Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3130372e3136312e302f32342d3234203d3e20313336373837.roa
File: 3139342e3130372e3136312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: jfEWo/UDUFQ3w0uIAzrJKXcc6lAK+Uf0rbpeIIfALdM=
Subject key identifier: A7:94:32:02:0C:F9:F8:77:EA:4A:B1:6E:D4:DA:67:A7:9A:41:6B:A0
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 374F24D0C7B08B5FBEEDF2D2A5F814A6BD6B8D9F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3130372e3136312e302f32342d3234203d3e20313336373837.roa
Signing time: Tue 21 Oct 2025 10:47:56 +0000
ROA not before: Tue 21 Oct 2025 10:42:56 +0000
ROA not after: Tue 20 Oct 2026 10:47:56 +0000
asID: 136787
IP address blocks: 194.107.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:4f:24:d0:c7:b0:8b:5f:be:ed:f2:d2:a5:f8:14:a6:bd:6b:8d:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 21 10:42:56 2025 GMT
Not After : Oct 20 10:47:56 2026 GMT
Subject: CN=A79432020CF9F877EA4AB16ED4DA67A79A416BA0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:3b:72:34:e1:65:07:21:9e:99:ec:9b:7d:85:
1d:df:68:83:b2:a7:02:d6:de:ef:9f:16:38:ab:b5:
d3:09:12:1d:78:ec:b0:f8:cc:fa:1d:ce:aa:87:23:
8c:99:bf:03:e0:77:45:51:3f:e2:05:71:9c:6f:ea:
c0:eb:8e:a0:c0:d1:d2:0c:11:63:18:1c:ec:33:d6:
8c:95:04:db:88:df:df:c4:f1:4c:02:f5:13:89:03:
b8:ad:ff:f1:6e:e0:25:02:27:db:45:2e:d7:35:b2:
4d:be:5c:60:4c:e7:c3:42:fb:06:de:be:21:75:7a:
4e:67:fc:76:f3:d3:74:96:f3:ad:ab:be:5b:00:63:
03:15:ec:d3:02:51:f2:71:34:5b:ee:3d:59:b3:c9:
e5:16:ce:aa:99:30:5d:0e:92:50:30:25:43:86:2f:
f5:3f:6e:8d:72:0d:fb:e2:52:c7:e0:c4:7b:0d:2a:
31:a2:a0:42:01:81:87:90:4b:c1:eb:38:f8:68:d7:
29:f2:4b:9b:da:21:27:86:50:56:0d:36:2d:78:96:
8e:55:05:db:2b:17:1a:8a:a9:37:b4:ee:39:bb:33:
f9:c8:85:89:42:ad:e4:15:96:02:e5:c0:ee:a2:6d:
02:cf:05:30:fd:9f:3f:b8:c7:5b:45:8b:f5:09:b9:
cf:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:94:32:02:0C:F9:F8:77:EA:4A:B1:6E:D4:DA:67:A7:9A:41:6B:A0
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3130372e3136312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.107.161.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:fb:7d:cb:fc:0c:2f:3c:65:87:e6:a0:b0:42:bd:76:3c:58:
52:45:5b:07:32:86:5d:d7:a1:8c:73:0a:97:9c:85:a8:29:60:
a6:99:4a:48:cb:24:20:bc:35:2a:52:aa:7f:18:a2:85:b3:1a:
5e:ab:f4:58:f0:68:87:af:33:b9:f2:49:31:46:c3:6a:a8:c5:
bb:53:3a:88:b0:7a:9b:35:f3:e6:33:80:49:2c:bc:28:67:e3:
6b:83:d2:56:07:08:ca:98:82:bf:85:e5:5d:6a:3a:34:46:e3:
da:29:71:0c:70:02:25:13:fd:87:c1:1f:8f:80:6f:af:db:b1:
bd:a8:67:2b:90:df:27:1b:0b:9f:5d:18:09:85:a2:a9:c3:71:
94:bb:e0:22:9e:95:61:7a:ca:e5:94:3a:01:82:f6:d9:df:90:
46:75:e1:ac:2b:cc:0e:32:7f:f6:3f:17:3a:31:f2:83:e5:f1:
06:1b:9b:94:79:1a:4e:38:60:e0:8c:fb:17:fd:80:26:d0:90:
d5:af:7e:a5:2d:22:47:6a:01:08:96:fc:44:ed:3e:7a:7d:47:
df:06:15:ce:71:ad:99:42:07:d4:c7:1d:76:e0:ef:9d:38:41:
1d:74:d4:64:49:9b:a9:2d:c9:41:be:8a:df:6f:ba:ca:8a:a5:
b5:86:a7:38
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUN08k0Mewi1++7fLSpfgUpr1rjZ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTEwMjExMDQyNTZaFw0yNjEwMjAxMDQ3NTZaMDMxMTAvBgNV
BAMTKEE3OTQzMjAyMENGOUY4NzdFQTRBQjE2RUQ0REE2N0E3OUE0MTZCQTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzO3I04WUHIZ6Z7Jt9hR3faIOy
pwLW3u+fFjirtdMJEh147LD4zPodzqqHI4yZvwPgd0VRP+IFcZxv6sDrjqDA0dIM
EWMYHOwz1oyVBNuI39/E8UwC9ROJA7it//Fu4CUCJ9tFLtc1sk2+XGBM58NC+wbe
viF1ek5n/Hbz03SW862rvlsAYwMV7NMCUfJxNFvuPVmzyeUWzqqZMF0OklAwJUOG
L/U/bo1yDfviUsfgxHsNKjGioEIBgYeQS8HrOPho1ynyS5vaISeGUFYNNi14lo5V
BdsrFxqKqTe07jm7M/nIhYlCreQVlgLlwO6ibQLPBTD9nz+4x1tFi/UJuc8JAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUp5QyAgz5+HfqSrFu1Npnp5pBa6AwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM0MmUzMTMwMzcyZTMx
MzYzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMJroTANBgkqhkiG9w0BAQsFAAOCAQEADPt9y/wMLzxlh+agsEK9djxYUkVb
BzKGXdehjHMKl5yFqClgpplKSMskILw1KlKqfxiihbMaXqv0WPBoh68zufJJMUbD
aqjFu1M6iLB6mzXz5jOASSy8KGfja4PSVgcIypiCv4XlXWo6NEbj2ilxDHACJRP9
h8Efj4Bvr9uxvahnK5DfJxsLn10YCYWiqcNxlLvgIp6VYXrK5ZQ6AYL22d+QRnXh
rCvMDjJ/9j8XOjHyg+XxBhublHkaTjhg4Iz7F/2AJtCQ1a9+pS0iR2oBCJb8RO0+
en1H3wYVznGtmUIH1McdduDvnThBHXTUZEmbqS3JQb6K32+6yoqltYanOA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 19:58:30 2025 by rpki-client