Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3135362e3233312e302f32342d3234203d3e20323134313535.roa
File: 39342e3135362e3233312e302f32342d3234203d3e20323134313535.roa (raw, json)
Hash identifier: YGI0DgRlkYfQ1dLOaOAgI0l+tKMcWrzCZ7odKMGyU9g=
Subject key identifier: E2:DF:27:43:B4:E7:04:FE:BC:50:6F:D9:02:D6:40:09:3B:21:89:2A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2F9F95FD8EB1F7F44DE183680E270B970A5200F6
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3135362e3233312e302f32342d3234203d3e20323134313535.roa
Signing time: Wed 27 Aug 2025 21:47:28 +0000
ROA not before: Wed 27 Aug 2025 21:42:28 +0000
ROA not after: Wed 26 Aug 2026 21:47:28 +0000
asID: 214155
IP address blocks: 94.156.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 17:43:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:9f:95:fd:8e:b1:f7:f4:4d:e1:83:68:0e:27:0b:97:0a:52:00:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 27 21:42:28 2025 GMT
Not After : Aug 26 21:47:28 2026 GMT
Subject: CN=E2DF2743B4E704FEBC506FD902D640093B21892A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:fd:e3:48:6d:8f:de:aa:e2:4b:94:05:af:cc:
32:10:5c:09:58:8e:03:2a:75:bb:65:24:5b:59:a1:
83:c8:4e:95:37:c6:62:29:47:87:8e:61:35:02:4e:
f7:3a:60:b3:ce:e5:19:7a:58:0f:6d:75:56:74:8f:
67:57:d3:36:7a:2b:d7:94:c6:b9:1a:f9:f3:6a:b7:
fd:05:ae:1a:71:9f:43:ee:ba:54:9f:cf:90:de:42:
f6:a9:27:69:6d:d3:13:f2:5b:bb:48:9a:95:69:cb:
b3:71:0f:ae:19:3b:42:ea:91:3e:43:da:6b:6f:78:
33:c1:bc:b0:4e:34:a0:60:d2:b2:88:3a:54:8d:61:
61:2e:1e:61:0b:cc:6e:6b:02:90:ef:da:9e:1a:57:
0c:8c:dd:ab:e0:1a:18:3b:c0:14:1b:51:e1:16:8a:
a7:71:78:e3:fc:ce:fd:f5:f8:ba:f7:28:1b:fe:f5:
f9:d9:ae:5c:13:a0:01:b3:c2:37:74:12:42:68:6c:
d4:e0:6d:7a:f3:c0:b5:d6:73:8d:b2:a6:6c:ce:7e:
ba:90:e0:eb:2c:a2:3c:e9:8d:8b:21:39:ee:d3:1c:
03:cc:f8:4f:eb:05:a0:55:f4:05:de:b0:de:90:90:
c2:ed:55:90:3e:ec:31:d1:38:e5:8a:0a:04:30:7e:
8a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:DF:27:43:B4:E7:04:FE:BC:50:6F:D9:02:D6:40:09:3B:21:89:2A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3135362e3233312e302f32342d3234203d3e20323134313535.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.156.231.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:a0:7d:67:91:94:4c:e0:8a:0f:f9:4d:92:7a:d8:fd:26:0c:
59:ce:e4:60:99:fc:f7:5a:d8:8a:03:6e:42:de:ba:68:5b:00:
d2:7a:1b:88:1a:08:50:16:37:ce:7e:6f:53:ad:bc:4e:7a:38:
b4:f5:99:e0:bd:14:e1:ee:8c:22:00:1e:6f:43:c6:5e:c0:2b:
86:ac:e7:48:db:51:33:e4:99:d3:5c:72:b2:a9:d6:6a:e1:e3:
7b:d6:4a:b9:a4:73:7c:61:71:e3:18:23:1c:95:3e:cf:eb:8c:
fc:5e:b0:b2:88:9f:44:46:de:08:b9:a6:c7:b1:31:f7:75:1f:
01:85:ea:ac:cc:2d:97:11:44:6f:06:80:fd:ff:bb:3e:9d:3e:
d5:3c:a6:1e:77:f9:b3:02:9a:80:22:d1:65:d7:96:4c:49:ed:
0e:83:e9:b4:a9:80:c7:4c:e8:5e:6c:97:36:1c:80:c9:f0:0c:
29:1d:0a:9a:3f:64:11:51:b6:99:39:e4:03:13:bb:56:4a:15:
9a:59:e7:bc:30:cb:bb:7f:02:b9:67:e1:ea:c7:69:e2:0e:96:
28:53:76:cc:8f:3d:6c:01:e4:e7:21:60:6f:4e:60:d0:42:47:
eb:26:6b:69:5a:64:e5:06:3c:ff:fe:5b:1d:49:c5:1d:07:16:
bd:a9:0c:94
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUL5+V/Y6x9/RN4YNoDicLlwpSAPYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjcyMTQyMjhaFw0yNjA4MjYyMTQ3MjhaMDMxMTAvBgNV
BAMTKEUyREYyNzQzQjRFNzA0RkVCQzUwNkZEOTAyRDY0MDA5M0IyMTg5MkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCq/eNIbY/equJLlAWvzDIQXAlY
jgMqdbtlJFtZoYPITpU3xmIpR4eOYTUCTvc6YLPO5Rl6WA9tdVZ0j2dX0zZ6K9eU
xrka+fNqt/0Frhpxn0PuulSfz5DeQvapJ2lt0xPyW7tImpVpy7NxD64ZO0LqkT5D
2mtveDPBvLBONKBg0rKIOlSNYWEuHmELzG5rApDv2p4aVwyM3avgGhg7wBQbUeEW
iqdxeOP8zv31+Lr3KBv+9fnZrlwToAGzwjd0EkJobNTgbXrzwLXWc42ypmzOfrqQ
4OssojzpjYshOe7THAPM+E/rBaBV9AXesN6QkMLtVZA+7DHROOWKCgQwfoorAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU4t8nQ7TnBP68UG/ZAtZACTshiSowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzkzNDJlMzEzNTM2MmUzMjMz
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzQzMTM1MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABenOcwDQYJKoZIhvcNAQELBQADggEBAI2gfWeRlEzgig/5TZJ62P0mDFnO5GCZ
/Pda2IoDbkLeumhbANJ6G4gaCFAWN85+b1OtvE56OLT1meC9FOHujCIAHm9Dxl7A
K4as50jbUTPkmdNccrKp1mrh43vWSrmkc3xhceMYIxyVPs/rjPxesLKIn0RG3gi5
psexMfd1HwGF6qzMLZcRRG8GgP3/uz6dPtU8ph53+bMCmoAi0WXXlkxJ7Q6D6bSp
gMdM6F5slzYcgMnwDCkdCpo/ZBFRtpk55AMTu1ZKFZpZ57wwy7t/Arln4erHaeIO
lihTdsyPPWwB5OchYG9OYNBCR+sma2laZOUGPP/+Wx1JxR0HFr2pDJQ=
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:04:25 2025 by rpki-client