Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3135362e3134382e302f32342d3234203d3e20313336373837.roa
File: 39342e3135362e3134382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: vtviUnQNTQ4BQ0Fjha7BvXB8tkgp8YL3Jcu9AvaQfm4=
Subject key identifier: 99:83:3C:E1:75:50:29:60:8D:19:1C:FC:B1:2B:78:12:7E:62:67:EF
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0469A2D6A0ACA87F7D6D51CA00894A248F019CEA
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3135362e3134382e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 05 Sep 2025 14:47:31 +0000
ROA not before: Fri 05 Sep 2025 14:42:31 +0000
ROA not after: Fri 04 Sep 2026 14:47:31 +0000
asID: 136787
IP address blocks: 94.156.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 17:43:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:69:a2:d6:a0:ac:a8:7f:7d:6d:51:ca:00:89:4a:24:8f:01:9c:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 5 14:42:31 2025 GMT
Not After : Sep 4 14:47:31 2026 GMT
Subject: CN=99833CE1755029608D191CFCB12B78127E6267EF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e4:a0:44:82:81:37:d6:d6:78:dd:b5:1a:a5:
16:90:ee:d3:15:16:11:6a:36:b3:af:b9:65:57:0e:
4c:00:17:43:ae:33:ef:a2:37:a3:f1:c3:0e:0f:5d:
a9:6e:8c:5c:a7:5b:a2:ba:a0:5e:a4:40:e4:6b:dd:
3b:e7:5e:17:1f:09:25:bf:5a:98:f8:b9:6b:20:b7:
da:07:d8:64:30:df:d2:b3:5e:5c:51:6d:e2:5a:5a:
a3:21:00:f4:70:2a:e6:11:2c:ea:6c:44:12:dd:ab:
6c:1c:6f:9e:ae:5b:1c:55:13:7a:dd:2f:60:42:65:
71:f7:34:e5:34:0c:19:15:27:38:b1:9f:e8:13:72:
9b:b9:ec:a9:3d:7e:f8:61:52:55:fd:40:f0:7d:2e:
0a:72:9a:96:47:34:03:30:c4:0d:28:f7:6c:38:1f:
eb:58:08:07:c2:e6:49:f2:7c:3d:96:78:57:63:0e:
13:f4:a9:4f:36:ce:df:c9:75:01:8a:a4:78:6d:11:
46:18:ec:6e:b5:26:93:b7:e3:60:6d:c7:81:49:7f:
79:f5:4a:83:aa:45:c2:d2:1e:44:22:ca:f3:9b:90:
19:b1:ac:8d:75:7b:11:17:cb:3e:94:55:64:c6:05:
e0:27:91:cd:44:5f:41:96:7d:72:56:75:07:83:e7:
25:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:83:3C:E1:75:50:29:60:8D:19:1C:FC:B1:2B:78:12:7E:62:67:EF
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3135362e3134382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.156.148.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:a0:46:db:56:c8:8d:08:ac:97:cd:96:5e:e1:f1:15:f4:19:
97:9f:34:54:20:ad:77:71:16:0e:93:04:bf:68:2a:93:58:e6:
d1:93:77:0f:17:ba:59:bc:a1:52:e8:c0:3d:cb:f6:3a:63:c2:
28:71:96:ff:3e:e9:a0:32:1b:50:8b:29:4d:46:73:c7:ec:fb:
58:43:02:5e:eb:c7:a6:ff:39:0a:e6:f4:ff:bb:fa:c8:45:24:
f7:98:e3:99:8e:92:bb:7c:c1:2c:a7:f1:25:f4:12:35:42:c1:
fa:17:6b:2a:de:4e:de:59:94:5d:a0:93:ce:b6:9a:0b:bb:ba:
2c:6e:e9:d9:f7:bd:b7:a0:f0:02:6e:f4:ef:56:aa:2f:85:3e:
39:43:ed:59:45:81:f5:85:78:d8:8f:2e:03:f2:b7:a0:6e:28:
d1:56:43:63:02:2e:1d:8c:12:68:7a:ed:ba:23:37:e7:1e:f8:
56:6a:f4:84:b8:27:b0:27:f7:01:48:31:45:38:24:e4:7e:c8:
2f:75:eb:c1:ba:77:7a:c5:09:b7:f8:6d:5a:a5:b6:92:7d:89:
0a:41:f7:eb:39:fb:f8:6f:d3:de:6d:93:3f:46:b8:fa:5c:c2:
94:de:a3:2d:b2:ce:78:95:bc:ae:ad:89:73:a9:3e:bb:fd:50:
fc:54:ac:07
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUBGmi1qCsqH99bVHKAIlKJI8BnOowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA5MDUxNDQyMzFaFw0yNjA5MDQxNDQ3MzFaMDMxMTAvBgNV
BAMTKDk5ODMzQ0UxNzU1MDI5NjA4RDE5MUNGQ0IxMkI3ODEyN0U2MjY3RUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx5KBEgoE31tZ43bUapRaQ7tMV
FhFqNrOvuWVXDkwAF0OuM++iN6Pxww4PXalujFynW6K6oF6kQORr3TvnXhcfCSW/
Wpj4uWsgt9oH2GQw39KzXlxRbeJaWqMhAPRwKuYRLOpsRBLdq2wcb56uWxxVE3rd
L2BCZXH3NOU0DBkVJzixn+gTcpu57Kk9fvhhUlX9QPB9LgpympZHNAMwxA0o92w4
H+tYCAfC5knyfD2WeFdjDhP0qU82zt/JdQGKpHhtEUYY7G61JpO342Btx4FJf3n1
SoOqRcLSHkQiyvObkBmxrI11exEXyz6UVWTGBeAnkc1EX0GWfXJWdQeD5yUDAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUmYM84XVQKWCNGRz8sSt4En5iZ+8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzkzNDJlMzEzNTM2MmUzMTM0
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABenJQwDQYJKoZIhvcNAQELBQADggEBAJ+gRttWyI0IrJfNll7h8RX0GZefNFQg
rXdxFg6TBL9oKpNY5tGTdw8Xulm8oVLowD3L9jpjwihxlv8+6aAyG1CLKU1Gc8fs
+1hDAl7rx6b/OQrm9P+7+shFJPeY45mOkrt8wSyn8SX0EjVCwfoXayreTt5ZlF2g
k862mgu7uixu6dn3vbeg8AJu9O9Wqi+FPjlD7VlFgfWFeNiPLgPyt6BuKNFWQ2MC
Lh2MEmh67bojN+ce+FZq9IS4J7An9wFIMUU4JOR+yC9168G6d3rFCbf4bVqltpJ9
iQpB9+s5+/hv095tkz9GuPpcwpTeoy2yzniVvK6tiXOpPrv9UPxUrAc=
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:07:39 2025 by rpki-client