Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS209604.roa
File: AS209604.roa (raw, json)
Hash identifier: ulkLMYhvXPsKoy/cBmgb7dqBcGsMKZBxsmYrt8LM4us=
Subject key identifier: 68:F2:2C:F5:55:ED:35:1C:2F:68:22:AE:C9:37:63:22:19:4E:FC:0F
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 4AA4D8637DCBC12A0B0CBDCC971514C3EC853FE7
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS209604.roa
Signing time: Mon 28 Jul 2025 22:22:48 +0000
ROA not before: Mon 28 Jul 2025 22:17:48 +0000
ROA not after: Mon 27 Jul 2026 22:22:48 +0000
asID: 209604
IP address blocks: 91.124.37.0/24 maxlen: 24
92.112.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:a4:d8:63:7d:cb:c1:2a:0b:0c:bd:cc:97:15:14:c3:ec:85:3f:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jul 28 22:17:48 2025 GMT
Not After : Jul 27 22:22:48 2026 GMT
Subject: CN=68F22CF555ED351C2F6822AEC9376322194EFC0F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:bd:78:93:6a:c4:20:8d:aa:02:9f:92:b2:c0:
9c:82:8a:1e:6f:d5:6f:c9:1f:75:16:c7:2a:aa:ca:
d3:97:4c:ba:db:df:8e:27:33:8f:93:1e:18:96:2d:
20:0f:f4:b2:fb:12:b3:c2:06:75:b4:ab:1f:da:bb:
44:45:88:cd:8a:db:76:54:f9:8d:71:27:52:fd:ae:
b4:e9:58:50:c8:0d:7b:d4:b5:a7:e0:81:0e:66:4a:
9d:5b:ff:45:8a:a3:f7:64:f5:bd:50:77:47:12:da:
23:4e:25:7c:11:d9:7b:a9:cb:07:78:76:68:c0:2b:
49:c3:bb:16:3a:92:a0:26:6e:e3:f6:0c:5d:2f:59:
7d:b6:32:c3:41:0e:ae:24:4c:05:64:7c:db:2f:ed:
23:aa:84:94:84:a9:74:53:f0:37:07:c6:b0:7f:62:
e9:40:5c:00:43:4c:9d:08:82:f8:b3:5e:5c:99:d1:
bc:68:ea:61:10:d9:87:3e:5d:83:57:45:ea:ed:69:
3f:4b:52:29:25:26:94:9e:25:42:74:d2:2b:37:a2:
59:a1:2b:56:25:91:fe:2e:69:55:d7:76:68:a0:82:
3a:0b:8c:50:1e:a4:0b:22:f4:b0:f4:c2:1a:64:13:
14:c1:39:73:ae:4b:18:32:0f:18:46:a2:91:03:03:
da:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:F2:2C:F5:55:ED:35:1C:2F:68:22:AE:C9:37:63:22:19:4E:FC:0F
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS209604.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.37.0/24
92.112.71.0/24
Signature Algorithm: sha256WithRSAEncryption
92:60:ee:e7:8c:e1:cf:12:be:d8:75:33:c4:f9:4b:85:a2:8e:
d0:4c:dd:07:a6:19:6e:da:e2:c0:ac:7d:7b:a4:32:25:6c:7a:
82:6f:b8:74:24:90:a1:09:af:80:ca:60:04:bc:a5:c5:9a:4e:
84:8f:7e:34:52:8a:f5:9b:02:98:9f:6c:48:f4:4e:df:63:23:
3d:d0:5c:2c:07:c9:23:cd:24:fb:10:d5:2f:26:81:af:db:80:
f5:7c:ff:5e:d6:c1:3d:7a:4d:58:9a:82:21:ba:7f:5c:00:60:
fb:81:ec:4e:ca:9c:c0:a7:4f:fd:9e:02:02:3f:7f:5c:1e:8a:
40:2d:7e:64:9b:48:ee:1b:f3:35:41:b6:42:51:46:ef:f3:65:
18:3c:c9:b2:75:ed:d7:52:8c:03:45:c9:b2:a0:33:50:bb:5a:
f6:49:33:63:12:c9:99:5c:29:60:40:ec:79:1f:92:ad:b0:3c:
d3:ab:54:ae:66:b8:37:f4:b9:29:4e:a7:c6:ae:3f:00:d3:cd:
f5:2d:ac:c0:ad:18:11:ea:b1:af:ba:ed:04:03:12:87:b3:b4:
4e:2e:18:b0:08:dc:82:7d:b0:1f:cd:27:d9:86:07:ec:62:3f:
38:e4:e6:02:0c:8a:e0:d3:ab:82:cf:26:11:94:fa:74:e6:46:
c6:29:8d:06
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUSqTYY33LwSoLDL3MlxUUw+yFP+cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA3MjgyMjE3NDhaFw0yNjA3MjcyMjIyNDhaMDMxMTAvBgNV
BAMTKDY4RjIyQ0Y1NTVFRDM1MUMyRjY4MjJBRUM5Mzc2MzIyMTk0RUZDMEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3vXiTasQgjaoCn5KywJyCih5v
1W/JH3UWxyqqytOXTLrb344nM4+THhiWLSAP9LL7ErPCBnW0qx/au0RFiM2K23ZU
+Y1xJ1L9rrTpWFDIDXvUtafggQ5mSp1b/0WKo/dk9b1Qd0cS2iNOJXwR2Xupywd4
dmjAK0nDuxY6kqAmbuP2DF0vWX22MsNBDq4kTAVkfNsv7SOqhJSEqXRT8DcHxrB/
YulAXABDTJ0IgvizXlyZ0bxo6mEQ2Yc+XYNXRertaT9LUiklJpSeJUJ00is3olmh
K1Ylkf4uaVXXdmiggjoLjFAepAsi9LD0whpkExTBOXOuSxgyDxhGopEDA9q3AgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUaPIs9VXtNRwvaCKuyTdjIhlO/A8wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjA5NjA0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW3wl
AwQAXHBHMA0GCSqGSIb3DQEBCwUAA4IBAQCSYO7njOHPEr7YdTPE+UuFoo7QTN0H
phlu2uLArH17pDIlbHqCb7h0JJChCa+AymAEvKXFmk6Ej340Uor1mwKYn2xI9E7f
YyM90FwsB8kjzST7ENUvJoGv24D1fP9e1sE9ek1YmoIhun9cAGD7gexOypzAp0/9
ngICP39cHopALX5km0juG/M1QbZCUUbv82UYPMmyde3XUowDRcmyoDNQu1r2STNj
EsmZXClgQOx5H5KtsDzTq1SuZrg39LkpTqfGrj8A0831LazArRgR6rGvuu0EAxKH
s7ROLhiwCNyCfbAfzSfZhgfsYj845OYCDIrg06uCzyYRlPp05kbGKY0G
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:26 2025 by rpki-client