Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3130372e3136322e302f32342d3234203d3e20313336373837.roa
File: 3139342e3130372e3136322e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: gaa2ltHsR72F0qcFHwgnfhcDg110UV8xdKURSpphEjc=
Subject key identifier: 02:C6:95:63:78:57:45:08:93:63:01:7A:37:01:A8:FC:4C:AC:BC:45
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1B200FAA023DDD0E3968FB5321930785EE9E7416
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3130372e3136322e302f32342d3234203d3e20313336373837.roa
Signing time: Tue 21 Oct 2025 10:47:56 +0000
ROA not before: Tue 21 Oct 2025 10:42:56 +0000
ROA not after: Tue 20 Oct 2026 10:47:56 +0000
asID: 136787
IP address blocks: 194.107.162.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 19:48:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:20:0f:aa:02:3d:dd:0e:39:68:fb:53:21:93:07:85:ee:9e:74:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 21 10:42:56 2025 GMT
Not After : Oct 20 10:47:56 2026 GMT
Subject: CN=02C69563785745089363017A3701A8FC4CACBC45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:f8:62:8f:8d:ac:59:03:ab:3c:f9:74:72:9f:
21:f3:76:50:54:2c:17:5c:dc:67:e6:c1:bf:8c:da:
79:41:a4:fc:92:08:c8:1d:2a:13:f3:fa:6a:f3:5e:
b4:89:ea:cc:2b:db:ff:d6:3d:4e:d5:06:3d:6f:30:
1e:0d:73:ec:54:15:a1:3f:a7:7f:c3:8f:87:f4:fc:
7b:e0:3d:70:5c:5f:87:86:cb:23:91:ad:7f:68:14:
ca:5b:c2:1d:48:f4:c3:7e:2d:68:40:11:4a:8d:87:
e7:71:64:f6:78:d2:97:12:3c:e6:cc:68:6e:13:0d:
68:f2:2a:e3:ba:be:22:11:bd:e2:73:ea:d7:72:8a:
d3:9c:9a:33:f1:b6:1f:7a:ab:42:05:d3:6c:9f:9e:
0e:8e:02:b2:8c:ed:a4:79:cc:dc:9a:96:8f:c6:be:
38:dc:7c:7a:ef:ba:71:c4:f6:ef:0a:79:f5:93:03:
e1:1f:07:54:ef:98:0b:a4:ce:57:f0:98:9d:a9:f3:
80:fe:05:e7:71:81:f6:03:eb:13:3e:5f:06:5b:06:
35:d2:3c:7a:af:c5:d2:92:c1:1d:4f:56:fe:c1:85:
c3:0f:d8:f4:bc:19:70:8b:e3:76:7c:cc:42:bd:2c:
16:b7:29:bd:1e:94:55:9b:f7:c4:da:7b:67:f7:dc:
d4:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:C6:95:63:78:57:45:08:93:63:01:7A:37:01:A8:FC:4C:AC:BC:45
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3130372e3136322e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.107.162.0/24
Signature Algorithm: sha256WithRSAEncryption
48:b2:45:43:74:d6:1e:eb:76:b0:c0:f7:3b:94:e4:fc:f5:eb:
c2:7f:39:f5:e3:05:75:c9:23:da:7d:11:82:6f:37:97:78:78:
44:49:02:ff:ba:8b:0f:04:96:3b:b7:be:1c:a3:06:8e:f7:05:
61:2f:41:dd:85:f8:ac:06:74:18:50:ab:78:fa:c4:67:40:0e:
7a:a6:f5:c6:20:bb:92:33:ef:31:d3:1b:02:27:bf:06:b8:b4:
19:e8:ca:13:39:ec:18:53:af:fb:2b:4b:94:ac:d7:7c:49:40:
d8:a5:41:6f:9d:f8:fc:29:8d:be:52:e8:3e:7f:f9:77:2d:f1:
d8:ca:80:dd:58:64:f0:d7:08:ce:33:21:73:ec:08:1a:63:bd:
03:64:67:f6:7a:6a:18:1a:6f:15:fd:1d:df:70:d0:36:da:69:
70:b1:a0:b9:c1:20:0c:a1:3e:af:b2:b4:73:ea:d4:a7:e1:88:
41:33:ef:ff:fa:7e:db:c9:40:78:02:19:d8:83:79:cd:5c:a9:
a2:b7:ef:4f:7a:98:b0:20:69:f8:be:0a:cc:5b:c3:03:3a:43:
fd:b7:0d:82:ab:34:6e:cc:8a:0d:f1:64:ba:36:3d:28:17:ff:
a3:ae:cb:5e:ab:a3:4d:1f:58:94:b5:4e:62:4d:0e:4e:fe:fa:
2b:f0:31:63
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUGyAPqgI93Q45aPtTIZMHhe6edBYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTEwMjExMDQyNTZaFw0yNjEwMjAxMDQ3NTZaMDMxMTAvBgNV
BAMTKDAyQzY5NTYzNzg1NzQ1MDg5MzYzMDE3QTM3MDFBOEZDNENBQ0JDNDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDR+GKPjaxZA6s8+XRynyHzdlBU
LBdc3Gfmwb+M2nlBpPySCMgdKhPz+mrzXrSJ6swr2//WPU7VBj1vMB4Nc+xUFaE/
p3/Dj4f0/HvgPXBcX4eGyyORrX9oFMpbwh1I9MN+LWhAEUqNh+dxZPZ40pcSPObM
aG4TDWjyKuO6viIRveJz6tdyitOcmjPxth96q0IF02yfng6OArKM7aR5zNyalo/G
vjjcfHrvunHE9u8KefWTA+EfB1TvmAukzlfwmJ2p84D+BedxgfYD6xM+XwZbBjXS
PHqvxdKSwR1PVv7BhcMP2PS8GXCL43Z8zEK9LBa3Kb0elFWb98Tae2f33NT5AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUAsaVY3hXRQiTYwF6NwGo/EysvEUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM0MmUzMTMwMzcyZTMx
MzYzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMJrojANBgkqhkiG9w0BAQsFAAOCAQEASLJFQ3TWHut2sMD3O5Tk/PXrwn85
9eMFdckj2n0Rgm83l3h4REkC/7qLDwSWO7e+HKMGjvcFYS9B3YX4rAZ0GFCrePrE
Z0AOeqb1xiC7kjPvMdMbAie/Bri0GejKEznsGFOv+ytLlKzXfElA2KVBb534/CmN
vlLoPn/5dy3x2MqA3Vhk8NcIzjMhc+wIGmO9A2Rn9npqGBpvFf0d33DQNtppcLGg
ucEgDKE+r7K0c+rUp+GIQTPv//p+28lAeAIZ2IN5zVyporfvT3qYsCBp+L4KzFvD
AzpD/bcNgqs0bsyKDfFkujY9KBf/o67LXqujTR9YlLVOYk0OTv76K/AxYw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:59:06 2025 by rpki-client