Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3139342e35392e3232332e302f32342d3234203d3e20313939363134.roa
File: 3139342e35392e3232332e302f32342d3234203d3e20313939363134.roa (raw, json)
Hash identifier: nYDMVjiJuVEFnKlQkQFlqywJDLa+eHnz9tVEeXNNlho=
Subject key identifier: AB:AB:79:35:32:63:B8:F4:66:DC:C9:8A:B1:73:25:AE:2E:70:27:68
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 6DFD9637E3F5DB449318649A231BAD37C3154580
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3139342e35392e3232332e302f32342d3234203d3e20313939363134.roa
Signing time: Fri 24 Oct 2025 07:55:09 +0000
ROA not before: Fri 24 Oct 2025 07:50:09 +0000
ROA not after: Fri 23 Oct 2026 07:55:09 +0000
asID: 199614
IP address blocks: 194.59.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 15:20:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:fd:96:37:e3:f5:db:44:93:18:64:9a:23:1b:ad:37:c3:15:45:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Oct 24 07:50:09 2025 GMT
Not After : Oct 23 07:55:09 2026 GMT
Subject: CN=ABAB79353263B8F466DCC98AB17325AE2E702768
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:73:d7:f6:c3:40:2c:94:5d:9a:ba:a7:72:f1:
5c:9c:07:7d:b2:d0:46:d7:7b:74:a9:f6:a6:e3:ab:
e8:f2:9e:7f:18:65:c6:8c:5e:a9:dc:9b:b0:e2:9a:
5a:77:ec:a5:eb:52:20:68:aa:8f:dc:0d:98:bc:10:
c5:67:d9:0a:77:da:3b:4a:f6:d2:d7:9a:49:d0:71:
89:65:45:dc:d5:d0:0b:b9:aa:6b:50:4b:2c:da:0f:
b6:22:a2:be:8b:5d:c4:19:41:14:21:29:0b:40:80:
8d:b2:f6:cb:ad:bf:86:75:83:76:28:06:02:4f:5c:
2c:0a:c0:92:50:2a:63:3b:32:37:e7:d9:c2:04:21:
08:9d:9b:ec:79:a9:01:09:b8:d5:b4:83:6e:92:8e:
90:49:1d:90:d3:a0:00:40:19:8a:a3:46:75:10:ca:
fb:dc:1c:1b:45:b9:83:b4:62:60:7e:56:af:a6:d1:
b4:59:81:09:98:92:cd:62:df:3e:99:e0:b4:bc:7f:
1a:33:9a:00:6b:ae:76:22:89:d0:31:63:74:a2:18:
d7:41:91:f4:d3:ac:e0:d4:3f:2a:74:b2:2f:38:14:
7e:11:a2:06:92:a6:7b:91:1d:c7:29:6b:a0:1e:00:
b1:6c:45:1c:b4:06:df:bf:65:ce:1c:02:d5:21:55:
cd:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:AB:79:35:32:63:B8:F4:66:DC:C9:8A:B1:73:25:AE:2E:70:27:68
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3139342e35392e3232332e302f32342d3234203d3e20313939363134.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.59.223.0/24
Signature Algorithm: sha256WithRSAEncryption
83:e1:33:66:c5:bc:3e:2d:91:54:98:49:f5:de:16:2f:e7:ef:
0e:aa:43:e6:82:b2:79:b3:20:95:05:e9:81:d1:75:52:80:83:
92:bc:1c:2b:9d:bf:a1:c9:87:41:1c:51:41:2e:2c:d3:39:1a:
97:bf:08:ec:a0:3a:fc:df:29:ae:5f:f8:9d:e5:a1:54:5e:d5:
af:84:d3:81:47:39:67:58:f3:07:ec:d5:57:e2:2c:18:68:ea:
78:89:76:12:10:87:6d:c4:b0:ae:3a:07:52:51:7b:19:3f:27:
3b:d6:bf:73:7c:4b:c4:14:41:b6:a8:ba:58:8c:34:19:f5:73:
05:56:68:88:36:c7:40:f1:5f:e6:cd:04:ca:b1:cc:b5:53:60:
59:93:cc:0e:fe:ff:c0:aa:04:90:c9:9e:af:86:4c:aa:cc:e3:
d2:fa:19:a0:86:57:9b:3a:42:00:0a:60:4c:96:dd:c9:92:a6:
d1:86:e7:c6:d8:64:d7:36:c8:f3:b9:59:b8:38:fe:9a:54:0d:
70:60:f7:53:6a:ea:b0:fe:dd:8d:3d:2a:35:39:e5:2d:d8:54:
de:87:96:35:89:5f:cc:66:97:b6:cf:e0:5a:d6:2e:49:ec:25:
75:81:cb:26:83:05:af:ce:be:7d:2c:56:d7:f6:59:af:e3:20:
66:20:34:55
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUbf2WN+P120STGGSaIxutN8MVRYAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNTEwMjQwNzUwMDlaFw0yNjEwMjMwNzU1MDlaMDMxMTAvBgNV
BAMTKEFCQUI3OTM1MzI2M0I4RjQ2NkRDQzk4QUIxNzMyNUFFMkU3MDI3NjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYc9f2w0AslF2auqdy8VycB32y
0EbXe3Sp9qbjq+jynn8YZcaMXqncm7Dimlp37KXrUiBoqo/cDZi8EMVn2Qp32jtK
9tLXmknQcYllRdzV0Au5qmtQSyzaD7Yior6LXcQZQRQhKQtAgI2y9sutv4Z1g3Yo
BgJPXCwKwJJQKmM7Mjfn2cIEIQidm+x5qQEJuNW0g26SjpBJHZDToABAGYqjRnUQ
yvvcHBtFuYO0YmB+Vq+m0bRZgQmYks1i3z6Z4LS8fxozmgBrrnYiidAxY3SiGNdB
kfTTrODUPyp0si84FH4RogaSpnuRHccpa6AeALFsRRy0Bt+/Zc4cAtUhVc3LAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUq6t5NTJjuPRm3MmKsXMlri5wJ2gwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzOTM0MmUzNTM5MmUzMjMy
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM5MzkzNjMxMzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCO98wDQYJKoZIhvcNAQELBQADggEBAIPhM2bFvD4tkVSYSfXeFi/n7w6qQ+aC
snmzIJUF6YHRdVKAg5K8HCudv6HJh0EcUUEuLNM5Gpe/COygOvzfKa5f+J3loVRe
1a+E04FHOWdY8wfs1VfiLBho6niJdhIQh23EsK46B1JRexk/JzvWv3N8S8QUQbao
uliMNBn1cwVWaIg2x0DxX+bNBMqxzLVTYFmTzA7+/8CqBJDJnq+GTKrM49L6GaCG
V5s6QgAKYEyW3cmSptGG58bYZNc2yPO5Wbg4/ppUDXBg91Nq6rD+3Y09KjU55S3Y
VN6HljWJX8xml7bP4FrWLknsJXWByyaDBa/Ovn0sVtf2Wa/jIGYgNFU=
-----END CERTIFICATE-----
Generated at Wed Nov 5 03:11:19 2025 by rpki-client