Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e36362e302f32342d3234203d3e203134363138.roa
File: 3231332e3133392e36362e302f32342d3234203d3e203134363138.roa (raw, json)
Hash identifier: D6sys78d1VHUPnQGvPOUfa9pG9olePRUcwiyJ1CBP8Y=
Subject key identifier: 44:B0:38:13:98:77:05:D6:1E:90:9A:D8:B3:4A:B9:3A:A9:C5:D3:41
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 57FABAE7D077DFDAD08D24FF23415614D0C2BBF7
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e36362e302f32342d3234203d3e203134363138.roa
Signing time: Wed 29 Oct 2025 06:55:10 +0000
ROA not before: Wed 29 Oct 2025 06:50:10 +0000
ROA not after: Wed 28 Oct 2026 06:55:10 +0000
asID: 14618
IP address blocks: 213.139.66.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:58:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:fa:ba:e7:d0:77:df:da:d0:8d:24:ff:23:41:56:14:d0:c2:bb:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Oct 29 06:50:10 2025 GMT
Not After : Oct 28 06:55:10 2026 GMT
Subject: CN=44B03813987705D61E909AD8B34AB93AA9C5D341
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ee:d5:cb:e0:f0:16:5f:41:39:6d:a3:28:de:
95:1e:75:57:5b:2e:af:ad:5b:4e:c2:5b:23:e7:47:
24:b5:b9:cf:64:a1:07:34:5f:10:46:e7:36:0f:04:
14:df:0c:0f:65:b5:45:b6:65:0a:68:52:89:04:e5:
ff:48:cc:09:be:fb:21:f3:5e:9b:e1:e8:b0:5d:99:
d9:d6:53:61:a6:e6:98:40:a1:b0:44:7e:ee:2d:d2:
b2:6d:2b:28:09:d4:64:ac:61:ce:ca:e6:57:09:2f:
a1:9a:f2:bd:18:69:d9:94:a3:c3:b0:f1:f4:96:98:
fb:9e:54:af:65:f1:a5:59:55:d7:87:ee:50:f2:10:
84:55:9d:74:1a:b8:a6:b8:6b:02:9d:6b:54:74:1c:
2a:66:13:02:18:61:c6:ee:14:f1:80:7c:86:6b:84:
84:2d:f6:48:8d:cd:c4:62:db:9f:9f:eb:a3:96:e6:
de:32:a8:54:9b:07:88:61:21:d1:5a:42:9f:8e:7b:
8b:22:2c:cf:28:16:fa:d4:95:f9:37:9f:d5:09:63:
7e:68:a7:b9:2f:0c:74:ec:ae:1e:8c:99:dc:db:41:
6f:1c:13:23:ac:7b:94:3a:d4:72:1b:b4:f0:1f:f0:
a4:ca:22:37:9e:c6:ce:54:ba:ad:b0:a1:06:bb:89:
d0:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:B0:38:13:98:77:05:D6:1E:90:9A:D8:B3:4A:B9:3A:A9:C5:D3:41
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e36362e302f32342d3234203d3e203134363138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.66.0/24
Signature Algorithm: sha256WithRSAEncryption
76:37:b6:ba:bd:47:3c:c7:12:f3:30:3c:f3:90:dd:4d:0d:69:
92:25:91:62:96:14:18:ac:3b:a9:f0:59:fe:c0:4d:4f:d0:8b:
b0:63:ff:84:5c:44:82:0f:67:69:cf:4d:fa:51:36:e8:d9:0d:
89:b6:db:5e:d6:32:84:81:dc:d8:09:69:84:79:27:67:cf:41:
5d:b0:c1:c8:e2:dd:71:c5:f2:f2:d2:4f:23:3a:56:27:d6:f0:
d5:5b:74:0b:1a:7e:bc:83:8a:d2:a9:d0:f7:ab:fc:a5:aa:eb:
f0:f9:d5:aa:a4:8d:87:51:4c:8f:a1:2d:1e:4e:41:a6:df:e7:
b2:aa:11:7b:25:6b:59:6f:d0:99:54:05:27:b0:02:4d:a0:b5:
0d:01:a2:9d:a1:0d:5b:35:66:fc:1e:e8:d5:13:69:70:4d:5e:
76:28:b9:02:d5:73:50:2d:16:a1:86:ea:41:ea:b1:47:53:1c:
16:f0:a5:8e:19:ee:5f:06:7c:02:bc:b5:b4:22:90:11:c1:75:
29:26:7f:57:60:6e:a8:fa:3f:99:36:56:b6:a8:0a:38:81:d5:
17:23:f4:2e:9f:a0:5c:8d:da:3c:ed:b5:e6:8f:4e:34:97:26:
3f:8a:32:8b:c4:e7:a5:b8:31:55:a8:14:0d:46:a7:b1:0d:86:
d1:7d:c7:3a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUV/q659B339rQjST/I0FWFNDCu/cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNTEwMjkwNjUwMTBaFw0yNjEwMjgwNjU1MTBaMDMxMTAvBgNV
BAMTKDQ0QjAzODEzOTg3NzA1RDYxRTkwOUFEOEIzNEFCOTNBQTlDNUQzNDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC27tXL4PAWX0E5baMo3pUedVdb
Lq+tW07CWyPnRyS1uc9koQc0XxBG5zYPBBTfDA9ltUW2ZQpoUokE5f9IzAm++yHz
Xpvh6LBdmdnWU2Gm5phAobBEfu4t0rJtKygJ1GSsYc7K5lcJL6Ga8r0YadmUo8Ow
8fSWmPueVK9l8aVZVdeH7lDyEIRVnXQauKa4awKda1R0HCpmEwIYYcbuFPGAfIZr
hIQt9kiNzcRi25+f66OW5t4yqFSbB4hhIdFaQp+Oe4siLM8oFvrUlfk3n9UJY35o
p7kvDHTsrh6MmdzbQW8cEyOse5Q61HIbtPAf8KTKIjeexs5Uuq2woQa7idDhAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQURLA4E5h3BdYekJrYs0q5OqnF00EwHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM2
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM0MzYzMTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1YtCMA0GCSqGSIb3DQEBCwUAA4IBAQB2N7a6vUc8xxLzMDzzkN1NDWmSJZFilhQY
rDup8Fn+wE1P0IuwY/+EXESCD2dpz036UTbo2Q2Jttte1jKEgdzYCWmEeSdnz0Fd
sMHI4t1xxfLy0k8jOlYn1vDVW3QLGn68g4rSqdD3q/ylquvw+dWqpI2HUUyPoS0e
TkGm3+eyqhF7JWtZb9CZVAUnsAJNoLUNAaKdoQ1bNWb8HujVE2lwTV52KLkC1XNQ
LRahhupB6rFHUxwW8KWOGe5fBnwCvLW0IpARwXUpJn9XYG6o+j+ZNla2qAo4gdUX
I/Qun6Bcjdo87bXmj040lyY/ijKLxOeluDFVqBQNRqexDYbRfcc6
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:06:32 2025 by rpki-client