Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d90a935a-a74d-4b98-9430-bc7ae5c24f28/0/3231372e3139382e3138372e302f32342d3234203d3e20323131343430.roa
File: 3231372e3139382e3138372e302f32342d3234203d3e20323131343430.roa (raw, json)
Hash identifier: 1b5s7twDP9sp8gcJ29rXGkFdvEaLedS6c1Dcd8xTFyM=
Subject key identifier: 33:45:FD:23:2E:10:71:68:42:42:D4:3D:E3:65:FB:FF:F6:6A:7A:71
Certificate issuer: /CN=c79d02c618861ad45baf78ce39023cbcb494a7bf
Certificate serial: 778D39C497966D6A4D7D60DCD805364D8DC06ACE
Authority key identifier: C7:9D:02:C6:18:86:1A:D4:5B:AF:78:CE:39:02:3C:BC:B4:94:A7:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x50CxhiGGtRbr3jOOQI8vLSUp78.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d90a935a-a74d-4b98-9430-bc7ae5c24f28/0/3231372e3139382e3138372e302f32342d3234203d3e20323131343430.roa
Signing time: Mon 03 Nov 2025 12:55:11 +0000
ROA not before: Mon 03 Nov 2025 12:50:11 +0000
ROA not after: Mon 02 Nov 2026 12:55:11 +0000
asID: 211440
IP address blocks: 217.198.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d90a935a-a74d-4b98-9430-bc7ae5c24f28/0/C79D02C618861AD45BAF78CE39023CBCB494A7BF.crl
rsync://rsync.paas.rpki.ripe.net/repository/d90a935a-a74d-4b98-9430-bc7ae5c24f28/0/C79D02C618861AD45BAF78CE39023CBCB494A7BF.mft
rsync://rpki.ripe.net/repository/DEFAULT/x50CxhiGGtRbr3jOOQI8vLSUp78.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:8d:39:c4:97:96:6d:6a:4d:7d:60:dc:d8:05:36:4d:8d:c0:6a:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c79d02c618861ad45baf78ce39023cbcb494a7bf
Validity
Not Before: Nov 3 12:50:11 2025 GMT
Not After : Nov 2 12:55:11 2026 GMT
Subject: CN=3345FD232E1071684242D43DE365FBFFF66A7A71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ad:37:5f:51:fb:ec:7a:55:33:3e:9d:50:7e:
e5:4d:55:09:5f:26:0f:43:72:b6:67:da:0b:15:67:
cd:9f:d2:94:e7:8b:9c:b5:fb:54:d4:94:7b:f9:f4:
cf:1b:40:64:a7:be:4b:9a:a4:76:fe:83:7c:d7:32:
23:3e:f0:15:02:d4:93:d9:c9:e8:62:29:b3:42:ba:
9f:c4:07:06:c4:5a:3c:55:df:9e:cb:8c:16:6f:53:
a1:7f:1a:24:32:0d:25:a0:03:22:d1:67:6d:20:e3:
83:cc:b8:09:b3:b5:42:c3:af:d4:f3:42:06:b3:fd:
cc:2f:52:36:8d:9f:1e:d7:71:c8:f8:e1:da:83:46:
33:cb:19:6b:ae:5c:b3:92:64:27:57:e3:e4:51:24:
58:74:4a:fe:5b:bb:69:2a:2a:52:c5:04:cc:0a:ac:
37:f4:7b:3a:bb:35:d7:15:5b:a4:f5:65:48:73:25:
c1:38:ff:5a:34:76:ac:7f:34:1e:1a:98:a8:51:15:
c6:98:cc:30:98:2e:b4:08:33:93:42:bb:44:16:39:
27:f3:27:7d:26:ae:c2:7a:0e:fb:42:0d:eb:e9:84:
dd:e8:2b:c4:1e:d2:cd:d2:3f:b6:dd:3d:f5:e4:95:
7c:2e:eb:b1:24:49:6e:cb:06:9c:4f:dd:d6:24:c2:
69:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:45:FD:23:2E:10:71:68:42:42:D4:3D:E3:65:FB:FF:F6:6A:7A:71
X509v3 Authority Key Identifier:
keyid:C7:9D:02:C6:18:86:1A:D4:5B:AF:78:CE:39:02:3C:BC:B4:94:A7:BF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d90a935a-a74d-4b98-9430-bc7ae5c24f28/0/C79D02C618861AD45BAF78CE39023CBCB494A7BF.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x50CxhiGGtRbr3jOOQI8vLSUp78.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d90a935a-a74d-4b98-9430-bc7ae5c24f28/0/3231372e3139382e3138372e302f32342d3234203d3e20323131343430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.198.187.0/24
Signature Algorithm: sha256WithRSAEncryption
af:c0:6b:6b:cb:71:cb:e4:4b:fe:79:c9:54:3c:3d:37:fe:45:
67:8c:6f:8c:84:db:b5:4a:f1:da:bd:80:05:b7:0e:78:f5:70:
b8:ed:1f:ac:09:80:76:fc:01:3c:f7:45:d6:90:e7:25:f5:1b:
29:08:1b:b9:dc:3f:37:18:47:16:20:c5:f8:28:bd:16:bf:1b:
84:30:a3:a2:8e:df:32:50:4c:5e:c0:79:1c:49:a7:fb:49:32:
55:68:f8:80:f4:f4:9e:72:94:e0:a3:f2:11:34:eb:51:28:46:
d3:c6:66:a8:ce:90:f8:93:e7:5c:af:7d:b8:69:ff:38:5d:0d:
d7:c1:c1:43:2b:49:6b:39:55:a7:9a:84:0c:4b:b8:32:6a:16:
50:4d:c2:f1:45:92:9e:24:4e:ee:9c:16:67:61:52:cc:37:20:
d1:b9:81:11:a8:1a:db:49:4f:b4:f2:c6:38:eb:6d:02:a1:67:
45:f2:f3:95:49:1f:da:de:25:78:13:c4:ed:ee:01:77:f0:0e:
0b:69:b9:de:46:5d:58:76:6d:a6:5c:7a:41:a3:4f:a3:bc:64:
54:8b:c0:53:ce:ad:7e:96:dd:88:f9:e9:6b:0b:91:e3:1e:20:
fe:cd:4b:64:af:1e:bc:41:fa:c4:94:0b:34:06:f9:02:71:2c:
57:2e:39:97
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUd405xJeWbWpNfWDc2AU2TY3Aas4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzc5ZDAyYzYxODg2MWFkNDViYWY3OGNlMzkwMjNjYmNi
NDk0YTdiZjAeFw0yNTExMDMxMjUwMTFaFw0yNjExMDIxMjU1MTFaMDMxMTAvBgNV
BAMTKDMzNDVGRDIzMkUxMDcxNjg0MjQyRDQzREUzNjVGQkZGRjY2QTdBNzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6rTdfUfvselUzPp1QfuVNVQlf
Jg9DcrZn2gsVZ82f0pTni5y1+1TUlHv59M8bQGSnvkuapHb+g3zXMiM+8BUC1JPZ
yehiKbNCup/EBwbEWjxV357LjBZvU6F/GiQyDSWgAyLRZ20g44PMuAmztULDr9Tz
Qgaz/cwvUjaNnx7Xccj44dqDRjPLGWuuXLOSZCdX4+RRJFh0Sv5bu2kqKlLFBMwK
rDf0ezq7NdcVW6T1ZUhzJcE4/1o0dqx/NB4amKhRFcaYzDCYLrQIM5NCu0QWOSfz
J30mrsJ6DvtCDevphN3oK8Qe0s3SP7bdPfXklXwu67EkSW7LBpxP3dYkwmkNAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUM0X9Iy4QcWhCQtQ942X7//ZqenEwHwYDVR0j
BBgwFoAUx50CxhiGGtRbr3jOOQI8vLSUp78wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDkwYTkzNWEtYTc0ZC00Yjk4LTk0MzAtYmM3YWU1YzI0
ZjI4LzAvQzc5RDAyQzYxODg2MUFENDVCQUY3OENFMzkwMjNDQkNCNDk0QTdCRi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3g1MEN4aGlHR3RSYnIzak9PUUk4dkxT
VXA3OC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDkwYTkzNWEt
YTc0ZC00Yjk4LTk0MzAtYmM3YWU1YzI0ZjI4LzAvMzIzMTM3MmUzMTM5MzgyZTMx
MzgzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMTM0MzQzMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANnGuzANBgkqhkiG9w0BAQsFAAOCAQEAr8Bra8txy+RL/nnJVDw9N/5FZ4xv
jITbtUrx2r2ABbcOePVwuO0frAmAdvwBPPdF1pDnJfUbKQgbudw/NxhHFiDF+Ci9
Fr8bhDCjoo7fMlBMXsB5HEmn+0kyVWj4gPT0nnKU4KPyETTrUShG08ZmqM6Q+JPn
XK99uGn/OF0N18HBQytJazlVp5qEDEu4MmoWUE3C8UWSniRO7pwWZ2FSzDcg0bmB
Eaga20lPtPLGOOttAqFnRfLzlUkf2t4leBPE7e4Bd/AOC2m53kZdWHZtplx6QaNP
o7xkVIvAU86tfpbdiPnpawuR4x4g/s1LZK8evEH6xJQLNAb5AnEsVy45lw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 21:31:16 2025 by rpki-client