Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3139332e3234362e3136352e302f32342d3234203d3e2035353131.roa
File: 3139332e3234362e3136352e302f32342d3234203d3e2035353131.roa (raw, json)
Hash identifier: dGzL7JETjjIym98dnO672H+l9ARVq+lFYDpH7EjSgtE=
Subject key identifier: 17:C4:95:44:E4:B7:FB:A9:5F:DE:70:5D:64:D3:DE:67:2F:DE:E0:A1
Certificate issuer: /CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Certificate serial: 52719855D046ECFBFAA0C09E85E5AC1ECA44D90C
Authority key identifier: 45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3139332e3234362e3136352e302f32342d3234203d3e2035353131.roa
Signing time: Wed 05 Nov 2025 07:32:33 +0000
ROA not before: Wed 05 Nov 2025 07:27:33 +0000
ROA not after: Wed 04 Nov 2026 07:32:33 +0000
asID: 5511
IP address blocks: 193.246.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 10:59:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:71:98:55:d0:46:ec:fb:fa:a0:c0:9e:85:e5:ac:1e:ca:44:d9:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Validity
Not Before: Nov 5 07:27:33 2025 GMT
Not After : Nov 4 07:32:33 2026 GMT
Subject: CN=17C49544E4B7FBA95FDE705D64D3DE672FDEE0A1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:8a:e8:8e:11:34:66:35:02:c2:0c:fe:f0:6c:
53:17:56:8e:5f:48:89:f7:e5:82:b2:5d:7b:da:56:
83:a0:c7:f7:58:05:4c:13:84:7d:7a:55:1b:71:12:
7d:b0:ba:04:3a:06:a9:90:83:52:6a:65:80:c0:ab:
f4:cf:88:2d:43:a2:d8:c6:59:20:6b:bb:8a:52:f4:
59:33:f8:f5:fe:c2:69:5f:08:ff:2d:2c:8b:42:90:
89:8d:9e:be:a2:ad:6a:51:1e:68:c4:46:c9:7a:dc:
fd:54:a3:a0:a3:b1:9b:7f:0b:45:11:7d:ad:a0:1a:
2d:2f:51:d3:a8:f4:af:5f:d0:35:6e:ae:5b:b3:8c:
c7:38:ad:cd:1d:e2:e2:e7:d7:c4:8d:76:dc:ff:01:
69:b0:36:8b:91:25:36:8d:99:05:ea:c8:1a:29:ad:
91:24:73:bd:a8:69:a5:29:34:95:7c:77:97:15:c6:
c5:97:b5:3c:63:e4:89:87:65:41:ec:95:21:7d:95:
92:69:95:7e:f3:e4:33:21:db:ca:d7:86:b0:9f:c7:
cc:1a:19:b2:98:2a:ff:7a:80:7a:27:b5:46:73:86:
2a:0b:4b:12:a9:45:ca:fa:c1:73:5e:f8:95:24:b8:
de:ae:da:d2:2f:a4:30:c0:7a:5a:b1:d7:47:78:5c:
85:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:C4:95:44:E4:B7:FB:A9:5F:DE:70:5D:64:D3:DE:67:2F:DE:E0:A1
X509v3 Authority Key Identifier:
keyid:45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3139332e3234362e3136352e302f32342d3234203d3e2035353131.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.246.165.0/24
Signature Algorithm: sha256WithRSAEncryption
40:fa:20:ac:ff:dd:c9:86:cb:47:c5:03:2d:49:04:18:75:b5:
55:27:75:23:43:1a:71:a8:b2:2f:ce:91:9d:8e:20:8c:58:f4:
17:f8:06:d4:a6:11:39:53:82:c7:4c:4e:02:28:e9:0d:22:df:
27:f2:ab:0f:64:9c:e4:9e:2f:a3:cd:a7:3e:b0:23:e5:0a:3b:
b7:2c:92:e3:b3:3f:9f:22:2f:10:1b:88:14:55:7e:38:a5:05:
25:f0:50:57:13:69:6c:11:ee:3f:6b:64:8a:57:68:75:c1:52:
1e:7f:c3:1b:0f:0f:7d:02:5f:09:26:dd:0c:cb:11:35:af:7b:
02:30:1e:19:fd:59:ef:d7:38:0c:9f:45:fb:95:05:15:9a:ad:
38:bf:c9:28:62:12:95:5d:5b:05:c8:f7:0d:30:92:6a:75:3d:
25:5c:dc:91:21:47:e1:a8:3a:11:b4:3c:05:c5:a6:1f:fa:59:
54:5a:45:06:a0:c7:ac:dc:ed:6c:26:24:e4:e8:ca:43:91:ab:
1b:2f:62:ee:8c:37:db:40:fd:42:80:bc:0f:31:49:44:99:0e:
8c:c7:8e:99:fe:0f:26:2d:a9:32:b9:73:73:f7:86:48:68:bd:
9d:ef:b6:4f:d3:96:30:81:25:36:61:21:b9:f0:3b:65:28:9b:
a0:fc:d9:7b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUUnGYVdBG7Pv6oMCeheWsHspE2QwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDVlODY0OGU0NDVkY2NkMGQ4ZWU2OTlmNTE0MGJiODE0
ZTQzYWUxYjAeFw0yNTExMDUwNzI3MzNaFw0yNjExMDQwNzMyMzNaMDMxMTAvBgNV
BAMTKDE3QzQ5NTQ0RTRCN0ZCQTk1RkRFNzA1RDY0RDNERTY3MkZERUUwQTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWiuiOETRmNQLCDP7wbFMXVo5f
SIn35YKyXXvaVoOgx/dYBUwThH16VRtxEn2wugQ6BqmQg1JqZYDAq/TPiC1DotjG
WSBru4pS9Fkz+PX+wmlfCP8tLItCkImNnr6irWpRHmjERsl63P1Uo6CjsZt/C0UR
fa2gGi0vUdOo9K9f0DVurluzjMc4rc0d4uLn18SNdtz/AWmwNouRJTaNmQXqyBop
rZEkc72oaaUpNJV8d5cVxsWXtTxj5ImHZUHslSF9lZJplX7z5DMh28rXhrCfx8wa
GbKYKv96gHontUZzhioLSxKpRcr6wXNe+JUkuN6u2tIvpDDAelqx10d4XIWxAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUF8SVROS3+6lf3nBdZNPeZy/e4KEwHwYDVR0j
BBgwFoAURehkjkRdzNDY7mmfUUC7gU5DrhswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTMzYjJmZDctMzFjMS00NTFjLTgyODgtYzFhYTBhYTEy
NzUwLzAvNDVFODY0OEU0NDVEQ0NEMEQ4RUU2OTlGNTE0MEJCODE0RTQzQUUxQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JlaGtqa1Jkek5EWTdtbWZVVUM3Z1U1
RHJocy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTMzYjJmZDct
MzFjMS00NTFjLTgyODgtYzFhYTBhYTEyNzUwLzAvMzEzOTMzMmUzMjM0MzYyZTMx
MzYzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzUzMTMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wfalMA0GCSqGSIb3DQEBCwUAA4IBAQBA+iCs/93JhstHxQMtSQQYdbVVJ3UjQxpx
qLIvzpGdjiCMWPQX+AbUphE5U4LHTE4CKOkNIt8n8qsPZJzkni+jzac+sCPlCju3
LJLjsz+fIi8QG4gUVX44pQUl8FBXE2lsEe4/a2SKV2h1wVIef8MbDw99Al8JJt0M
yxE1r3sCMB4Z/Vnv1zgMn0X7lQUVmq04v8koYhKVXVsFyPcNMJJqdT0lXNyRIUfh
qDoRtDwFxaYf+llUWkUGoMes3O1sJiTk6MpDkasbL2LujDfbQP1CgLwPMUlEmQ6M
x46Z/g8mLakyuXNz94ZIaL2d77ZP05YwgSU2YSG58DtlKJug/Nl7
-----END CERTIFICATE-----
Generated at Wed Nov 5 19:04:44 2025 by rpki-client