Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3139332e3234362e3136352e302f32342d3234203d3e20323135373237.roa
File: 3139332e3234362e3136352e302f32342d3234203d3e20323135373237.roa (raw, json)
Hash identifier: lSm6X66gNWDs/TTuCVneNTdg6ziFYnxT4m3l/GUHEaA=
Subject key identifier: 30:AA:2F:2A:F5:A7:4F:85:45:CE:4E:24:12:B3:69:7B:F6:58:7F:27
Certificate issuer: /CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Certificate serial: 5A9FAA905D1C3861AF7FDC8F6B657A51F88A529F
Authority key identifier: 45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3139332e3234362e3136352e302f32342d3234203d3e20323135373237.roa
Signing time: Wed 05 Nov 2025 07:33:04 +0000
ROA not before: Wed 05 Nov 2025 07:28:04 +0000
ROA not after: Wed 04 Nov 2026 07:33:04 +0000
asID: 215727
IP address blocks: 193.246.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:9f:aa:90:5d:1c:38:61:af:7f:dc:8f:6b:65:7a:51:f8:8a:52:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Validity
Not Before: Nov 5 07:28:04 2025 GMT
Not After : Nov 4 07:33:04 2026 GMT
Subject: CN=30AA2F2AF5A74F8545CE4E2412B3697BF6587F27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:ea:e9:0d:d9:b9:b5:6c:45:2e:7d:c7:ce:82:
68:15:c5:05:d9:88:f1:b4:2d:86:75:62:65:90:87:
f1:bb:63:90:cd:f7:46:14:f9:49:ff:a2:e0:5e:18:
08:88:e5:b9:73:43:e4:02:26:af:2a:50:ae:62:94:
e4:58:b0:2a:cf:42:34:48:d9:f4:6e:5b:ce:8d:0a:
6f:4a:b0:5b:2f:77:ce:39:59:95:71:fa:62:c5:b8:
96:83:66:59:f6:09:fc:5c:73:3b:a8:a3:fb:79:2e:
38:c7:4c:bf:75:2d:62:60:0d:f8:ad:d5:a3:ad:84:
11:de:05:39:58:7e:23:c4:b6:d0:33:88:5d:92:55:
b1:64:a4:44:c1:4b:5c:ce:ba:63:f4:ce:85:69:38:
36:ab:09:ff:79:34:85:24:52:3e:9d:f5:45:11:e6:
f2:0c:ac:b1:81:41:c6:05:ce:2e:92:f1:10:fb:b2:
6e:b6:d4:0b:b7:dd:0a:19:75:8a:06:c0:2a:f0:09:
7e:61:49:ba:2a:09:98:0d:de:e2:5b:49:6f:b9:42:
a6:03:45:02:3b:0c:f2:d4:67:44:8a:0a:18:d3:53:
ae:9c:a2:24:e3:10:16:4f:a9:ba:15:82:a4:bb:76:
40:da:a2:04:59:32:09:7f:04:cc:4f:b5:6f:20:4b:
dd:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:AA:2F:2A:F5:A7:4F:85:45:CE:4E:24:12:B3:69:7B:F6:58:7F:27
X509v3 Authority Key Identifier:
keyid:45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3139332e3234362e3136352e302f32342d3234203d3e20323135373237.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.246.165.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:c8:52:8b:9b:b0:59:05:08:76:23:01:d2:27:cb:7c:92:40:
0d:47:9e:17:12:1c:02:35:89:aa:09:26:13:1f:8e:7f:f7:0d:
fd:8b:9a:63:d2:80:75:14:a6:01:84:9b:dd:d2:b2:ef:fc:89:
65:12:81:65:24:39:34:df:25:89:80:99:a0:37:e2:76:78:5d:
8e:b0:58:1a:bb:3b:80:c3:07:90:d8:d2:92:ec:1d:1c:d4:3b:
96:27:f1:82:71:1e:8d:c6:97:e0:c1:17:fd:48:27:f4:d2:4c:
6d:6a:09:9e:d6:67:66:8c:c6:a7:6b:76:aa:58:ee:ff:66:36:
f6:17:cf:0b:c9:a0:b7:fe:ab:cd:88:23:33:c9:e9:a2:89:be:
0c:ac:dc:ac:ba:9c:e7:28:f4:1b:b7:3a:91:61:a9:26:97:c2:
c3:8c:7a:42:90:58:aa:23:5b:db:66:f9:e3:67:d1:0c:0e:56:
39:c6:66:28:45:b2:a0:b8:6d:39:ea:b3:f0:4d:25:41:11:c6:
13:bc:64:b5:24:40:02:9a:9e:d9:23:c0:7b:6c:c9:db:9b:7d:
3b:5f:2f:3a:c7:9b:c7:2c:20:70:b6:be:6c:84:01:0a:0d:2b:
b0:6d:83:6f:06:4d:93:f5:c2:3f:d5:a0:9d:83:c1:ca:49:7c:
fe:87:e3:89
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUWp+qkF0cOGGvf9yPa2V6UfiKUp8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDVlODY0OGU0NDVkY2NkMGQ4ZWU2OTlmNTE0MGJiODE0
ZTQzYWUxYjAeFw0yNTExMDUwNzI4MDRaFw0yNjExMDQwNzMzMDRaMDMxMTAvBgNV
BAMTKDMwQUEyRjJBRjVBNzRGODU0NUNFNEUyNDEyQjM2OTdCRjY1ODdGMjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDp6ukN2bm1bEUufcfOgmgVxQXZ
iPG0LYZ1YmWQh/G7Y5DN90YU+Un/ouBeGAiI5blzQ+QCJq8qUK5ilORYsCrPQjRI
2fRuW86NCm9KsFsvd845WZVx+mLFuJaDZln2Cfxcczuoo/t5LjjHTL91LWJgDfit
1aOthBHeBTlYfiPEttAziF2SVbFkpETBS1zOumP0zoVpODarCf95NIUkUj6d9UUR
5vIMrLGBQcYFzi6S8RD7sm621Au33QoZdYoGwCrwCX5hSboqCZgN3uJbSW+5QqYD
RQI7DPLUZ0SKChjTU66coiTjEBZPqboVgqS7dkDaogRZMgl/BMxPtW8gS90FAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUMKovKvWnT4VFzk4kErNpe/ZYfycwHwYDVR0j
BBgwFoAURehkjkRdzNDY7mmfUUC7gU5DrhswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTMzYjJmZDctMzFjMS00NTFjLTgyODgtYzFhYTBhYTEy
NzUwLzAvNDVFODY0OEU0NDVEQ0NEMEQ4RUU2OTlGNTE0MEJCODE0RTQzQUUxQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JlaGtqa1Jkek5EWTdtbWZVVUM3Z1U1
RHJocy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTMzYjJmZDct
MzFjMS00NTFjLTgyODgtYzFhYTBhYTEyNzUwLzAvMzEzOTMzMmUzMjM0MzYyZTMx
MzYzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNTM3MzIzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMH2pTANBgkqhkiG9w0BAQsFAAOCAQEAH8hSi5uwWQUIdiMB0ifLfJJADUee
FxIcAjWJqgkmEx+Of/cN/YuaY9KAdRSmAYSb3dKy7/yJZRKBZSQ5NN8liYCZoDfi
dnhdjrBYGrs7gMMHkNjSkuwdHNQ7lifxgnEejcaX4MEX/Ugn9NJMbWoJntZnZozG
p2t2qlju/2Y29hfPC8mgt/6rzYgjM8npoom+DKzcrLqc5yj0G7c6kWGpJpfCw4x6
QpBYqiNb22b542fRDA5WOcZmKEWyoLhtOeqz8E0lQRHGE7xktSRAApqe2SPAe2zJ
25t9O18vOsebxywgcLa+bIQBCg0rsG2DbwZNk/XCP9WgnYPBykl8/ofjiQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 11:40:22 2025 by rpki-client