Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/3139332e33372e3233362e302f32342d3234203d3e203239383032.roa
File: 3139332e33372e3233362e302f32342d3234203d3e203239383032.roa (raw, json)
Hash identifier: NPxcG44HSvUhEjS0S2kkms3rMNVlot0JsRdIfylKbjg=
Subject key identifier: 39:4F:81:85:B6:67:A7:50:85:94:60:7F:DD:44:7F:BD:05:68:D6:82
Certificate issuer: /CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Certificate serial: 014331A09D50380C79C42A0F4CF184D980C0D4AA
Authority key identifier: 9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/3139332e33372e3233362e302f32342d3234203d3e203239383032.roa
Signing time: Tue 04 Nov 2025 18:55:11 +0000
ROA not before: Tue 04 Nov 2025 18:50:11 +0000
ROA not after: Tue 03 Nov 2026 18:55:11 +0000
asID: 29802
IP address blocks: 193.37.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:43:31:a0:9d:50:38:0c:79:c4:2a:0f:4c:f1:84:d9:80:c0:d4:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Validity
Not Before: Nov 4 18:50:11 2025 GMT
Not After : Nov 3 18:55:11 2026 GMT
Subject: CN=394F8185B667A7508594607FDD447FBD0568D682
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:ca:c6:27:99:f9:08:44:b3:c3:61:0e:a3:b7:
ba:ca:71:67:ec:f6:b2:58:90:ff:d1:5d:3d:38:51:
32:00:a9:39:f3:1c:d8:10:d9:10:04:df:d0:e6:22:
b0:b3:42:b6:d2:ba:db:e8:ee:4d:24:7d:ce:3c:19:
db:62:d7:d8:c2:50:a6:cc:92:d9:91:9e:09:20:2d:
a9:bb:76:4d:62:ee:a2:31:af:4a:39:4d:76:db:c6:
32:3f:b1:6c:9e:c6:17:e5:dc:8c:5c:62:07:0f:89:
94:e0:09:de:c7:7e:9b:2e:9f:38:70:64:b3:57:00:
39:c0:ee:92:50:5b:31:ab:b2:ed:84:5c:d1:af:dc:
51:8c:2c:1c:ca:15:07:52:b1:95:38:f4:a3:e0:4f:
8e:df:b5:63:f6:a9:87:3e:7b:b0:92:f7:46:7d:28:
63:25:69:ae:7a:9d:72:95:f9:40:00:1c:97:07:fe:
6f:7e:f3:b9:67:b8:a4:25:d0:6e:8f:20:e8:d7:b6:
d9:c2:2f:0b:28:a3:28:85:03:82:af:53:c8:aa:ea:
b1:aa:6e:41:86:1c:29:6e:15:a1:5a:96:d1:ad:6f:
a3:e0:ab:5e:d8:0f:36:c5:5b:4f:0e:d0:76:6b:0a:
fe:eb:13:46:3a:34:75:94:6d:23:4f:19:ba:16:9a:
48:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:4F:81:85:B6:67:A7:50:85:94:60:7F:DD:44:7F:BD:05:68:D6:82
X509v3 Authority Key Identifier:
keyid:9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/3139332e33372e3233362e302f32342d3234203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.37.236.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:10:62:43:37:6c:0d:19:7a:a3:83:e0:db:52:54:31:3d:8c:
0a:7e:94:6c:00:b2:33:30:52:c6:39:b1:2d:15:b3:ce:18:af:
aa:b4:a9:08:5a:fc:00:57:33:03:f7:63:82:a5:6e:c2:a4:53:
83:bf:c3:9f:b9:85:27:f4:3f:b1:05:cb:68:e0:74:c5:1a:f6:
40:c5:f5:ec:40:c5:52:ba:2d:79:9e:26:c0:3d:1c:cb:c6:1a:
f7:66:9c:ce:23:fb:7c:80:2f:0e:62:9e:10:d5:47:26:19:7f:
4b:98:e9:2b:76:b2:d0:37:80:99:09:67:0d:16:f1:43:91:0b:
72:15:b4:25:ac:1e:56:59:65:12:1e:89:83:c6:87:b3:16:9d:
49:32:41:c4:c4:61:59:ce:34:ba:41:45:85:10:12:88:a7:a0:
ee:9e:60:8b:60:75:08:06:f1:b4:5d:7a:8e:69:8f:04:9d:2f:
f9:72:20:af:0e:69:01:19:b9:05:99:5c:5f:5a:ee:ed:23:bc:
89:c9:08:60:d0:7c:8b:e2:8e:66:44:10:e5:7e:b7:b9:ee:55:
c5:ac:b3:20:a9:07:91:da:4c:f4:36:5d:05:52:71:a3:ad:3f:
76:46:7a:75:37:0b:b1:4e:79:1c:c4:1f:ba:1f:f4:a7:17:4b:
6b:17:e0:48
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUAUMxoJ1QOAx5xCoPTPGE2YDA1KowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWYwZDI0Yzg1NWVlZTAwZmU0YWJmMzkwM2M2ZThmY2M3
MDgzZWQ0ZDAeFw0yNTExMDQxODUwMTFaFw0yNjExMDMxODU1MTFaMDMxMTAvBgNV
BAMTKDM5NEY4MTg1QjY2N0E3NTA4NTk0NjA3RkRENDQ3RkJEMDU2OEQ2ODIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCNysYnmfkIRLPDYQ6jt7rKcWfs
9rJYkP/RXT04UTIAqTnzHNgQ2RAE39DmIrCzQrbSutvo7k0kfc48Gdti19jCUKbM
ktmRngkgLam7dk1i7qIxr0o5TXbbxjI/sWyexhfl3IxcYgcPiZTgCd7Hfpsunzhw
ZLNXADnA7pJQWzGrsu2EXNGv3FGMLBzKFQdSsZU49KPgT47ftWP2qYc+e7CS90Z9
KGMlaa56nXKV+UAAHJcH/m9+87lnuKQl0G6PIOjXttnCLwsooyiFA4KvU8iq6rGq
bkGGHCluFaFaltGtb6Pgq17YDzbFW08O0HZrCv7rE0Y6NHWUbSNPGboWmkjHAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUOU+BhbZnp1CFlGB/3UR/vQVo1oIwHwYDVR0j
BBgwFoAUnw0kyFXu4A/kq/OQPG6PzHCD7U0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQtNDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3
ODEzLzAvOUYwRDI0Qzg1NUVFRTAwRkU0QUJGMzkwM0M2RThGQ0M3MDgzRUQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL253MGt5Rlh1NEFfa3FfT1FQRzZQekhD
RDdVMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQt
NDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3ODEzLzAvMzEzOTMzMmUzMzM3MmUzMjMz
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM5MzgzMDMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wSXsMA0GCSqGSIb3DQEBCwUAA4IBAQCNEGJDN2wNGXqjg+DbUlQxPYwKfpRsALIz
MFLGObEtFbPOGK+qtKkIWvwAVzMD92OCpW7CpFODv8OfuYUn9D+xBcto4HTFGvZA
xfXsQMVSui15nibAPRzLxhr3ZpzOI/t8gC8OYp4Q1UcmGX9LmOkrdrLQN4CZCWcN
FvFDkQtyFbQlrB5WWWUSHomDxoezFp1JMkHExGFZzjS6QUWFEBKIp6DunmCLYHUI
BvG0XXqOaY8EnS/5ciCvDmkBGbkFmVxfWu7tI7yJyQhg0HyL4o5mRBDlfre57lXF
rLMgqQeR2kz0Nl0FUnGjrT92Rnp1NwuxTnkcxB+6H/SnF0trF+BI
-----END CERTIFICATE-----
Generated at Wed Nov 5 01:33:13 2025 by rpki-client