Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3137372e302f32342d3234203d3e20323135393331.roa
File: 3130392e3131302e3137372e302f32342d3234203d3e20323135393331.roa (raw, json)
Hash identifier: yft5CkVL/oFv+TtIpyvyPqzeWsGke/X9QpWfz/a80WM=
Subject key identifier: CF:AC:20:FA:3E:E7:34:49:63:C5:F4:57:1E:3E:46:F4:7F:D8:25:CB
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 6095398C5E9B74D9B9152B8A03843978961E318D
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3137372e302f32342d3234203d3e20323135393331.roa
Signing time: Thu 30 Oct 2025 12:44:13 +0000
ROA not before: Thu 30 Oct 2025 12:39:13 +0000
ROA not after: Thu 29 Oct 2026 12:44:13 +0000
asID: 215931
IP address blocks: 109.110.177.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:95:39:8c:5e:9b:74:d9:b9:15:2b:8a:03:84:39:78:96:1e:31:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Oct 30 12:39:13 2025 GMT
Not After : Oct 29 12:44:13 2026 GMT
Subject: CN=CFAC20FA3EE7344963C5F4571E3E46F47FD825CB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:8a:50:9a:ea:6d:41:60:c2:ec:6f:c3:c1:e5:
ca:3a:88:a8:20:33:c6:8f:c5:8f:e5:e1:1f:76:8f:
b6:95:31:77:0b:d9:bc:a7:83:05:86:6f:49:bc:b3:
72:e8:5b:6b:33:69:2b:2d:90:e3:10:9c:ee:35:87:
ab:83:6c:7d:6c:7c:ca:63:a4:09:23:21:50:c8:86:
82:ec:d4:40:78:03:08:81:19:d7:06:d0:6f:2d:4f:
00:d3:26:fd:b1:34:22:fd:7e:bb:79:91:fa:09:2d:
66:2e:00:e7:f8:95:97:40:7c:82:c5:68:36:06:3b:
3a:df:04:9c:f0:82:a2:6e:40:f9:73:11:38:d4:a3:
c4:8c:dc:25:56:53:c0:b4:c7:00:de:15:e9:fd:50:
03:9c:14:34:fc:5e:4b:9c:f7:af:91:a1:c6:18:72:
ab:16:b4:c6:e0:0d:0c:82:94:ed:c4:17:4a:8e:7b:
91:4f:36:6a:5b:1f:d8:52:fa:5f:95:0a:9b:d1:18:
76:3c:07:7e:2d:d5:6d:ae:42:78:e4:3e:02:41:6f:
d6:e2:e4:56:f0:1c:fd:0e:0c:5f:39:f1:24:ba:d9:
d3:ab:69:82:8b:d9:d3:60:9a:73:fe:f6:0a:9b:0d:
f3:81:ed:03:a3:54:40:6c:85:ca:e6:e2:a2:9b:aa:
1f:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:AC:20:FA:3E:E7:34:49:63:C5:F4:57:1E:3E:46:F4:7F:D8:25:CB
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3137372e302f32342d3234203d3e20323135393331.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.177.0/24
Signature Algorithm: sha256WithRSAEncryption
73:c1:f6:b3:11:61:5b:83:d8:c5:19:d9:53:ab:87:89:93:05:
1b:7b:80:4f:e3:9e:4e:ad:3b:7e:bc:89:18:69:5c:41:df:30:
55:4a:72:a2:e2:61:03:9a:d9:10:c9:a4:3c:f7:2c:04:88:83:
07:cf:4e:5a:6d:67:e9:57:b2:9f:3e:83:96:9d:cb:36:f9:d0:
95:58:1b:1b:67:e2:da:56:ce:ce:78:61:57:98:f7:ed:9e:17:
33:72:41:6c:54:e8:57:7a:bd:9b:a4:23:f6:77:b2:b0:46:66:
1e:02:8a:b3:e3:95:44:75:98:d8:5b:1b:e2:0b:72:89:d8:69:
fd:0f:c5:a2:bd:5e:0b:47:19:ac:e5:fa:78:ec:1f:05:4f:c6:
54:a1:22:43:37:9a:04:b9:59:70:ad:f8:03:5b:30:33:07:92:
b4:cd:a9:45:7d:12:6f:78:1f:2d:25:a8:8d:27:82:79:04:66:
71:0b:3e:cc:63:ca:10:60:57:b7:cf:5c:70:ed:94:0a:45:6d:
67:1e:de:aa:d2:b2:d3:28:bb:a0:33:3f:bf:3f:ae:a5:32:d3:
86:d0:19:52:24:be:9a:0b:21:e1:32:2c:bd:83:fe:a3:1f:1f:
06:fc:85:2d:49:16:8d:f6:ae:0a:d0:4e:02:57:f9:3e:9c:39:
cc:b3:43:a9
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUYJU5jF6bdNm5FSuKA4Q5eJYeMY0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNTEwMzAxMjM5MTNaFw0yNjEwMjkxMjQ0MTNaMDMxMTAvBgNV
BAMTKENGQUMyMEZBM0VFNzM0NDk2M0M1RjQ1NzFFM0U0NkY0N0ZEODI1Q0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAilCa6m1BYMLsb8PB5co6iKgg
M8aPxY/l4R92j7aVMXcL2byngwWGb0m8s3LoW2szaSstkOMQnO41h6uDbH1sfMpj
pAkjIVDIhoLs1EB4AwiBGdcG0G8tTwDTJv2xNCL9frt5kfoJLWYuAOf4lZdAfILF
aDYGOzrfBJzwgqJuQPlzETjUo8SM3CVWU8C0xwDeFen9UAOcFDT8Xkuc96+RocYY
cqsWtMbgDQyClO3EF0qOe5FPNmpbH9hS+l+VCpvRGHY8B34t1W2uQnjkPgJBb9bi
5FbwHP0ODF858SS62dOraYKL2dNgmnP+9gqbDfOB7QOjVEBshcrm4qKbqh+lAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUz6wg+j7nNEljxfRXHj5G9H/YJcswHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzczNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNTM5MzMzMS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAG1usTANBgkqhkiG9w0BAQsFAAOCAQEAc8H2sxFhW4PYxRnZU6uHiZMFG3uA
T+OeTq07fryJGGlcQd8wVUpyouJhA5rZEMmkPPcsBIiDB89OWm1n6Veynz6Dlp3L
NvnQlVgbG2fi2lbOznhhV5j37Z4XM3JBbFToV3q9m6Qj9neysEZmHgKKs+OVRHWY
2Fsb4gtyidhp/Q/For1eC0cZrOX6eOwfBU/GVKEiQzeaBLlZcK34A1swMweStM2p
RX0Sb3gfLSWojSeCeQRmcQs+zGPKEGBXt89ccO2UCkVtZx7eqtKy0yi7oDM/vz+u
pTLThtAZUiS+mgsh4TIsvYP+ox8fBvyFLUkWjfauCtBOAlf5Ppw5zLNDqQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 11:40:41 2025 by rpki-client