Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139342e302f32342d3234203d3e203339333638.roa
File: 3139342e33312e3139342e302f32342d3234203d3e203339333638.roa (raw, json)
Hash identifier: qMisc8M9fAgiB1zw7/Tn0y61M2FDJt3sqCMkzKcplhA=
Subject key identifier: 4D:74:0C:C1:1E:CC:75:49:29:98:81:C1:CE:E7:42:C9:1E:53:AD:C1
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 7F0E6364AD6B85BACAA0612CC52327F630A76FC6
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139342e302f32342d3234203d3e203339333638.roa
Signing time: Fri 24 Oct 2025 08:55:10 +0000
ROA not before: Fri 24 Oct 2025 08:50:10 +0000
ROA not after: Fri 23 Oct 2026 08:55:10 +0000
asID: 39368
IP address blocks: 194.31.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:0e:63:64:ad:6b:85:ba:ca:a0:61:2c:c5:23:27:f6:30:a7:6f:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Oct 24 08:50:10 2025 GMT
Not After : Oct 23 08:55:10 2026 GMT
Subject: CN=4D740CC11ECC7549299881C1CEE742C91E53ADC1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:3f:9f:10:4a:30:a3:30:05:85:b2:4c:aa:b7:
91:54:25:5a:c8:e4:95:84:c3:8c:63:55:6b:a3:da:
d1:d9:b5:c7:ed:65:c0:b4:37:d5:1b:1b:ac:25:16:
e4:6e:09:11:02:ca:c5:79:25:ae:75:7a:6f:87:29:
33:bb:c0:04:7e:76:5f:cb:22:47:ee:14:8e:e0:ae:
40:79:a8:db:50:f3:45:91:61:48:77:f9:76:32:39:
7e:bd:ee:f1:f9:a3:bb:7e:d8:e0:44:52:c3:dd:ad:
7f:97:62:b4:e7:95:2e:6d:59:02:36:84:97:08:03:
cc:cb:21:6c:b1:90:62:7d:da:05:4a:1f:52:be:ef:
33:77:56:2d:d6:8d:75:45:21:c1:09:41:51:4c:ed:
1a:b6:7b:22:1f:97:a1:f2:40:a9:95:ae:e2:01:48:
c0:9e:22:12:e7:0b:94:ae:66:a4:ad:3b:6b:85:ee:
07:87:71:e2:c8:58:b9:ff:84:98:38:a6:00:71:b1:
01:75:de:84:42:fe:3e:db:bc:aa:0a:5d:e5:50:9b:
5d:3e:45:b4:05:0f:7c:d2:69:98:3f:a8:ec:02:26:
9f:41:f7:10:19:b2:a5:04:a5:5a:a8:c7:60:91:55:
f7:93:ff:d8:a6:2d:9e:9a:87:35:ee:a1:27:13:cf:
13:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:74:0C:C1:1E:CC:75:49:29:98:81:C1:CE:E7:42:C9:1E:53:AD:C1
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139342e302f32342d3234203d3e203339333638.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.194.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:d1:8c:08:a6:bf:ab:38:58:c7:19:82:c2:bf:6c:76:0e:c1:
08:17:96:f4:85:71:47:06:7c:1e:0e:56:94:fe:53:ab:01:b0:
d1:4f:f4:f6:f3:6c:38:12:26:72:9f:55:16:49:ad:c0:24:bd:
38:b0:9a:aa:a9:c0:96:ac:7e:5a:59:ca:93:aa:38:f1:b3:22:
c5:85:bd:92:8f:cc:c9:e8:81:67:a3:b9:f5:66:8e:8e:c4:6a:
25:b7:86:bb:b5:4c:b7:7a:23:0a:6f:1f:9d:12:6f:8a:b5:75:
72:dc:b5:54:63:0c:1c:cd:88:f3:d6:4b:f6:1f:75:b7:de:b6:
c0:07:8f:34:ce:37:f4:52:d0:b7:1d:1a:e0:1f:89:b3:e8:47:
64:2b:4c:10:e4:ee:31:39:77:c4:ee:35:17:0d:28:a6:2c:86:
4a:85:ee:be:d9:49:ec:b4:b1:0e:f2:fa:63:58:33:94:a9:b0:
7b:a2:ad:c1:c9:34:fb:54:58:c6:2d:67:14:cc:bb:39:c2:66:
18:2c:42:7b:9b:49:4a:38:61:f0:02:4a:73:d5:fc:43:73:98:
14:92:ef:6a:5a:bf:bf:20:ff:08:8c:99:22:96:2c:06:0e:df:
db:33:23:74:9c:1a:5d:53:bf:9d:2d:71:ea:a1:bc:3f:67:3f:
5e:34:fd:ff
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUfw5jZK1rhbrKoGEsxSMn9jCnb8YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNTEwMjQwODUwMTBaFw0yNjEwMjMwODU1MTBaMDMxMTAvBgNV
BAMTKDRENzQwQ0MxMUVDQzc1NDkyOTk4ODFDMUNFRTc0MkM5MUU1M0FEQzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8P58QSjCjMAWFskyqt5FUJVrI
5JWEw4xjVWuj2tHZtcftZcC0N9UbG6wlFuRuCRECysV5Ja51em+HKTO7wAR+dl/L
IkfuFI7grkB5qNtQ80WRYUh3+XYyOX697vH5o7t+2OBEUsPdrX+XYrTnlS5tWQI2
hJcIA8zLIWyxkGJ92gVKH1K+7zN3Vi3WjXVFIcEJQVFM7Rq2eyIfl6HyQKmVruIB
SMCeIhLnC5SuZqStO2uF7geHceLIWLn/hJg4pgBxsQF13oRC/j7bvKoKXeVQm10+
RbQFD3zSaZg/qOwCJp9B9xAZsqUEpVqox2CRVfeT/9imLZ6ahzXuoScTzxPpAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUTXQMwR7MdUkpmIHBzudCyR5TrcEwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzEzOTM0MmUzMzMxMmUzMTM5
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzMzNjM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wh/CMA0GCSqGSIb3DQEBCwUAA4IBAQCg0YwIpr+rOFjHGYLCv2x2DsEIF5b0hXFH
BnweDlaU/lOrAbDRT/T282w4EiZyn1UWSa3AJL04sJqqqcCWrH5aWcqTqjjxsyLF
hb2Sj8zJ6IFno7n1Zo6OxGolt4a7tUy3eiMKbx+dEm+KtXVy3LVUYwwczYjz1kv2
H3W33rbAB480zjf0UtC3HRrgH4mz6EdkK0wQ5O4xOXfE7jUXDSimLIZKhe6+2Uns
tLEO8vpjWDOUqbB7oq3ByTT7VFjGLWcUzLs5wmYYLEJ7m0lKOGHwAkpz1fxDc5gU
ku9qWr+/IP8IjJkiliwGDt/bMyN0nBpdU7+dLXHqobw/Zz9eNP3/
-----END CERTIFICATE-----
Generated at Tue Nov 4 16:41:17 2025 by rpki-client