Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3139332e3234362e3136342e302f32342d3234203d3e20313335333931.roa
File: 3139332e3234362e3136342e302f32342d3234203d3e20313335333931.roa (raw, json)
Hash identifier: sk6hJe0B3fbre8EJy/p0tSvvdrhb9rrNjPQpFankbx8=
Subject key identifier: 3A:0E:CE:60:30:63:27:1F:E6:5B:79:7C:C1:88:9B:48:69:5C:5C:20
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 3BDDDE364A7CCC0E18FE9DE0C3DC1D132F1FA04F
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3139332e3234362e3136342e302f32342d3234203d3e20313335333931.roa
Signing time: Fri 06 Jun 2025 02:04:26 +0000
ROA not before: Fri 06 Jun 2025 01:59:26 +0000
ROA not after: Fri 05 Jun 2026 02:04:26 +0000
asID: 135391
IP address blocks: 193.246.164.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 00:12:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:dd:de:36:4a:7c:cc:0e:18:fe:9d:e0:c3:dc:1d:13:2f:1f:a0:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Jun 6 01:59:26 2025 GMT
Not After : Jun 5 02:04:26 2026 GMT
Subject: CN=3A0ECE603063271FE65B797CC1889B48695C5C20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:9a:bc:eb:1c:98:89:16:b6:7f:1c:5c:79:a9:
3f:83:73:f2:b7:cd:ab:ad:0c:8b:9f:0b:bb:fa:e8:
89:92:5a:5c:ba:17:19:2a:f3:48:61:f2:cb:ec:4f:
27:d5:80:b0:61:f6:a9:2e:53:5d:07:6e:64:14:20:
59:18:1c:5f:37:1f:2d:60:e8:9d:1d:3a:6c:47:14:
35:bc:f0:11:c7:77:81:5e:91:b7:0f:0d:1d:49:6f:
ba:87:07:ea:0f:9c:11:0a:32:2c:0e:d9:fa:0b:87:
40:45:d0:94:52:de:78:d8:d2:98:b0:16:12:6c:89:
b4:9d:08:33:1f:01:6a:34:83:00:0e:e9:ae:56:e4:
50:a9:8e:82:61:15:8f:8c:30:00:d6:96:3e:21:19:
0d:64:ca:e5:35:9b:8d:ed:c6:7d:60:04:8a:fd:55:
3f:2a:88:52:cf:2a:51:f0:77:4e:02:95:fd:ea:ed:
c8:00:4e:9c:cf:75:c4:b7:f2:22:8a:c6:ba:7b:e8:
c3:08:b6:d5:d0:8f:73:1b:40:b9:08:37:90:9f:35:
95:11:59:c3:f6:16:28:0f:df:bd:f1:54:6a:ef:66:
d1:b8:0a:8e:5d:4f:a5:f3:db:16:ea:02:d1:0d:f0:
73:68:ef:23:d4:11:07:78:82:9c:c5:6f:a7:9c:5a:
42:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:0E:CE:60:30:63:27:1F:E6:5B:79:7C:C1:88:9B:48:69:5C:5C:20
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3139332e3234362e3136342e302f32342d3234203d3e20313335333931.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.246.164.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:18:c4:08:95:2a:92:16:19:6c:ab:5e:db:72:12:ad:e3:a8:
e9:7d:8c:49:74:54:80:ec:92:8c:6d:b3:12:8a:07:3d:4d:0d:
3e:11:00:08:0c:e6:0b:3a:2a:57:68:28:d2:e6:e1:25:0e:d2:
e0:80:f9:f3:ab:47:bc:09:ea:f5:ab:31:ee:96:ea:40:01:2c:
ce:41:18:c7:e0:d5:0b:23:c8:8d:8c:91:01:df:fa:b9:eb:00:
83:43:cc:08:2a:a3:44:59:1a:56:79:ad:f1:b8:1b:a1:62:2d:
ec:87:cd:0d:85:83:56:1b:bb:8a:7f:a1:a1:c3:b2:8a:b0:6b:
65:48:72:5e:e0:0c:fa:63:af:80:0b:35:bc:7e:bc:c3:06:3d:
03:9a:b3:72:0f:f3:bc:7f:61:5f:ca:97:a1:21:bf:29:0f:c4:
40:bb:e9:98:b7:a2:86:72:65:8b:86:b1:ca:84:34:62:2c:fc:
3c:35:df:cd:39:61:45:60:88:d7:10:39:aa:6c:0d:44:2f:8d:
fa:ba:53:f4:ab:56:4e:50:4c:55:db:a5:ff:ed:5f:69:1a:4a:
e6:03:52:45:6b:bd:41:28:c6:89:19:58:d5:87:93:e6:2b:b3:
ec:82:24:ce:9d:41:32:ef:a4:49:09:31:aa:49:92:61:db:5d:
3a:95:96:9a
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUO93eNkp8zA4Y/p3gw9wdEy8foE8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNTA2MDYwMTU5MjZaFw0yNjA2MDUwMjA0MjZaMDMxMTAvBgNV
BAMTKDNBMEVDRTYwMzA2MzI3MUZFNjVCNzk3Q0MxODg5QjQ4Njk1QzVDMjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSmrzrHJiJFrZ/HFx5qT+Dc/K3
zautDIufC7v66ImSWly6Fxkq80hh8svsTyfVgLBh9qkuU10HbmQUIFkYHF83Hy1g
6J0dOmxHFDW88BHHd4FekbcPDR1Jb7qHB+oPnBEKMiwO2foLh0BF0JRS3njY0piw
FhJsibSdCDMfAWo0gwAO6a5W5FCpjoJhFY+MMADWlj4hGQ1kyuU1m43txn1gBIr9
VT8qiFLPKlHwd04Clf3q7cgATpzPdcS38iKKxrp76MMIttXQj3MbQLkIN5CfNZUR
WcP2FigP373xVGrvZtG4Co5dT6Xz2xbqAtEN8HNo7yPUEQd4gpzFb6ecWkJhAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUOg7OYDBjJx/mW3l8wYibSGlcXCAwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzOTMzMmUzMjM0MzYyZTMx
MzYzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNTMzMzkzMS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMH2pDANBgkqhkiG9w0BAQsFAAOCAQEAnhjECJUqkhYZbKte23ISreOo6X2M
SXRUgOySjG2zEooHPU0NPhEACAzmCzoqV2go0ubhJQ7S4ID586tHvAnq9asx7pbq
QAEszkEYx+DVCyPIjYyRAd/6uesAg0PMCCqjRFkaVnmt8bgboWIt7IfNDYWDVhu7
in+hocOyirBrZUhyXuAM+mOvgAs1vH68wwY9A5qzcg/zvH9hX8qXoSG/KQ/EQLvp
mLeihnJli4axyoQ0Yiz8PDXfzTlhRWCI1xA5qmwNRC+N+rpT9KtWTlBMVdul/+1f
aRpK5gNSRWu9QSjGiRlY1YeT5iuz7IIkzp1BMu+kSQkxqkmSYdtdOpWWmg==
-----END CERTIFICATE-----
Generated at Sun Jun 15 13:20:05 2025 by rpki-client