Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37312e302f32342d3234203d3e203631333137.roa
File: 3231332e3133392e37312e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: DZpFNtIJlcLHmoaMDeodOmCa2IVlyKcWWOjWi093JRY=
Subject key identifier: EF:9B:ED:8F:E8:8B:A7:32:01:B4:AA:66:F7:67:B4:7B:96:41:1E:D3
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 437C4568013DE05C52B3D2E77673771D0ACF9174
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37312e302f32342d3234203d3e203631333137.roa
Signing time: Wed 29 Oct 2025 13:55:10 +0000
ROA not before: Wed 29 Oct 2025 13:50:10 +0000
ROA not after: Wed 28 Oct 2026 13:55:10 +0000
asID: 61317
IP address blocks: 213.139.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:58:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:7c:45:68:01:3d:e0:5c:52:b3:d2:e7:76:73:77:1d:0a:cf:91:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: Oct 29 13:50:10 2025 GMT
Not After : Oct 28 13:55:10 2026 GMT
Subject: CN=EF9BED8FE88BA73201B4AA66F767B47B96411ED3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e6:22:09:99:f8:70:96:96:a6:5f:d7:f0:c4:
e4:e4:0a:e9:d4:18:0d:a8:cd:28:62:60:dd:93:83:
63:ac:2b:7f:75:60:b1:a7:e7:10:3a:9e:cb:26:25:
31:32:02:90:0a:bc:ef:66:13:5e:18:0c:c4:24:10:
82:0b:1a:3f:7c:ea:89:76:21:e8:36:ee:ea:bd:6a:
f7:e3:24:a6:8c:fa:40:28:1e:f2:47:ac:c3:e6:46:
12:28:3a:2d:aa:63:6d:04:25:3b:4f:5d:1e:dd:3c:
23:1c:d1:d2:e3:42:1f:98:71:34:dc:0a:36:df:d7:
36:77:9d:ce:c6:93:ae:bd:82:db:38:bd:0e:09:78:
de:c1:2e:83:e8:c0:1d:db:14:db:75:31:64:95:c9:
27:8d:24:95:66:e8:17:03:66:7d:3b:b9:1f:8d:1d:
cf:d4:48:bb:af:70:d2:01:e4:40:85:79:3f:1a:fb:
91:fe:2a:eb:23:bc:ec:d7:9d:7f:45:f1:88:ae:64:
a1:11:9c:73:47:7f:73:2e:f9:ed:28:1f:e5:b0:35:
12:43:4b:7a:f1:bb:79:5e:23:d7:29:02:67:69:5d:
7c:2f:cd:d5:ef:6e:df:e9:fa:09:b3:f3:f7:d7:06:
69:67:00:dd:29:a2:1e:32:3e:e8:57:4d:e8:17:aa:
61:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:9B:ED:8F:E8:8B:A7:32:01:B4:AA:66:F7:67:B4:7B:96:41:1E:D3
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37312e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.71.0/24
Signature Algorithm: sha256WithRSAEncryption
79:fa:e0:4d:c1:d2:a9:cf:e1:32:18:dc:16:48:09:22:99:c4:
15:f3:a9:eb:e0:94:53:16:1d:21:b3:14:31:33:f3:49:4b:b0:
fa:81:26:1e:77:87:28:59:50:7d:e8:88:e8:77:77:eb:e4:d1:
0c:37:35:21:59:eb:c0:f2:f8:45:c8:83:2a:82:9e:b3:61:6c:
0e:85:cb:72:49:bd:d6:ff:a0:43:0a:f5:f1:07:6b:67:64:59:
73:f8:7d:83:13:3f:b8:d6:10:72:40:12:16:5c:77:09:7d:73:
75:1a:8d:74:b6:69:04:18:f1:96:d1:22:d4:5c:1f:fe:f3:cc:
8d:3b:32:e1:9f:5f:e0:e3:48:10:7b:7c:97:35:9f:37:4e:6e:
9b:6a:a2:65:0f:01:a4:52:44:b5:3d:32:8b:be:81:1e:f7:1e:
27:b6:e6:4c:10:91:21:d7:f4:62:ca:a3:f0:0b:e5:da:5c:e7:
41:b7:d0:f9:d7:e4:61:77:66:6a:88:26:d8:90:0d:c7:1a:a5:
81:60:1e:af:9a:a1:ef:f8:9d:0e:2d:ac:cd:c5:c9:e6:c8:45:
0a:63:c7:43:dc:d9:cb:7e:0c:09:b2:cc:10:17:84:a0:42:c3:
4a:ab:e3:c8:5c:fa:db:7e:c1:9d:97:fe:23:39:7d:ce:8e:aa:
15:c6:ab:3d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUQ3xFaAE94FxSs9LndnN3HQrPkXQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNTEwMjkxMzUwMTBaFw0yNjEwMjgxMzU1MTBaMDMxMTAvBgNV
BAMTKEVGOUJFRDhGRTg4QkE3MzIwMUI0QUE2NkY3NjdCNDdCOTY0MTFFRDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCV5iIJmfhwlpamX9fwxOTkCunU
GA2ozShiYN2Tg2OsK391YLGn5xA6nssmJTEyApAKvO9mE14YDMQkEIILGj986ol2
Ieg27uq9avfjJKaM+kAoHvJHrMPmRhIoOi2qY20EJTtPXR7dPCMc0dLjQh+YcTTc
Cjbf1zZ3nc7Gk669gts4vQ4JeN7BLoPowB3bFNt1MWSVySeNJJVm6BcDZn07uR+N
Hc/USLuvcNIB5ECFeT8a+5H+KusjvOzXnX9F8YiuZKERnHNHf3Mu+e0oH+WwNRJD
S3rxu3leI9cpAmdpXXwvzdXvbt/p+gmz8/fXBmlnAN0poh4yPuhXTegXqmEnAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU75vtj+iLpzIBtKpm92e0e5ZBHtMwHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM3
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMxMzMzMTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1YtHMA0GCSqGSIb3DQEBCwUAA4IBAQB5+uBNwdKpz+EyGNwWSAkimcQV86nr4JRT
Fh0hsxQxM/NJS7D6gSYed4coWVB96Ijod3fr5NEMNzUhWevA8vhFyIMqgp6zYWwO
hctySb3W/6BDCvXxB2tnZFlz+H2DEz+41hByQBIWXHcJfXN1Go10tmkEGPGW0SLU
XB/+88yNOzLhn1/g40gQe3yXNZ83Tm6baqJlDwGkUkS1PTKLvoEe9x4ntuZMEJEh
1/RiyqPwC+XaXOdBt9D51+Rhd2ZqiCbYkA3HGqWBYB6vmqHv+J0OLazNxcnmyEUK
Y8dD3NnLfgwJsswQF4SgQsNKq+PIXPrbfsGdl/4jOX3OjqoVxqs9
-----END CERTIFICATE-----
Generated at Tue Nov 4 12:54:34 2025 by rpki-client