Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3139332e3234362e3136352e302f32342d3234203d3e20323132383135.roa
File: 3139332e3234362e3136352e302f32342d3234203d3e20323132383135.roa (raw, json)
Hash identifier: v4ysGluIX7l1o3oYHo6hoD+oU+wMieIX0KtE9SekExI=
Subject key identifier: 59:B3:92:A6:36:C4:98:B4:58:DF:35:FF:E8:2D:3A:45:56:B7:2C:B5
Certificate issuer: /CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Certificate serial: 14918A328B427C74CD32F7F907E24C550F947F09
Authority key identifier: 45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3139332e3234362e3136352e302f32342d3234203d3e20323132383135.roa
Signing time: Wed 05 Nov 2025 07:32:50 +0000
ROA not before: Wed 05 Nov 2025 07:27:50 +0000
ROA not after: Wed 04 Nov 2026 07:32:50 +0000
asID: 212815
IP address blocks: 193.246.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 10:59:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:91:8a:32:8b:42:7c:74:cd:32:f7:f9:07:e2:4c:55:0f:94:7f:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Validity
Not Before: Nov 5 07:27:50 2025 GMT
Not After : Nov 4 07:32:50 2026 GMT
Subject: CN=59B392A636C498B458DF35FFE82D3A4556B72CB5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:01:e2:36:d1:4c:51:5b:b7:57:d1:1f:be:a7:
6c:e5:e5:d2:10:a6:42:90:aa:61:e3:bd:4e:51:a9:
db:f9:72:3d:ae:09:16:73:f5:3b:a5:ce:14:29:78:
b4:e3:04:c6:19:94:04:4c:2c:b8:c0:e1:26:9e:f8:
55:7d:c1:e6:9c:33:2e:71:10:de:d0:4d:96:46:31:
89:c8:ea:c8:57:41:9a:68:20:50:46:5a:28:7f:60:
92:b4:15:3e:f6:e3:63:aa:2c:54:ee:91:fd:86:c1:
cb:ba:f4:ee:6d:50:ba:ac:b2:f3:5a:06:6f:ac:63:
96:a5:ad:d0:10:59:c2:82:4f:0a:d7:ec:6c:7c:18:
90:f1:5b:ee:c1:68:f0:c8:92:8e:bb:c7:51:67:0a:
80:ac:24:c0:20:08:3a:70:76:46:b0:a2:03:d9:da:
fe:8a:f4:20:c6:44:22:1d:e8:01:b6:69:05:b0:a8:
1f:2a:47:1b:6f:8e:2b:21:07:33:db:db:80:c8:3f:
85:bf:f4:ed:78:a0:10:b5:fd:ae:86:8b:0d:eb:7f:
53:2f:00:ba:b3:00:35:54:bf:32:f3:b0:d3:fe:4d:
ac:85:b0:16:ba:19:f6:08:cb:6b:3f:d3:78:5c:a6:
e9:73:00:d1:02:4d:d4:3b:fe:03:05:69:f7:d6:be:
1e:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:B3:92:A6:36:C4:98:B4:58:DF:35:FF:E8:2D:3A:45:56:B7:2C:B5
X509v3 Authority Key Identifier:
keyid:45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3139332e3234362e3136352e302f32342d3234203d3e20323132383135.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.246.165.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:44:99:8e:30:c2:8b:62:bb:bc:08:fe:f3:26:12:ce:14:f8:
1c:cc:0d:e1:eb:66:17:a4:ae:98:49:67:eb:c3:a9:84:34:1e:
8e:2d:42:14:c0:2c:af:4c:15:db:5a:e8:23:a3:80:3f:75:0a:
42:43:5f:b1:5b:37:2b:a8:dd:82:34:8b:2b:c8:ec:92:c1:01:
b8:5e:4f:1f:78:d0:54:d2:2d:64:2f:8d:1c:ae:1f:43:b9:b7:
e4:91:4b:60:8e:a4:a5:56:e4:38:b8:fb:00:f2:05:98:13:e2:
c4:b0:06:0f:bc:20:19:4f:94:2f:5e:9b:38:bd:d1:35:f5:0a:
5e:ce:33:64:05:d3:1d:5d:c7:43:7d:4e:67:c6:63:53:92:65:
67:94:2d:77:dc:b1:33:fe:60:12:24:b0:aa:b3:a7:ca:af:0b:
e3:bc:a3:a5:8a:7b:9a:71:13:6c:95:ca:80:fe:fe:38:a6:a0:
bc:f9:d8:fd:95:c5:fc:25:c7:c3:16:ba:bc:c4:3e:22:dd:e5:
8b:b0:b0:92:a1:ff:e0:e3:7e:e9:7a:9e:ed:92:0a:58:08:d5:
1f:59:f4:d0:ed:c2:70:6b:1e:f0:c6:98:32:63:73:9a:bf:71:
81:a4:cf:94:f2:05:25:76:96:88:c1:c8:af:20:d5:d7:1d:f9:
37:c6:85:4b
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUFJGKMotCfHTNMvf5B+JMVQ+UfwkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDVlODY0OGU0NDVkY2NkMGQ4ZWU2OTlmNTE0MGJiODE0
ZTQzYWUxYjAeFw0yNTExMDUwNzI3NTBaFw0yNjExMDQwNzMyNTBaMDMxMTAvBgNV
BAMTKDU5QjM5MkE2MzZDNDk4QjQ1OERGMzVGRkU4MkQzQTQ1NTZCNzJDQjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBAeI20UxRW7dX0R++p2zl5dIQ
pkKQqmHjvU5Rqdv5cj2uCRZz9TulzhQpeLTjBMYZlARMLLjA4Sae+FV9weacMy5x
EN7QTZZGMYnI6shXQZpoIFBGWih/YJK0FT7242OqLFTukf2Gwcu69O5tULqssvNa
Bm+sY5alrdAQWcKCTwrX7Gx8GJDxW+7BaPDIko67x1FnCoCsJMAgCDpwdkawogPZ
2v6K9CDGRCId6AG2aQWwqB8qRxtvjishBzPb24DIP4W/9O14oBC1/a6Giw3rf1Mv
ALqzADVUvzLzsNP+TayFsBa6GfYIy2s/03hcpulzANECTdQ7/gMFaffWvh6pAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUWbOSpjbEmLRY3zX/6C06RVa3LLUwHwYDVR0j
BBgwFoAURehkjkRdzNDY7mmfUUC7gU5DrhswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTMzYjJmZDctMzFjMS00NTFjLTgyODgtYzFhYTBhYTEy
NzUwLzAvNDVFODY0OEU0NDVEQ0NEMEQ4RUU2OTlGNTE0MEJCODE0RTQzQUUxQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JlaGtqa1Jkek5EWTdtbWZVVUM3Z1U1
RHJocy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTMzYjJmZDct
MzFjMS00NTFjLTgyODgtYzFhYTBhYTEyNzUwLzAvMzEzOTMzMmUzMjM0MzYyZTMx
MzYzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjM4MzEzNS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMH2pTANBgkqhkiG9w0BAQsFAAOCAQEAbkSZjjDCi2K7vAj+8yYSzhT4HMwN
4etmF6SumEln68OphDQeji1CFMAsr0wV21roI6OAP3UKQkNfsVs3K6jdgjSLK8js
ksEBuF5PH3jQVNItZC+NHK4fQ7m35JFLYI6kpVbkOLj7APIFmBPixLAGD7wgGU+U
L16bOL3RNfUKXs4zZAXTHV3HQ31OZ8ZjU5JlZ5Qtd9yxM/5gEiSwqrOnyq8L47yj
pYp7mnETbJXKgP7+OKagvPnY/ZXF/CXHwxa6vMQ+It3li7CwkqH/4ON+6Xqe7ZIK
WAjVH1n00O3CcGse8MaYMmNzmr9xgaTPlPIFJXaWiMHIryDV1x35N8aFSw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 17:25:59 2025 by rpki-client