Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/3139332e39332e3135352e302f32342d3234203d3e203230343733.roa
File: 3139332e39332e3135352e302f32342d3234203d3e203230343733.roa (raw, json)
Hash identifier: hDOoONSAS9eAuwlCmW30VHEN0/zXt8vJpH/fFLKimsM=
Subject key identifier: 8A:87:E1:E5:91:8C:72:46:EE:99:3F:DF:F5:3A:B7:C1:CE:8E:BF:F9
Certificate issuer: /CN=f29fbab4db867f6bd9a7eff6aa55d98c162e1aad
Certificate serial: 0AF0D861897F35ED53C8930264DF2743AC16A58B
Authority key identifier: F2:9F:BA:B4:DB:86:7F:6B:D9:A7:EF:F6:AA:55:D9:8C:16:2E:1A:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/3139332e39332e3135352e302f32342d3234203d3e203230343733.roa
Signing time: Tue 05 Aug 2025 07:54:13 +0000
ROA not before: Tue 05 Aug 2025 07:49:13 +0000
ROA not after: Tue 04 Aug 2026 07:54:13 +0000
asID: 20473
IP address blocks: 193.93.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.crl
rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.mft
rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 09:08:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:f0:d8:61:89:7f:35:ed:53:c8:93:02:64:df:27:43:ac:16:a5:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f29fbab4db867f6bd9a7eff6aa55d98c162e1aad
Validity
Not Before: Aug 5 07:49:13 2025 GMT
Not After : Aug 4 07:54:13 2026 GMT
Subject: CN=8A87E1E5918C7246EE993FDFF53AB7C1CE8EBFF9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:cf:af:c6:b0:c5:e6:13:75:17:69:08:1a:90:
46:90:4a:48:aa:18:95:4d:4d:07:3a:8a:74:ef:42:
39:b8:eb:4e:ef:e3:3c:c6:b0:e4:b7:d2:92:e1:13:
b3:22:17:76:65:5d:a3:08:91:d4:15:f4:28:19:a8:
3a:ee:05:ea:4d:b4:2f:48:0b:73:71:a4:fc:21:79:
14:68:5c:11:70:f9:38:b5:93:61:bc:77:4b:ce:bd:
41:ad:b3:e9:ae:7a:f3:0a:c0:e1:4b:2f:76:45:38:
98:f9:82:ae:0e:70:11:cf:d4:cd:d2:5a:9a:40:72:
eb:d7:15:f5:c8:00:75:68:73:34:8b:77:09:25:66:
34:e3:f6:b6:31:eb:b2:0c:8c:b4:22:08:a1:99:55:
df:e8:87:5c:4d:37:00:32:2a:e0:c5:b7:c7:fe:10:
b2:82:a0:d9:93:62:0b:32:5b:1e:00:ef:90:7f:d8:
d4:3d:0a:1d:af:62:03:8c:78:66:69:35:4b:da:7d:
38:7b:a1:79:7c:ba:7a:6a:73:34:d2:7b:b8:58:16:
a8:4d:06:38:0b:3e:49:7d:37:35:08:68:d1:ea:ea:
90:7f:bb:3f:ab:d4:d1:4b:78:49:6f:fd:79:58:86:
ef:43:88:74:e1:84:84:40:d7:f5:fb:3d:d5:3f:a4:
15:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:87:E1:E5:91:8C:72:46:EE:99:3F:DF:F5:3A:B7:C1:CE:8E:BF:F9
X509v3 Authority Key Identifier:
keyid:F2:9F:BA:B4:DB:86:7F:6B:D9:A7:EF:F6:AA:55:D9:8C:16:2E:1A:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/3139332e39332e3135352e302f32342d3234203d3e203230343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.93.155.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:0b:99:b7:98:71:44:21:2f:34:6b:08:54:26:38:84:51:8b:
0b:3a:87:28:20:c2:da:9e:10:8f:18:a5:b5:96:75:c7:1d:60:
53:aa:43:35:83:15:b3:f2:32:15:72:db:a7:7f:74:88:da:95:
17:b5:60:e0:b4:ba:b0:d8:1a:3c:3a:19:a3:36:12:2d:6c:e8:
6a:bf:3f:5e:15:bb:cc:e3:05:22:cc:eb:30:0b:a9:a5:3a:c9:
e4:74:0e:c9:33:a2:9d:b7:32:db:1d:0d:5f:b5:49:e1:ab:88:
7e:8b:52:2c:f3:c8:b1:ee:2e:93:c9:5c:53:a4:d5:db:d7:ea:
b4:42:dd:30:64:5b:2e:5c:0e:48:07:a1:69:3e:27:3d:2e:34:
9b:c2:f6:ec:45:68:40:e7:3d:cf:12:bc:56:53:91:06:b6:47:
cb:f0:bc:1f:ff:69:8a:4f:89:03:34:b5:46:dd:a0:d3:c3:7d:
77:f4:b0:c6:fc:02:5c:ed:32:19:cc:17:98:db:3b:cb:5b:14:
9d:0f:c8:f6:ab:6c:cd:33:e1:c3:21:94:c7:e5:a7:45:5b:a5:
1d:fc:61:88:a0:b2:aa:a9:53:e5:e6:85:83:1e:7d:bc:e5:95:
68:63:f6:8c:22:76:43:da:58:83:c0:a1:f6:60:d4:b8:6c:c7:
ef:37:bf:52
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUCvDYYYl/Ne1TyJMCZN8nQ6wWpYswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjI5ZmJhYjRkYjg2N2Y2YmQ5YTdlZmY2YWE1NWQ5OGMx
NjJlMWFhZDAeFw0yNTA4MDUwNzQ5MTNaFw0yNjA4MDQwNzU0MTNaMDMxMTAvBgNV
BAMTKDhBODdFMUU1OTE4QzcyNDZFRTk5M0ZERkY1M0FCN0MxQ0U4RUJGRjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxz6/GsMXmE3UXaQgakEaQSkiq
GJVNTQc6inTvQjm4607v4zzGsOS30pLhE7MiF3ZlXaMIkdQV9CgZqDruBepNtC9I
C3NxpPwheRRoXBFw+Ti1k2G8d0vOvUGts+muevMKwOFLL3ZFOJj5gq4OcBHP1M3S
WppAcuvXFfXIAHVoczSLdwklZjTj9rYx67IMjLQiCKGZVd/oh1xNNwAyKuDFt8f+
ELKCoNmTYgsyWx4A75B/2NQ9Ch2vYgOMeGZpNUvafTh7oXl8unpqczTSe7hYFqhN
BjgLPkl9NzUIaNHq6pB/uz+r1NFLeElv/XlYhu9DiHThhIRA1/X7PdU/pBUjAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUiofh5ZGMckbumT/f9Tq3wc6Ov/kwHwYDVR0j
BBgwFoAU8p+6tNuGf2vZp+/2qlXZjBYuGq0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmY1MmQ4MTQtM2QyZi00ZGY0LTgxNDAtZGZiNTMwZjc0
OTEyLzAvRjI5RkJBQjREQjg2N0Y2QkQ5QTdFRkY2QUE1NUQ5OEMxNjJFMUFBRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhwLTZ0TnVHZjJ2WnAtXzJxbFhaakJZ
dUdxMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmY1MmQ4MTQt
M2QyZi00ZGY0LTgxNDAtZGZiNTMwZjc0OTEyLzAvMzEzOTMzMmUzOTMzMmUzMTM1
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wV2bMA0GCSqGSIb3DQEBCwUAA4IBAQCKC5m3mHFEIS80awhUJjiEUYsLOocoIMLa
nhCPGKW1lnXHHWBTqkM1gxWz8jIVctunf3SI2pUXtWDgtLqw2Bo8OhmjNhItbOhq
vz9eFbvM4wUizOswC6mlOsnkdA7JM6KdtzLbHQ1ftUnhq4h+i1Is88ix7i6TyVxT
pNXb1+q0Qt0wZFsuXA5IB6FpPic9LjSbwvbsRWhA5z3PErxWU5EGtkfL8Lwf/2mK
T4kDNLVG3aDTw3139LDG/AJc7TIZzBeY2zvLWxSdD8j2q2zNM+HDIZTH5adFW6Ud
/GGIoLKqqVPl5oWDHn285ZVoY/aMInZD2liDwKH2YNS4bMfvN79S
-----END CERTIFICATE-----
Generated at Tue Aug 5 17:09:17 2025 by rpki-client