Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139392e302f32342d3234203d3e20323132323338.roa
File: 3139332e3130392e3139392e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: JXAtgWKvJ8VSOdg19QhWmX3BErhqZ23MzAEL+xsssUk=
Subject key identifier: 65:C4:E7:D1:6B:4C:46:96:26:0C:42:5D:27:75:0F:C6:23:34:AE:C5
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 13AC5C9B0608B9E57DF52D3CB2FCFA0845572421
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139392e302f32342d3234203d3e20323132323338.roa
Signing time: Mon 04 Aug 2025 11:19:50 +0000
ROA not before: Mon 04 Aug 2025 11:14:50 +0000
ROA not after: Mon 03 Aug 2026 11:19:50 +0000
asID: 212238
IP address blocks: 193.109.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 20:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:ac:5c:9b:06:08:b9:e5:7d:f5:2d:3c:b2:fc:fa:08:45:57:24:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Aug 4 11:14:50 2025 GMT
Not After : Aug 3 11:19:50 2026 GMT
Subject: CN=65C4E7D16B4C4696260C425D27750FC62334AEC5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:7b:c7:16:bd:92:29:57:d6:12:05:b7:27:d7:
9d:66:fa:e9:e8:03:49:31:da:0c:c4:eb:fa:15:b0:
58:b3:b3:76:14:d7:2e:13:cd:bc:00:ed:24:38:20:
5a:8b:12:80:0b:4c:56:fb:2e:72:1c:be:52:c5:c1:
a2:e6:c1:ee:f0:ab:20:6c:26:b3:ca:04:8b:8e:97:
91:f4:d5:e8:5e:9e:d5:64:80:00:51:3d:e9:a9:02:
38:be:11:04:ad:af:20:e2:ce:03:26:40:e9:3b:4c:
91:46:06:45:0c:6a:36:bb:86:d9:c6:bb:d5:7e:52:
11:bf:ea:6f:fe:c8:1b:bf:03:6d:6c:3e:04:2a:b0:
ab:43:f1:94:72:1b:b3:ef:82:07:08:e5:e2:3f:a9:
73:29:34:41:fd:ce:74:3e:a3:32:ac:51:1a:1a:76:
64:c8:ed:d2:7a:1f:d3:0a:79:15:5a:14:a9:32:63:
55:ac:cd:81:ce:b2:3e:94:23:4c:f7:1e:ca:7e:78:
a5:47:c3:c0:c2:30:56:7f:72:ef:2c:54:6e:9b:60:
86:b5:63:aa:7e:bd:2e:de:1e:d3:35:67:3f:d4:f2:
f8:09:fc:78:95:9c:bd:2c:46:de:8a:46:6b:c8:24:
44:29:70:46:fc:6b:7d:66:7f:1e:fa:d2:f0:35:f9:
8f:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:C4:E7:D1:6B:4C:46:96:26:0C:42:5D:27:75:0F:C6:23:34:AE:C5
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139392e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.199.0/24
Signature Algorithm: sha256WithRSAEncryption
54:85:88:1f:55:1d:5b:b5:72:cd:64:f3:fe:63:cf:75:d0:82:
bb:98:84:01:90:c6:5d:da:53:c5:d8:b4:80:41:3d:0a:a2:7f:
91:1b:24:07:d8:5c:d7:7b:d1:4f:30:44:23:22:34:3f:d3:55:
e4:8c:39:38:d3:7d:90:f6:47:32:3d:8c:05:2f:e5:f7:dd:b8:
5b:e1:70:5f:35:38:6f:2e:dc:b6:3a:0c:45:e7:98:9e:b6:f3:
a8:0a:81:de:a1:8f:3b:12:2a:35:61:82:36:b8:68:9a:75:e2:
db:cd:c3:7a:b7:28:8b:16:8e:c7:3e:1a:8b:3c:10:28:ba:e7:
1b:bd:76:ba:d5:71:26:33:ea:4b:43:27:f4:8d:b1:d9:5a:08:
63:ff:50:29:26:26:64:a1:4c:6c:cd:ff:7f:7e:39:cc:b1:26:
e7:db:e1:86:8e:f7:c2:09:1b:dc:43:d6:88:a5:c2:5e:d7:3b:
dc:2c:7f:1b:f7:8c:c0:35:3d:f5:8a:ad:fa:6b:73:88:74:36:
3e:8d:c7:2e:1d:13:3e:bc:1b:a8:ec:c8:04:9f:12:85:9d:1b:
aa:3a:b1:0e:43:1d:e9:d9:26:f3:86:e2:ae:b8:7a:11:0d:a5:
7c:1d:1b:82:3b:5a:95:63:0b:ba:dd:45:97:eb:8f:c9:6f:e0:
25:fa:18:97
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUE6xcmwYIueV99S08svz6CEVXJCEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTA4MDQxMTE0NTBaFw0yNjA4MDMxMTE5NTBaMDMxMTAvBgNV
BAMTKDY1QzRFN0QxNkI0QzQ2OTYyNjBDNDI1RDI3NzUwRkM2MjMzNEFFQzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDwe8cWvZIpV9YSBbcn151m+uno
A0kx2gzE6/oVsFizs3YU1y4TzbwA7SQ4IFqLEoALTFb7LnIcvlLFwaLmwe7wqyBs
JrPKBIuOl5H01ehentVkgABRPempAji+EQStryDizgMmQOk7TJFGBkUMaja7htnG
u9V+UhG/6m/+yBu/A21sPgQqsKtD8ZRyG7PvggcI5eI/qXMpNEH9znQ+ozKsURoa
dmTI7dJ6H9MKeRVaFKkyY1WszYHOsj6UI0z3Hsp+eKVHw8DCMFZ/cu8sVG6bYIa1
Y6p+vS7eHtM1Zz/U8vgJ/HiVnL0sRt6KRmvIJEQpcEb8a31mfx760vA1+Y+TAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUZcTn0WtMRpYmDEJdJ3UPxiM0rsUwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzOTMzMmUzMTMwMzkyZTMx
MzkzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMyMzMzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMFtxzANBgkqhkiG9w0BAQsFAAOCAQEAVIWIH1UdW7VyzWTz/mPPddCCu5iE
AZDGXdpTxdi0gEE9CqJ/kRskB9hc13vRTzBEIyI0P9NV5Iw5ONN9kPZHMj2MBS/l
9924W+FwXzU4by7ctjoMReeYnrbzqAqB3qGPOxIqNWGCNrhomnXi283DercoixaO
xz4aizwQKLrnG712utVxJjPqS0Mn9I2x2VoIY/9QKSYmZKFMbM3/f345zLEm59vh
ho73wgkb3EPWiKXCXtc73Cx/G/eMwDU99Yqt+mtziHQ2Po3HLh0TPrwbqOzIBJ8S
hZ0bqjqxDkMd6dkm84birrh6EQ2lfB0bgjtalWMLut1Fl+uPyW/gJfoYlw==
-----END CERTIFICATE-----
Generated at Sat Aug 9 02:46:46 2025 by rpki-client