Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3139352e3231312e35312e302f32342d3234203d3e203235313938.roa
File: 3139352e3231312e35312e302f32342d3234203d3e203235313938.roa (raw, json)
Hash identifier: 8WrV/v4Pwustk3GJ32BOtmYy9iPLVN7gRV+lKsziw5I=
Subject key identifier: 31:DE:E2:F3:DE:F2:25:9F:A9:2D:D0:BB:FA:21:92:F0:C2:81:BC:89
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 3B4F149EA08D9793E4B6D023B6F1CA209086EB24
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3139352e3231312e35312e302f32342d3234203d3e203235313938.roa
Signing time: Thu 23 Oct 2025 07:41:56 +0000
ROA not before: Thu 23 Oct 2025 07:36:56 +0000
ROA not after: Thu 22 Oct 2026 07:41:56 +0000
asID: 25198
IP address blocks: 195.211.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Nov 2025 23:04:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:4f:14:9e:a0:8d:97:93:e4:b6:d0:23:b6:f1:ca:20:90:86:eb:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Oct 23 07:36:56 2025 GMT
Not After : Oct 22 07:41:56 2026 GMT
Subject: CN=31DEE2F3DEF2259FA92DD0BBFA2192F0C281BC89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:82:98:c3:2b:80:aa:4f:a1:1e:c6:07:89:28:
e3:d8:1c:cf:c3:72:90:10:26:4d:a0:3c:60:be:b3:
be:2d:8d:1a:d6:a8:b0:18:bc:34:f8:23:a3:8c:41:
aa:b3:b0:a4:32:7d:b8:e5:4f:30:66:ad:dd:5d:e4:
ac:3b:3c:a8:2f:fe:1d:51:c3:76:5d:6c:da:c1:8e:
ec:5d:c5:65:56:9c:36:5c:e3:82:4f:c0:6a:a8:6d:
21:f4:ca:34:fd:91:0f:8f:b1:c7:49:84:df:64:12:
c5:05:61:c3:33:f2:a7:e3:fa:a1:85:fb:65:b6:1c:
d3:eb:2e:f1:e2:ca:20:92:7d:e2:e3:01:a9:20:39:
35:40:77:07:29:9f:6a:59:80:49:be:01:45:d7:6a:
49:4c:c7:e9:15:55:75:eb:99:cb:d4:b4:21:f1:39:
90:e5:d2:66:f2:b7:37:48:84:5c:51:dd:26:13:52:
3e:8d:df:da:14:87:30:e8:92:1e:63:45:08:c3:61:
09:4d:0a:f5:a8:5c:81:d1:c1:1f:09:5a:36:41:64:
57:23:e8:b0:cc:01:f0:43:e7:f8:ef:ce:b6:f6:92:
74:08:25:90:f8:ba:6e:3b:c6:19:21:28:0f:17:6c:
51:82:31:78:c6:f9:4f:6a:c6:05:e8:38:64:d0:e4:
c6:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:DE:E2:F3:DE:F2:25:9F:A9:2D:D0:BB:FA:21:92:F0:C2:81:BC:89
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3139352e3231312e35312e302f32342d3234203d3e203235313938.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.211.51.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:c3:42:0e:b6:81:80:9a:f7:c2:c0:d1:e6:3a:5e:79:09:88:
28:12:2b:ba:08:47:d3:a6:c6:1b:48:01:8a:f3:2f:79:8e:b5:
8a:42:46:1e:42:42:c3:c5:c4:56:49:4c:bd:8e:29:e1:e0:ad:
10:06:54:98:1c:f8:40:17:0b:83:ea:0d:b2:ab:f5:54:5f:2b:
34:57:88:fe:4e:bb:10:81:9d:28:59:64:ab:18:74:73:cd:fc:
ef:79:3a:94:64:8c:23:73:11:2e:45:59:38:65:b9:aa:1d:85:
f8:f0:ac:bd:c2:3e:96:a0:09:61:c4:41:9a:6b:2b:e9:01:67:
8c:a3:89:b0:57:e6:0d:11:cd:13:9d:ee:e2:9c:78:a7:a3:84:
4d:d0:bd:91:71:89:23:31:ac:ce:f7:7b:d5:e9:4a:d4:ae:59:
e6:95:2f:e2:0c:f9:e1:5a:20:dd:e3:2c:ae:5b:e4:97:8a:0c:
a4:60:d6:d4:41:54:7d:4a:ed:26:7a:de:3b:8f:8b:9d:ef:5a:
f0:85:64:58:02:13:07:82:d4:e0:5b:4b:a8:7f:ed:53:08:b0:
5d:71:02:38:42:77:3e:da:ca:69:f9:e8:81:f7:25:66:af:a8:
99:b2:76:c5:c7:30:b2:99:f1:d2:94:08:1d:9d:f8:3c:3d:5c:
12:a5:18:fd
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUO08UnqCNl5PkttAjtvHKIJCG6yQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNTEwMjMwNzM2NTZaFw0yNjEwMjIwNzQxNTZaMDMxMTAvBgNV
BAMTKDMxREVFMkYzREVGMjI1OUZBOTJERDBCQkZBMjE5MkYwQzI4MUJDODkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7gpjDK4CqT6EexgeJKOPYHM/D
cpAQJk2gPGC+s74tjRrWqLAYvDT4I6OMQaqzsKQyfbjlTzBmrd1d5Kw7PKgv/h1R
w3ZdbNrBjuxdxWVWnDZc44JPwGqobSH0yjT9kQ+PscdJhN9kEsUFYcMz8qfj+qGF
+2W2HNPrLvHiyiCSfeLjAakgOTVAdwcpn2pZgEm+AUXXaklMx+kVVXXrmcvUtCHx
OZDl0mbytzdIhFxR3SYTUj6N39oUhzDokh5jRQjDYQlNCvWoXIHRwR8JWjZBZFcj
6LDMAfBD5/jvzrb2knQIJZD4um47xhkhKA8XbFGCMXjG+U9qxgXoOGTQ5MbPAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUMd7i897yJZ+pLdC7+iGS8MKBvIkwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzOTM1MmUzMjMxMzEyZTM1
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM1MzEzOTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
w9MzMA0GCSqGSIb3DQEBCwUAA4IBAQAcw0IOtoGAmvfCwNHmOl55CYgoEiu6CEfT
psYbSAGK8y95jrWKQkYeQkLDxcRWSUy9jinh4K0QBlSYHPhAFwuD6g2yq/VUXys0
V4j+TrsQgZ0oWWSrGHRzzfzveTqUZIwjcxEuRVk4ZbmqHYX48Ky9wj6WoAlhxEGa
ayvpAWeMo4mwV+YNEc0Tne7inHino4RN0L2RcYkjMazO93vV6UrUrlnmlS/iDPnh
WiDd4yyuW+SXigykYNbUQVR9Su0met47j4ud71rwhWRYAhMHgtTgW0uof+1TCLBd
cQI4Qnc+2spp+eiB9yVmr6iZsnbFxzCymfHSlAgdnfg8PVwSpRj9
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:03:48 2025 by rpki-client