Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e35302e3233332e302f32342d3234203d3e203535323836.roa
File: 3139342e35302e3233332e302f32342d3234203d3e203535323836.roa (raw, json)
Hash identifier: e8pQ8DIoexv4eSgcmeIca6dPf9eFFltEvNMHVeGxj8g=
Subject key identifier: EF:89:E7:B3:7B:1F:69:AD:FE:56:17:9F:C8:F3:B9:CD:E3:B7:C9:C2
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 223A2ACB3748B122761AF71B087716FCFD78DF20
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e35302e3233332e302f32342d3234203d3e203535323836.roa
Signing time: Wed 22 Oct 2025 07:55:09 +0000
ROA not before: Wed 22 Oct 2025 07:50:09 +0000
ROA not after: Wed 21 Oct 2026 07:55:09 +0000
asID: 55286
IP address blocks: 194.50.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.mft
rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:3a:2a:cb:37:48:b1:22:76:1a:f7:1b:08:77:16:fc:fd:78:df:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Oct 22 07:50:09 2025 GMT
Not After : Oct 21 07:55:09 2026 GMT
Subject: CN=EF89E7B37B1F69ADFE56179FC8F3B9CDE3B7C9C2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:77:11:39:c9:a7:c5:75:a0:c0:1d:57:3f:9a:
a1:a3:44:fa:09:da:04:5c:f2:45:5d:02:7d:42:36:
50:58:7e:ea:01:25:10:09:97:97:2b:ff:05:3a:c3:
58:86:24:5b:4c:a0:9c:65:83:86:c6:b1:d7:4e:43:
c2:86:f6:5e:b9:8d:50:ad:6b:11:51:74:22:8e:be:
de:51:0e:4e:75:b5:4f:26:81:5d:68:1d:af:24:7d:
3c:f7:80:c4:1c:2c:66:71:fe:5f:e8:13:c1:69:88:
d0:03:73:9d:7e:7e:53:32:59:12:d7:d1:2c:45:b6:
1d:03:b6:cc:6f:39:bd:db:26:65:b2:f0:a3:d5:8b:
6e:ed:a8:17:40:49:c2:74:9c:88:42:bc:a0:7a:8d:
eb:cc:d4:2a:8e:7c:9a:c3:7b:73:c2:b1:4e:fb:3e:
52:71:71:6b:d0:98:09:3a:c2:05:d9:00:a8:25:c6:
a0:24:73:0c:94:ce:02:c9:2f:9c:1b:00:f6:e6:86:
91:90:0b:73:02:93:c8:8f:5d:21:ed:40:32:a3:e9:
91:b4:5f:88:77:97:39:f6:55:0b:dc:6d:93:0a:33:
2b:d0:9e:09:d4:f8:40:8b:b0:14:de:a8:48:9d:8d:
1b:21:92:90:4d:4e:c7:aa:d7:ef:7a:56:48:de:b5:
d7:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:89:E7:B3:7B:1F:69:AD:FE:56:17:9F:C8:F3:B9:CD:E3:B7:C9:C2
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e35302e3233332e302f32342d3234203d3e203535323836.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.233.0/24
Signature Algorithm: sha256WithRSAEncryption
55:41:77:41:ef:1e:eb:d0:aa:42:26:e1:fa:27:77:0a:f4:e1:
63:0c:8c:a0:0a:0e:df:cc:d2:b1:38:92:7d:6b:77:2f:0a:b4:
e6:bb:a3:81:82:ee:a9:06:82:88:a7:b8:3f:e4:b4:c9:4a:da:
45:ec:3a:ee:93:91:01:be:b9:6b:10:a6:35:98:2f:27:9f:cf:
16:90:ef:50:10:8b:d4:c1:dd:9a:6b:1e:ae:35:3e:f6:83:fe:
00:02:73:34:ad:d5:38:3e:c8:dc:e2:3d:74:56:b6:f9:0f:7d:
48:de:e7:3c:db:40:8c:ed:27:00:db:e7:2c:de:05:b4:9d:7c:
87:6f:d9:85:e6:99:20:a5:41:d2:1a:7f:08:19:ca:a0:8b:15:
3e:bc:a9:ad:ec:78:2d:aa:8c:69:24:5e:8c:8d:02:01:8d:4c:
03:e7:c7:f1:0a:72:c5:10:30:9f:52:8b:36:8a:83:2a:e7:b3:
46:e7:34:11:bf:20:fa:57:d5:fc:dd:13:0e:f5:40:fd:d3:f6:
dd:0f:96:3d:ae:8f:97:1b:73:49:89:1b:db:18:3f:dd:a5:73:
a6:64:f6:9e:e8:09:f5:c4:1e:28:a6:d1:8c:08:bc:5a:98:cc:
59:a0:60:af:63:d0:6b:90:3a:19:88:75:38:64:24:5d:06:f3:
f4:34:f1:97
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUIjoqyzdIsSJ2GvcbCHcW/P143yAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNTEwMjIwNzUwMDlaFw0yNjEwMjEwNzU1MDlaMDMxMTAvBgNV
BAMTKEVGODlFN0IzN0IxRjY5QURGRTU2MTc5RkM4RjNCOUNERTNCN0M5QzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxdxE5yafFdaDAHVc/mqGjRPoJ
2gRc8kVdAn1CNlBYfuoBJRAJl5cr/wU6w1iGJFtMoJxlg4bGsddOQ8KG9l65jVCt
axFRdCKOvt5RDk51tU8mgV1oHa8kfTz3gMQcLGZx/l/oE8FpiNADc51+flMyWRLX
0SxFth0DtsxvOb3bJmWy8KPVi27tqBdAScJ0nIhCvKB6jevM1CqOfJrDe3PCsU77
PlJxcWvQmAk6wgXZAKglxqAkcwyUzgLJL5wbAPbmhpGQC3MCk8iPXSHtQDKj6ZG0
X4h3lzn2VQvcbZMKMyvQngnU+ECLsBTeqEidjRshkpBNTseq1+96VkjetdcnAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU74nns3sfaa3+VhefyPO5zeO3ycIwHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzEzOTM0MmUzNTMwMmUzMjMz
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTM1MzIzODM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wjLpMA0GCSqGSIb3DQEBCwUAA4IBAQBVQXdB7x7r0KpCJuH6J3cK9OFjDIygCg7f
zNKxOJJ9a3cvCrTmu6OBgu6pBoKIp7g/5LTJStpF7Druk5EBvrlrEKY1mC8nn88W
kO9QEIvUwd2aax6uNT72g/4AAnM0rdU4Psjc4j10Vrb5D31I3uc820CM7ScA2+cs
3gW0nXyHb9mF5pkgpUHSGn8IGcqgixU+vKmt7HgtqoxpJF6MjQIBjUwD58fxCnLF
EDCfUos2ioMq57NG5zQRvyD6V9X83RMO9UD90/bdD5Y9ro+XG3NJiRvbGD/dpXOm
ZPae6An1xB4optGMCLxamMxZoGCvY9BrkDoZiHU4ZCRdBvP0NPGX
-----END CERTIFICATE-----
Generated at Wed Nov 5 10:52:55 2025 by rpki-client