Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/3139332e3136332e3132372e302f32342d3234203d3e20313439393438.roa
File: 3139332e3136332e3132372e302f32342d3234203d3e20313439393438.roa (raw, json)
Hash identifier: 1dKp6xe+eLRTQoCYGUtbaGkzNAIMlS65VuQGc12R6RA=
Subject key identifier: F3:7A:17:12:74:30:83:99:4F:C5:C4:88:EC:79:CA:38:5D:CF:30:69
Certificate issuer: /CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Certificate serial: 6ABE070F767D9C20DEC520C1D64B96016096E7A7
Authority key identifier: 8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/3139332e3136332e3132372e302f32342d3234203d3e20313439393438.roa
Signing time: Thu 31 Jul 2025 13:54:13 +0000
ROA not before: Thu 31 Jul 2025 13:49:13 +0000
ROA not after: Thu 30 Jul 2026 13:54:13 +0000
asID: 149948
IP address blocks: 193.163.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.mft
rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Aug 2025 08:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:be:07:0f:76:7d:9c:20:de:c5:20:c1:d6:4b:96:01:60:96:e7:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Validity
Not Before: Jul 31 13:49:13 2025 GMT
Not After : Jul 30 13:54:13 2026 GMT
Subject: CN=F37A1712743083994FC5C488EC79CA385DCF3069
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:21:39:ab:16:04:fb:35:a7:4b:ce:68:b0:c5:
e9:12:fa:4a:4b:88:b4:3e:b2:c6:6c:8a:23:a5:08:
2d:d3:df:77:e4:8e:20:04:e7:52:94:8b:4f:cf:70:
d4:80:42:b9:d7:2f:a4:78:8f:a1:69:85:ab:3c:41:
5a:03:33:78:48:a9:86:30:fb:d9:ed:3e:9e:6c:a7:
1b:29:9c:b5:97:1b:45:36:1b:e6:5a:ee:85:59:86:
db:ee:54:76:a6:33:b3:07:9b:0c:29:d8:a5:fc:e5:
42:52:df:85:f0:65:e6:eb:2e:51:e6:b5:33:15:87:
6f:85:1e:c0:fb:c9:2b:7a:ea:44:82:6a:49:d9:7c:
23:b2:cc:f5:8d:4a:0f:11:90:d7:7c:0b:8d:b3:b9:
a1:cc:84:85:d4:77:65:17:a2:aa:e0:ab:f9:00:7d:
54:ab:2b:95:cf:9a:7a:fd:17:f3:ff:8a:21:80:b5:
28:4c:2a:fc:af:b8:cc:97:c5:7a:f3:f7:de:0f:55:
e0:d6:8c:d3:d2:5d:ab:66:0d:ba:91:e5:1f:6d:8e:
64:42:83:42:21:21:d5:eb:34:5a:50:e8:2e:d3:8e:
da:72:e6:e6:04:2e:49:e0:41:a5:47:94:f2:c6:7c:
51:94:a7:23:a2:b9:ce:55:7f:c3:74:92:2c:45:bb:
a0:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:7A:17:12:74:30:83:99:4F:C5:C4:88:EC:79:CA:38:5D:CF:30:69
X509v3 Authority Key Identifier:
keyid:8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/3139332e3136332e3132372e302f32342d3234203d3e20313439393438.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.163.127.0/24
Signature Algorithm: sha256WithRSAEncryption
77:eb:6b:47:e6:d2:5c:1a:97:85:c8:b0:d2:fa:ea:20:17:5d:
dd:a2:80:dc:17:4a:bf:8b:e3:a9:65:e4:41:2b:87:3c:37:cc:
2e:06:62:e6:6e:04:f0:28:89:ec:90:83:7b:8d:c9:0c:10:13:
59:93:81:88:14:c3:69:f3:c5:10:32:89:8d:f9:e7:be:52:f0:
6a:5c:a0:a9:86:94:a4:41:7c:15:cf:46:32:81:2b:dd:40:58:
cc:7b:6c:2f:05:1f:85:38:7d:b1:3a:be:88:a7:c6:6d:52:b5:
08:01:d4:ab:c4:7d:4c:72:d4:3c:5e:04:c4:90:67:2b:31:f0:
18:47:c0:60:ac:25:0a:72:c7:be:43:d6:17:28:73:68:b7:42:
c0:eb:3f:7c:ab:6e:d8:ba:07:7e:71:38:89:3f:09:cf:49:3d:
94:e8:3d:ff:f8:be:2c:aa:3a:28:4f:70:5f:9f:ff:d1:c9:ed:
01:63:3a:78:a9:ed:f0:e4:08:e5:87:8e:6e:75:3a:0c:65:a6:
ed:d3:d5:a2:d6:ab:a0:fc:ba:8a:2f:24:69:96:ad:fa:1a:5c:
78:f3:a2:34:63:0f:2b:4a:71:dd:4c:58:6a:45:b4:59:4d:c4:
a7:fa:66:bd:41:77:a9:8f:c3:ec:ab:2b:62:51:2d:06:d3:4e:
72:e9:48:73
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUar4HD3Z9nCDexSDB1kuWAWCW56cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGY0Y2U3NzIyZjk5MDc1ZDk0NzM4YjdlNjEwNzA0MDEy
NjllYjNkNjAeFw0yNTA3MzExMzQ5MTNaFw0yNjA3MzAxMzU0MTNaMDMxMTAvBgNV
BAMTKEYzN0ExNzEyNzQzMDgzOTk0RkM1QzQ4OEVDNzlDQTM4NURDRjMwNjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2ITmrFgT7NadLzmiwxekS+kpL
iLQ+ssZsiiOlCC3T33fkjiAE51KUi0/PcNSAQrnXL6R4j6Fphas8QVoDM3hIqYYw
+9ntPp5spxspnLWXG0U2G+Za7oVZhtvuVHamM7MHmwwp2KX85UJS34XwZebrLlHm
tTMVh2+FHsD7ySt66kSCaknZfCOyzPWNSg8RkNd8C42zuaHMhIXUd2UXoqrgq/kA
fVSrK5XPmnr9F/P/iiGAtShMKvyvuMyXxXrz994PVeDWjNPSXatmDbqR5R9tjmRC
g0IhIdXrNFpQ6C7Tjtpy5uYELkngQaVHlPLGfFGUpyOiuc5Vf8N0kixFu6CzAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU83oXEnQwg5lPxcSI7HnKOF3PMGkwHwYDVR0j
BBgwFoAUj0znci+ZB12Uc4t+YQcEASaes9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUtNTExMC00MjU3LTk0ZWYtNGQyYjQzODg0
MDQwLzAvOEY0Q0U3NzIyRjk5MDc1RDk0NzM4QjdFNjEwNzA0MDEyNjlFQjNENi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2owem5jaS1aQjEyVWM0dC1ZUWNFQVNh
ZXM5WS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUt
NTExMC00MjU3LTk0ZWYtNGQyYjQzODg0MDQwLzAvMzEzOTMzMmUzMTM2MzMyZTMx
MzIzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzOTM5MzQzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMGjfzANBgkqhkiG9w0BAQsFAAOCAQEAd+trR+bSXBqXhciw0vrqIBdd3aKA
3BdKv4vjqWXkQSuHPDfMLgZi5m4E8CiJ7JCDe43JDBATWZOBiBTDafPFEDKJjfnn
vlLwalygqYaUpEF8Fc9GMoEr3UBYzHtsLwUfhTh9sTq+iKfGbVK1CAHUq8R9THLU
PF4ExJBnKzHwGEfAYKwlCnLHvkPWFyhzaLdCwOs/fKtu2LoHfnE4iT8Jz0k9lOg9
//i+LKo6KE9wX5//0cntAWM6eKnt8OQI5YeObnU6DGWm7dPVotaroPy6ii8kaZat
+hpcePOiNGMPK0px3UxYakW0WU3Ep/pmvUF3qY/D7KsrYlEtBtNOculIcw==
-----END CERTIFICATE-----
Generated at Thu Aug 7 13:00:58 2025 by rpki-client