Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e34322e39382e302f32342d3234203d3e20323132323338.roa
File: 3139332e34322e39382e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: EWww0RokUu02/sL8iMy7bAu6BARCYRA+y+IvZm5LsAg=
Subject key identifier: CC:54:D9:FC:10:18:67:FD:B4:C2:8F:E3:A0:7B:76:AC:F2:71:6A:98
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 0996CC608231D7F0BC8FC83156F3D9643A717C05
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e34322e39382e302f32342d3234203d3e20323132323338.roa
Signing time: Fri 27 Jun 2025 11:53:30 +0000
ROA not before: Fri 27 Jun 2025 11:48:30 +0000
ROA not after: Fri 26 Jun 2026 11:53:30 +0000
asID: 212238
IP address blocks: 193.42.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 22:11:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:96:cc:60:82:31:d7:f0:bc:8f:c8:31:56:f3:d9:64:3a:71:7c:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jun 27 11:48:30 2025 GMT
Not After : Jun 26 11:53:30 2026 GMT
Subject: CN=CC54D9FC101867FDB4C28FE3A07B76ACF2716A98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:1a:37:fb:6e:e4:8a:66:c2:d5:4e:72:48:4e:
a5:43:92:3d:90:2a:63:92:2d:d6:4b:14:24:dc:31:
d5:ee:91:d7:c6:d2:7a:e2:23:bd:f6:d9:4b:33:80:
1b:52:5d:ca:cd:ce:8f:9c:c3:b9:76:f6:c6:89:36:
33:bd:9e:73:9c:48:6a:1b:03:1f:2a:9d:d0:2f:ac:
53:ec:b5:51:95:ab:09:60:b5:f6:1c:cb:3a:2c:0d:
96:61:e9:f5:23:ab:61:1e:2b:54:ba:f2:fe:53:85:
58:de:85:ec:7c:ff:bf:8b:ff:09:e5:4c:1b:e7:16:
56:cb:af:6c:db:b9:6a:15:27:ac:b8:f7:e1:de:e3:
12:e6:98:00:4e:81:b0:93:8e:ad:dc:d4:52:ea:76:
68:da:9d:27:eb:32:8b:97:63:65:e3:15:8e:2d:c6:
57:be:19:9f:2d:17:d3:e7:16:df:88:70:78:8a:2b:
c5:93:1e:16:81:11:49:09:c7:a0:77:da:2d:a5:a7:
46:b2:20:14:e8:8b:78:86:08:85:b9:b0:87:eb:e6:
dc:c0:b5:b2:50:91:8e:03:c5:a7:14:e0:88:59:2f:
48:ef:fe:59:d8:2c:28:ed:b9:a9:44:6f:63:f1:cf:
d0:ee:88:dc:75:9f:6a:d6:f6:d7:46:8b:14:d0:89:
e5:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:54:D9:FC:10:18:67:FD:B4:C2:8F:E3:A0:7B:76:AC:F2:71:6A:98
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e34322e39382e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.42.98.0/24
Signature Algorithm: sha256WithRSAEncryption
db:06:5c:20:a1:f0:01:d6:74:f6:1b:92:22:92:6c:da:e9:82:
6d:13:07:fe:8c:f5:2c:e6:15:e3:f3:3a:bb:02:e1:99:40:19:
ff:37:bd:3f:7c:e2:66:c7:3c:00:5a:22:78:59:35:e7:82:bb:
c2:42:98:ef:db:14:93:8d:c4:d4:5b:31:ee:c8:a0:f3:71:1f:
2f:48:91:8e:f5:38:20:12:e9:21:22:5d:df:55:fa:0a:29:60:
55:b2:2a:b1:26:50:4f:29:3c:f2:11:e0:dc:0e:91:b4:28:5b:
25:89:fd:59:71:0a:df:ae:bf:01:98:a6:22:00:aa:e0:2f:ed:
09:f3:43:87:b6:ac:41:a6:ac:cd:21:3a:bb:c9:db:62:6b:08:
9d:09:dc:c3:eb:13:99:0f:ad:d1:49:06:76:33:7c:4e:a2:11:
15:12:b3:61:5c:d7:14:ba:8d:a2:f0:d2:d6:27:b8:2b:20:67:
d0:fa:ac:50:33:06:d7:cc:d1:5e:f8:24:3d:44:7a:64:7e:fe:
fe:4d:9a:ef:25:2c:d6:a8:74:68:89:9b:9c:26:dc:45:99:c3:
00:81:ca:01:f2:f5:3c:84:44:36:a0:ea:e2:5c:aa:c1:48:b4:
75:ff:2d:b2:93:53:c1:23:9f:91:ce:63:52:4d:be:26:eb:7e:
39:15:b0:a6
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUCZbMYIIx1/C8j8gxVvPZZDpxfAUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTA2MjcxMTQ4MzBaFw0yNjA2MjYxMTUzMzBaMDMxMTAvBgNV
BAMTKENDNTREOUZDMTAxODY3RkRCNEMyOEZFM0EwN0I3NkFDRjI3MTZBOTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcGjf7buSKZsLVTnJITqVDkj2Q
KmOSLdZLFCTcMdXukdfG0nriI7322UszgBtSXcrNzo+cw7l29saJNjO9nnOcSGob
Ax8qndAvrFPstVGVqwlgtfYcyzosDZZh6fUjq2EeK1S68v5ThVjehex8/7+L/wnl
TBvnFlbLr2zbuWoVJ6y49+He4xLmmABOgbCTjq3c1FLqdmjanSfrMouXY2XjFY4t
xle+GZ8tF9PnFt+IcHiKK8WTHhaBEUkJx6B32i2lp0ayIBToi3iGCIW5sIfr5tzA
tbJQkY4DxacU4IhZL0jv/lnYLCjtualEb2Pxz9DuiNx1n2rW9tdGixTQieWnAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUzFTZ/BAYZ/20wo/joHt2rPJxapgwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzMyZTM0MzIy
ZTM5MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMjMzMzgucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADBKmIwDQYJKoZIhvcNAQELBQADggEBANsGXCCh8AHWdPYbkiKSbNrpgm0T
B/6M9SzmFePzOrsC4ZlAGf83vT984mbHPABaInhZNeeCu8JCmO/bFJONxNRbMe7I
oPNxHy9IkY71OCAS6SEiXd9V+gopYFWyKrEmUE8pPPIR4NwOkbQoWyWJ/VlxCt+u
vwGYpiIAquAv7QnzQ4e2rEGmrM0hOrvJ22JrCJ0J3MPrE5kPrdFJBnYzfE6iERUS
s2Fc1xS6jaLw0tYnuCsgZ9D6rFAzBtfM0V74JD1EemR+/v5Nmu8lLNaodGiJm5wm
3EWZwwCBygHy9TyERDag6uJcqsFItHX/LbKTU8Ejn5HOY1JNvibrfjkVsKY=
-----END CERTIFICATE-----
Generated at Sun Jun 29 11:19:58 2025 by rpki-client