Signing time: Tue 12 Aug 2025 16:11:43 +0000
ROA not before: Tue 12 Aug 2025 16:06:43 +0000
ROA not after: Tue 11 Aug 2026 16:11:43 +0000
asID: 206766
IP address blocks: 149.62.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:86:ff:65:12:6f:b8:eb:59:97:5b:a2:11:eb:8c:a8:bd:a0:d8:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Aug 12 16:06:43 2025 GMT
Not After : Aug 11 16:11:43 2026 GMT
Subject: CN=6BA45AF9432A1BD49149217076C46732B571E18C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:0d:3e:8f:22:04:83:8f:d1:5a:8e:7e:24:62:
5b:32:d1:04:56:f0:d9:fa:0c:45:e2:46:7d:58:dd:
9b:e2:de:18:1f:22:f2:bd:63:c7:28:36:4c:a5:f1:
57:43:56:22:67:5f:1d:83:b3:37:38:6a:09:fd:dd:
58:f5:d8:66:a5:92:74:c2:ca:46:d8:f6:48:10:1a:
37:12:6b:8b:4d:da:1f:8d:9c:a7:3f:93:70:19:a1:
a4:79:2c:1c:72:00:bf:c8:6a:e1:5e:fe:07:a9:52:
a3:42:1c:88:57:fe:7f:15:dd:c4:e4:93:fd:96:29:
ed:53:7d:f8:3b:6a:a7:71:67:a5:76:ab:86:5f:19:
e3:1d:6b:66:2a:53:69:9c:77:73:30:9a:d7:7e:f6:
99:8b:cc:56:b4:bf:ae:2a:9f:34:6c:91:1b:fe:e1:
98:b9:38:19:28:05:71:6c:ad:1f:7f:b4:c4:6e:3e:
cc:a5:2c:b8:dc:70:f0:15:06:41:fd:dc:16:58:aa:
13:30:d5:a3:5f:d7:f3:9b:e4:4f:07:2f:1b:1f:59:
70:2e:c0:d0:fc:5b:0f:4d:da:59:9a:e8:3d:4a:80:
df:89:7f:d8:57:d4:4f:f1:b4:8b:58:e4:bf:2d:4e:
ef:b3:44:83:e6:67:3e:80:a0:43:f9:a4:2c:48:29:
73:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:A4:5A:F9:43:2A:1B:D4:91:49:21:70:76:C4:67:32:B5:71:E1:8C
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3134392e36322e33362e302f32342d3234203d3e20323036373636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.62.36.0/24
Signature Algorithm: sha256WithRSAEncryption
66:81:8d:05:f8:83:ab:50:6c:c7:bc:9e:f4:38:0c:62:cf:2f:
6b:e3:8c:89:16:81:a4:8d:51:98:96:c5:74:f8:f0:34:8a:1c:
06:2e:2e:25:e8:f1:09:d5:89:a8:dc:78:49:b5:cb:c6:2f:80:
a2:e1:a5:50:d2:0f:a8:97:a1:ef:8c:cc:0f:33:78:f5:22:49:
1e:2b:50:69:53:ff:b1:14:4d:1c:b3:b2:ef:d2:68:9f:03:4f:
cc:3d:5d:12:5f:a5:0e:c7:12:2e:e8:7b:18:83:ca:40:75:65:
b1:b3:62:2b:1e:78:34:86:81:96:55:25:a8:06:77:79:a4:ce:
b8:f7:b1:84:5f:9e:66:4d:c2:21:03:e2:1c:4a:e4:0d:f8:5c:
cd:45:7a:56:4d:94:2f:44:5c:d6:78:39:cb:53:d4:87:87:58:
4c:7e:e8:00:b5:56:78:9f:cb:b8:20:51:5e:d1:a7:72:36:06:
f8:f6:ca:3c:25:a3:40:01:61:7e:55:55:f0:44:78:a3:79:fb:
ee:bd:ac:b5:9e:5f:4e:eb:d3:fe:08:31:66:15:3b:eb:46:50:
b8:90:b4:6f:74:96:c4:f4:2f:49:4b:67:81:4a:03:b1:44:fc:
a2:3f:a6:07:66:15:e8:2f:32:9f:eb:57:7f:09:54:ef:f7:3b:
89:fd:2c:3f
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUE4b/ZRJvuOtZl1uiEeuMqL2g2KAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTA4MTIxNjA2NDNaFw0yNjA4MTExNjExNDNaMDMxMTAvBgNV
BAMTKDZCQTQ1QUY5NDMyQTFCRDQ5MTQ5MjE3MDc2QzQ2NzMyQjU3MUUxOEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJDT6PIgSDj9Fajn4kYlsy0QRW
8Nn6DEXiRn1Y3Zvi3hgfIvK9Y8coNkyl8VdDViJnXx2Dszc4agn93Vj12GalknTC
ykbY9kgQGjcSa4tN2h+NnKc/k3AZoaR5LBxyAL/IauFe/gepUqNCHIhX/n8V3cTk
k/2WKe1Tffg7aqdxZ6V2q4ZfGeMda2YqU2mcd3Mwmtd+9pmLzFa0v64qnzRskRv+
4Zi5OBkoBXFsrR9/tMRuPsylLLjccPAVBkH93BZYqhMw1aNf1/Ob5E8HLxsfWXAu
wND8Ww9N2lma6D1KgN+Jf9hX1E/xtItY5L8tTu+zRIPmZz6AoEP5pCxIKXMdAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUa6Ra+UMqG9SRSSFwdsRnMrVx4YwwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM0MzkyZTM2MzIy
ZTMzMzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzYzNzM2MzYucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACVPiQwDQYJKoZIhvcNAQELBQADggEBAGaBjQX4g6tQbMe8nvQ4DGLPL2vj
jIkWgaSNUZiWxXT48DSKHAYuLiXo8QnViajceEm1y8YvgKLhpVDSD6iXoe+MzA8z
ePUiSR4rUGlT/7EUTRyzsu/SaJ8DT8w9XRJfpQ7HEi7oexiDykB1ZbGzYiseeDSG
gZZVJagGd3mkzrj3sYRfnmZNwiED4hxK5A34XM1FelZNlC9EXNZ4OctT1IeHWEx+
6AC1Vnify7ggUV7Rp3I2Bvj2yjwlo0ABYX5VVfBEeKN5++69rLWeX07r0/4IMWYV
O+tGULiQtG90lsT0L0lLZ4FKA7FE/KI/pgdmFegvMp/rV38JVO/3O4n9LD8=
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:14:39 2025 by rpki-client