Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37302e302f32342d3234203d3e203631333137.roa
File: 3231332e3133392e37302e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: imvON1NIsf5RjQ1xycG0mxKjYBudQ7J1/WlKrbcZWA4=
Subject key identifier: F2:61:14:B8:45:F7:15:19:36:F0:2D:57:1D:3A:DD:CB:45:E5:11:BF
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 1BC0FD956E80C23254442CC184919ACF869BF97C
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37302e302f32342d3234203d3e203631333137.roa
Signing time: Wed 29 Oct 2025 13:55:10 +0000
ROA not before: Wed 29 Oct 2025 13:50:10 +0000
ROA not after: Wed 28 Oct 2026 13:55:10 +0000
asID: 61317
IP address blocks: 213.139.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:58:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:c0:fd:95:6e:80:c2:32:54:44:2c:c1:84:91:9a:cf:86:9b:f9:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Oct 29 13:50:10 2025 GMT
Not After : Oct 28 13:55:10 2026 GMT
Subject: CN=F26114B845F7151936F02D571D3ADDCB45E511BF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:9d:d5:68:1d:36:af:69:5c:42:03:e5:44:5f:
de:4c:a8:cd:b3:dc:74:76:f8:bd:c7:ef:78:91:c2:
25:96:29:de:7e:66:9d:63:5a:ae:17:ba:a8:69:58:
c5:06:75:06:0d:8c:9e:95:cc:6b:c8:ee:dd:d3:e2:
01:99:f0:aa:9a:af:fe:f6:45:6f:06:28:c8:0b:db:
d4:71:8d:e4:e6:63:95:8d:f6:61:19:ba:9f:ed:21:
17:55:48:f8:64:58:7f:68:f5:5d:36:b2:53:bf:a4:
1b:de:23:70:46:f6:23:07:4f:6a:f9:f8:e9:91:04:
11:4f:08:2e:d0:2a:1e:8e:03:8e:35:e6:20:c3:69:
25:73:4b:fd:19:1a:18:35:d4:c5:9e:44:79:06:e5:
cf:b5:15:02:a7:4b:b9:5b:75:27:12:37:d1:23:1c:
44:e8:88:45:a5:a3:34:d5:c6:18:14:06:62:b9:68:
97:40:7e:7e:30:44:9b:3d:dc:38:2b:37:79:9e:2b:
45:49:ba:69:cb:b9:17:22:9c:00:53:1c:63:8f:6d:
b9:bd:9e:c3:10:54:68:46:c4:7c:dc:47:98:be:da:
f0:62:59:d3:b3:87:df:d2:52:3f:cb:54:2d:41:4f:
6e:35:4c:5d:56:d9:ff:c2:07:ab:05:04:25:14:78:
db:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:61:14:B8:45:F7:15:19:36:F0:2D:57:1D:3A:DD:CB:45:E5:11:BF
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37302e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.70.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:20:c2:ed:33:7f:9a:75:aa:7c:8d:c9:60:ea:43:09:f9:07:
4c:80:14:a2:50:27:5b:f6:c9:54:2b:a7:d9:1f:1d:f4:de:a8:
35:f1:71:a4:10:e3:9a:3e:ee:10:28:88:c1:95:57:20:af:ba:
76:c7:ec:90:13:e7:a8:ad:84:1f:40:db:3a:f8:f1:31:b3:e1:
58:b9:70:a0:e8:4b:e2:11:6b:27:f3:85:67:ac:2c:9e:6d:0e:
c7:fa:01:9d:69:48:62:cc:d1:fc:be:75:5e:a2:e9:50:59:81:
93:c8:2e:d2:ba:2c:fd:67:54:25:04:24:5b:0e:07:f3:a4:3d:
e2:f0:31:20:ab:a3:3e:32:79:cc:50:51:08:a5:90:66:0b:ca:
84:f4:a2:07:b8:7a:4f:86:b6:89:db:9c:d4:9e:69:54:07:50:
b9:81:6b:4a:ab:78:01:25:db:f3:45:31:ad:e4:de:a9:64:a6:
9b:a5:1a:65:bc:0e:1f:6b:31:fb:4f:f1:1f:dd:6f:45:4c:91:
59:28:b1:49:20:dd:9b:29:b5:70:26:ef:1a:2f:dd:4d:8b:b1:
b9:4a:1e:b8:27:a6:3d:62:54:c6:8b:cb:e3:f8:fc:5a:2e:d5:
b0:d0:67:26:1b:b2:c4:7f:74:88:92:3d:69:46:2c:98:7c:04:
88:6a:09:42
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUG8D9lW6AwjJURCzBhJGaz4ab+XwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNTEwMjkxMzUwMTBaFw0yNjEwMjgxMzU1MTBaMDMxMTAvBgNV
BAMTKEYyNjExNEI4NDVGNzE1MTkzNkYwMkQ1NzFEM0FERENCNDVFNTExQkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVndVoHTavaVxCA+VEX95MqM2z
3HR2+L3H73iRwiWWKd5+Zp1jWq4XuqhpWMUGdQYNjJ6VzGvI7t3T4gGZ8Kqar/72
RW8GKMgL29RxjeTmY5WN9mEZup/tIRdVSPhkWH9o9V02slO/pBveI3BG9iMHT2r5
+OmRBBFPCC7QKh6OA4415iDDaSVzS/0ZGhg11MWeRHkG5c+1FQKnS7lbdScSN9Ej
HEToiEWlozTVxhgUBmK5aJdAfn4wRJs93DgrN3meK0VJumnLuRcinABTHGOPbbm9
nsMQVGhGxHzcR5i+2vBiWdOzh9/SUj/LVC1BT241TF1W2f/CB6sFBCUUeNsZAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU8mEUuEX3FRk28C1XHTrdy0XlEb8wHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM3
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMxMzMzMTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1YtGMA0GCSqGSIb3DQEBCwUAA4IBAQCoIMLtM3+adap8jclg6kMJ+QdMgBSiUCdb
9slUK6fZHx303qg18XGkEOOaPu4QKIjBlVcgr7p2x+yQE+eorYQfQNs6+PExs+FY
uXCg6EviEWsn84VnrCyebQ7H+gGdaUhizNH8vnVeoulQWYGTyC7Suiz9Z1QlBCRb
DgfzpD3i8DEgq6M+MnnMUFEIpZBmC8qE9KIHuHpPhraJ25zUnmlUB1C5gWtKq3gB
JdvzRTGt5N6pZKabpRplvA4fazH7T/Ef3W9FTJFZKLFJIN2bKbVwJu8aL91Ni7G5
Sh64J6Y9YlTGi8vj+PxaLtWw0GcmG7LEf3SIkj1pRiyYfASIaglC
-----END CERTIFICATE-----
Generated at Tue Nov 4 12:54:41 2025 by rpki-client