Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/39312e3230352e3130362e302f32342d3234203d3e20323132323338.roa
File: 39312e3230352e3130362e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: MHQvVGtajHgcUGccLadvYE1MYSJ+3UKwKRco87sf1zw=
Subject key identifier: 46:D6:27:7F:F5:A3:39:47:E1:A2:FC:D1:B4:9E:47:83:92:65:D9:68
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 0D42B6257F52718FA040A4A7FC8CD5D5137725A9
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/39312e3230352e3130362e302f32342d3234203d3e20323132323338.roa
Signing time: Fri 27 Jun 2025 11:54:56 +0000
ROA not before: Fri 27 Jun 2025 11:49:56 +0000
ROA not after: Fri 26 Jun 2026 11:54:56 +0000
asID: 212238
IP address blocks: 91.205.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 21:02:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:42:b6:25:7f:52:71:8f:a0:40:a4:a7:fc:8c:d5:d5:13:77:25:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Jun 27 11:49:56 2025 GMT
Not After : Jun 26 11:54:56 2026 GMT
Subject: CN=46D6277FF5A33947E1A2FCD1B49E47839265D968
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:6d:27:ba:85:1f:18:10:8e:83:5d:d2:8d:c5:
a0:4f:23:49:bf:b5:91:b2:6a:5a:4d:e3:f8:8b:f2:
85:4e:3c:5c:0a:a4:f5:26:c6:b2:d2:92:b8:28:98:
19:f1:d9:7a:e5:e6:be:4d:3c:fb:43:5e:c7:ad:b7:
88:2c:cd:3e:3a:82:72:ea:b3:b4:a5:04:64:7d:75:
fb:56:fc:c2:ee:7e:09:8b:d2:24:39:54:40:b0:3a:
ed:57:f3:32:84:67:8b:c2:d1:5d:8b:02:02:9e:97:
2d:e5:9f:44:d9:a0:c2:3e:8b:fb:a7:45:3b:81:5c:
1f:cd:f2:2a:c3:b6:d0:f6:3c:09:2e:e2:99:57:2f:
f6:c0:9f:64:f0:56:17:ea:2a:67:bf:c6:4f:e1:6c:
ce:f7:b0:bc:e0:1e:ca:c1:fb:a7:52:d6:d6:67:d9:
dc:32:47:ae:72:1f:7e:3c:0b:86:1f:08:6c:15:3d:
21:d7:18:ac:39:05:bc:a6:b4:b1:20:2d:88:bf:5d:
03:68:ad:78:65:77:9d:35:ad:83:3d:17:d4:1a:0f:
2b:b7:39:9b:04:f4:7f:37:27:67:09:41:55:87:3f:
e3:aa:40:22:08:47:84:5f:a2:90:c3:f8:70:7a:07:
1d:75:e0:fe:a3:6e:b7:26:d3:f1:64:02:90:98:f4:
51:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:D6:27:7F:F5:A3:39:47:E1:A2:FC:D1:B4:9E:47:83:92:65:D9:68
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/39312e3230352e3130362e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.106.0/24
Signature Algorithm: sha256WithRSAEncryption
50:ef:91:54:f8:03:52:cf:b6:7c:94:fd:40:45:bc:08:46:14:
52:43:8c:17:b4:ca:b2:a1:6d:6a:8d:32:35:9a:94:56:d0:ca:
e2:83:05:51:b8:9d:d3:89:1d:0a:70:b8:93:7d:6d:59:f2:8b:
0e:dc:18:2e:fd:a9:c0:33:59:df:6c:b8:c9:02:f6:35:b0:2a:
e6:c0:db:ac:de:25:13:9e:5d:8c:ec:4b:64:00:5c:0f:cb:2f:
67:68:3c:d2:4d:a5:fb:08:2f:13:37:22:02:44:75:31:bb:ba:
45:ba:4e:fe:33:e1:54:b7:2b:ef:70:a8:86:35:ec:db:f4:1c:
63:31:99:f2:78:8d:a2:f5:7b:2d:3b:7a:8c:13:97:0f:4d:78:
49:d8:50:a9:83:43:e2:3b:97:bb:3b:bc:32:cf:99:83:82:4f:
bd:e2:29:4b:ab:01:07:41:df:d7:96:27:2e:96:e1:cd:3e:0c:
3a:22:5d:cd:59:66:28:64:43:fc:44:64:65:01:63:45:53:7a:
af:e5:80:b0:eb:6b:e1:17:e0:ba:7d:e7:7c:c2:ad:8c:f8:88:
ec:1d:41:f4:c3:71:91:d5:8f:bc:71:fc:9e:5e:58:bc:63:a8:
d8:6e:ac:28:c9:bb:73:ca:25:63:74:77:cc:f5:08:b1:f0:74:
62:aa:01:31
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUDUK2JX9ScY+gQKSn/IzV1RN3JakwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTA2MjcxMTQ5NTZaFw0yNjA2MjYxMTU0NTZaMDMxMTAvBgNV
BAMTKDQ2RDYyNzdGRjVBMzM5NDdFMUEyRkNEMUI0OUU0NzgzOTI2NUQ5NjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1bSe6hR8YEI6DXdKNxaBPI0m/
tZGyalpN4/iL8oVOPFwKpPUmxrLSkrgomBnx2Xrl5r5NPPtDXsett4gszT46gnLq
s7SlBGR9dftW/MLufgmL0iQ5VECwOu1X8zKEZ4vC0V2LAgKely3ln0TZoMI+i/un
RTuBXB/N8irDttD2PAku4plXL/bAn2TwVhfqKme/xk/hbM73sLzgHsrB+6dS1tZn
2dwyR65yH348C4YfCGwVPSHXGKw5BbymtLEgLYi/XQNorXhld501rYM9F9QaDyu3
OZsE9H83J2cJQVWHP+OqQCIIR4RfopDD+HB6Bx114P6jbrcm0/FkApCY9FGBAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQURtYnf/WjOUfhovzRtJ5Hg5Jl2WgwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzkzMTJlMzIzMDM1MmUzMTMw
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMjMzMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABbzWowDQYJKoZIhvcNAQELBQADggEBAFDvkVT4A1LPtnyU/UBFvAhGFFJDjBe0
yrKhbWqNMjWalFbQyuKDBVG4ndOJHQpwuJN9bVnyiw7cGC79qcAzWd9suMkC9jWw
KubA26zeJROeXYzsS2QAXA/LL2doPNJNpfsILxM3IgJEdTG7ukW6Tv4z4VS3K+9w
qIY17Nv0HGMxmfJ4jaL1ey07eowTlw9NeEnYUKmDQ+I7l7s7vDLPmYOCT73iKUur
AQdB39eWJy6W4c0+DDoiXc1ZZihkQ/xEZGUBY0VTeq/lgLDra+EX4Lp953zCrYz4
iOwdQfTDcZHVj7xx/J5eWLxjqNhurCjJu3PKJWN0d8z1CLHwdGKqATE=
-----END CERTIFICATE-----
Generated at Sun Jun 29 14:24:18 2025 by rpki-client