Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e36302e38362e302f32342d3234203d3e20323033333830.roa
File: 3139342e36302e38362e302f32342d3234203d3e20323033333830.roa (raw, json)
Hash identifier: FW5NZL/DtR+J1Lv09PlljT6oN2D5P33Vdd0Mp4/FNAk=
Subject key identifier: 99:DC:F7:7F:DB:CB:EE:C6:D4:FE:CD:C5:CD:12:3B:14:52:20:96:18
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 1452E2A61909A696A250D4CE61F6753C067FC2FF
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e36302e38362e302f32342d3234203d3e20323033333830.roa
Signing time: Wed 06 Aug 2025 10:16:22 +0000
ROA not before: Wed 06 Aug 2025 10:11:22 +0000
ROA not after: Wed 05 Aug 2026 10:16:22 +0000
asID: 203380
IP address blocks: 194.60.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Aug 2025 08:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:52:e2:a6:19:09:a6:96:a2:50:d4:ce:61:f6:75:3c:06:7f:c2:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Aug 6 10:11:22 2025 GMT
Not After : Aug 5 10:16:22 2026 GMT
Subject: CN=99DCF77FDBCBEEC6D4FECDC5CD123B1452209618
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:20:18:24:39:d8:4e:71:e0:ec:55:54:e5:a5:
fd:32:17:b3:9f:f3:9d:61:3d:3b:e4:5f:9e:f9:77:
26:5d:ed:86:23:df:cf:cb:94:92:9d:6f:49:37:b3:
48:77:9f:d0:d7:4c:95:e8:37:a9:eb:82:96:67:e0:
37:00:03:be:73:50:35:d8:a0:24:de:e4:d7:2d:09:
1f:d9:f1:24:8a:14:2b:23:e2:c8:f1:0a:eb:d6:2f:
ca:07:b6:80:9b:8e:6d:3a:cc:2a:57:e2:fb:e1:08:
60:3b:02:f7:1c:98:5f:8e:da:b5:c4:75:06:17:f9:
74:ee:0a:fd:54:f2:ee:c7:b2:a0:87:b3:ba:33:20:
24:2d:1a:87:d3:fb:49:09:5d:a5:b0:a5:39:35:a8:
25:7c:23:7a:22:02:fb:7f:b8:27:1a:20:38:14:52:
47:1d:93:53:50:76:b6:46:64:6a:0e:10:f8:66:28:
d1:c7:53:99:2e:e7:c1:ff:19:a4:76:93:cf:25:48:
ec:77:a0:5a:7a:99:84:34:e6:bf:5d:d5:ad:24:78:
1d:62:36:79:a7:e5:e7:8f:6a:3d:73:91:8b:36:b7:
fa:43:71:f9:b9:8f:83:78:a9:20:de:7b:ae:ef:1c:
80:32:f0:4b:f2:07:2b:f5:06:df:eb:f2:f4:c8:2d:
06:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:DC:F7:7F:DB:CB:EE:C6:D4:FE:CD:C5:CD:12:3B:14:52:20:96:18
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e36302e38362e302f32342d3234203d3e20323033333830.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.60.86.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:53:18:24:c4:98:06:f9:86:b2:ef:08:f9:4d:91:d2:cc:e0:
17:9d:64:01:ce:07:a7:e8:75:e4:60:ad:e8:69:49:21:4c:1f:
f0:07:95:97:2f:93:7a:92:1a:06:1b:3d:f8:3f:41:9b:75:b9:
da:de:44:9f:38:e4:4d:54:1f:d8:47:ab:92:86:f6:b6:6e:8e:
6e:9f:28:b3:28:8f:05:f8:2b:6c:4d:d2:80:03:1f:48:81:8b:
f5:d0:02:fe:41:3d:2e:cc:54:2f:ec:aa:ee:cc:a2:04:65:23:
c4:64:c2:ff:cd:69:d6:b3:84:0a:ec:7f:a4:9e:26:18:e1:d3:
31:eb:fb:1c:27:40:fd:ba:c6:5e:81:1d:33:bf:8f:3a:68:d6:
8d:5e:0d:2d:bc:67:95:da:d7:e6:c7:b5:e4:86:71:c4:3b:37:
31:d1:7c:37:3b:74:ae:be:70:a2:50:c4:f8:0f:dd:e2:90:c7:
09:1b:be:64:91:2e:38:28:5e:aa:bc:b4:b8:46:b0:28:97:8c:
43:3b:5a:55:e6:ee:78:00:db:96:36:f4:81:15:d1:b4:60:13:
38:63:fc:88:15:93:5c:cf:69:d5:d4:9e:fb:e0:9b:58:c2:63:
1d:a5:43:53:07:a3:01:cb:09:a8:47:8d:7c:57:be:90:e9:10:
74:0a:34:0a
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUFFLiphkJppaiUNTOYfZ1PAZ/wv8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTA4MDYxMDExMjJaFw0yNjA4MDUxMDE2MjJaMDMxMTAvBgNV
BAMTKDk5RENGNzdGREJDQkVFQzZENEZFQ0RDNUNEMTIzQjE0NTIyMDk2MTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMIBgkOdhOceDsVVTlpf0yF7Of
851hPTvkX575dyZd7YYj38/LlJKdb0k3s0h3n9DXTJXoN6nrgpZn4DcAA75zUDXY
oCTe5NctCR/Z8SSKFCsj4sjxCuvWL8oHtoCbjm06zCpX4vvhCGA7AvccmF+O2rXE
dQYX+XTuCv1U8u7HsqCHs7ozICQtGofT+0kJXaWwpTk1qCV8I3oiAvt/uCcaIDgU
Ukcdk1NQdrZGZGoOEPhmKNHHU5ku58H/GaR2k88lSOx3oFp6mYQ05r9d1a0keB1i
Nnmn5eePaj1zkYs2t/pDcfm5j4N4qSDee67vHIAy8EvyByv1Bt/r8vTILQY9AgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUmdz3f9vL7sbU/s3FzRI7FFIglhgwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzQyZTM2MzAy
ZTM4MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzMzMzM4MzAucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADCPFYwDQYJKoZIhvcNAQELBQADggEBAKJTGCTEmAb5hrLvCPlNkdLM4Bed
ZAHOB6fodeRgrehpSSFMH/AHlZcvk3qSGgYbPfg/QZt1udreRJ845E1UH9hHq5KG
9rZujm6fKLMojwX4K2xN0oADH0iBi/XQAv5BPS7MVC/squ7MogRlI8Rkwv/Nadaz
hArsf6SeJhjh0zHr+xwnQP26xl6BHTO/jzpo1o1eDS28Z5Xa1+bHteSGccQ7NzHR
fDc7dK6+cKJQxPgP3eKQxwkbvmSRLjgoXqq8tLhGsCiXjEM7WlXm7ngA25Y29IEV
0bRgEzhj/IgVk1zPadXUnvvgm1jCYx2lQ1MHowHLCahHjXxXvpDpEHQKNAo=
-----END CERTIFICATE-----
Generated at Thu Aug 7 11:18:50 2025 by rpki-client