Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39312e3233302e3131312e302f32342d3332203d3e203531313637.roa
File: 39312e3233302e3131312e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: cSak2s1FMXBuwG8uX3teaFIuTj8l6k7LF4jXXlhp+CI=
Subject key identifier: C5:FB:07:F3:D2:71:4B:2C:FE:49:71:F8:A7:FB:04:93:C9:31:E2:51
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6D13AD07D7F63245FDB0906F9714057202430140
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39312e3233302e3131312e302f32342d3332203d3e203531313637.roa
Signing time: Wed 30 Jul 2025 14:46:59 +0000
ROA not before: Wed 30 Jul 2025 14:41:59 +0000
ROA not after: Wed 29 Jul 2026 14:46:59 +0000
asID: 51167
IP address blocks: 91.230.111.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:07:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:13:ad:07:d7:f6:32:45:fd:b0:90:6f:97:14:05:72:02:43:01:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 30 14:41:59 2025 GMT
Not After : Jul 29 14:46:59 2026 GMT
Subject: CN=C5FB07F3D2714B2CFE4971F8A7FB0493C931E251
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:91:49:1c:81:c0:15:ef:f7:83:1d:33:7a:5e:
4f:75:43:e5:56:d2:91:e8:01:fe:55:e6:cd:94:50:
3f:d9:65:27:77:b0:63:e0:45:9c:d0:ed:9c:c8:15:
6b:85:c5:68:b6:3d:e8:35:94:d6:12:f3:d2:f4:6d:
fb:13:92:94:42:2e:bb:e3:5e:ab:34:cd:d0:8d:a2:
13:34:1e:e1:04:15:cc:b2:e8:26:23:68:a5:8d:47:
a6:e6:05:37:49:0c:b3:64:88:ed:10:02:93:c1:4a:
ec:32:86:11:29:51:25:21:7f:e1:4d:da:78:37:cd:
ae:52:3c:8d:ca:94:33:0d:1f:84:40:0e:ea:ed:0f:
24:ed:f8:4e:45:40:9b:0b:3a:65:3f:0f:3f:21:c1:
a1:cf:ff:b5:d9:a8:a8:92:74:26:a3:4c:06:ca:c8:
74:2c:1b:aa:f6:1e:2a:8a:2a:26:ac:fb:3c:85:61:
5e:8f:33:30:40:2f:e2:ce:d1:ac:b1:10:8c:d0:fa:
d8:0b:e7:78:27:c2:0e:37:38:21:fb:42:f3:9a:b2:
d2:e4:c9:d0:ba:9b:1d:e2:a0:6b:40:c4:a4:d7:af:
27:fd:15:7d:20:52:75:a0:95:b4:56:33:52:35:98:
ba:5a:d0:1e:bb:1b:14:60:98:a4:6e:47:7a:0d:47:
94:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:FB:07:F3:D2:71:4B:2C:FE:49:71:F8:A7:FB:04:93:C9:31:E2:51
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39312e3233302e3131312e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.111.0/24
Signature Algorithm: sha256WithRSAEncryption
00:16:d5:af:8a:e6:6c:68:a0:47:f4:a5:7a:a4:4d:e9:7e:6d:
fa:59:a9:84:14:fb:74:30:da:f8:d3:c2:8c:ef:39:ce:3c:3f:
8d:6c:bb:89:bd:cc:7b:99:43:76:ac:dd:c0:dc:72:fb:85:d2:
c9:91:06:6e:a1:0d:b4:f0:0a:ef:0d:3f:e2:be:7d:e2:23:a5:
2c:30:f1:ba:7d:d2:d4:ea:81:7e:96:31:ce:70:a8:03:43:05:
f9:1f:b5:52:bf:35:05:bc:47:d4:58:b5:c5:27:83:f0:be:2d:
22:c5:2b:4c:9d:98:7d:cc:19:e1:d9:bb:bd:69:a0:a1:10:8c:
c8:6a:0c:a1:be:95:c3:16:1b:ba:4a:61:d7:58:08:77:61:72:
c2:44:bb:06:57:c9:a4:af:0b:df:e7:3f:c0:fb:f2:3d:e9:e3:
98:5b:86:76:a1:a6:d7:99:98:3c:22:fc:ff:61:5a:44:53:5b:
3e:cd:dd:78:4e:3f:4d:84:74:52:a8:d8:b4:81:fc:01:5b:04:
74:8d:b7:1b:c6:f5:c6:f8:b2:73:4e:51:22:68:06:b8:25:87:
8d:38:32:18:a3:41:05:c6:24:e0:f5:c2:bf:a7:31:f3:31:97:
d0:2f:a6:ca:5d:ce:c3:0c:09:2f:a4:71:88:0f:bd:e3:85:60:
63:76:dd:7f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUbROtB9f2MkX9sJBvlxQFcgJDAUAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA3MzAxNDQxNTlaFw0yNjA3MjkxNDQ2NTlaMDMxMTAvBgNV
BAMTKEM1RkIwN0YzRDI3MTRCMkNGRTQ5NzFGOEE3RkIwNDkzQzkzMUUyNTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnkUkcgcAV7/eDHTN6Xk91Q+VW
0pHoAf5V5s2UUD/ZZSd3sGPgRZzQ7ZzIFWuFxWi2Peg1lNYS89L0bfsTkpRCLrvj
Xqs0zdCNohM0HuEEFcyy6CYjaKWNR6bmBTdJDLNkiO0QApPBSuwyhhEpUSUhf+FN
2ng3za5SPI3KlDMNH4RADurtDyTt+E5FQJsLOmU/Dz8hwaHP/7XZqKiSdCajTAbK
yHQsG6r2HiqKKias+zyFYV6PMzBAL+LO0ayxEIzQ+tgL53gnwg43OCH7QvOastLk
ydC6mx3ioGtAxKTXryf9FX0gUnWglbRWM1I1mLpa0B67GxRgmKRuR3oNR5SPAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUxfsH89JxSyz+SXH4p/sEk8kx4lEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzkzMTJlMzIzMzMwMmUzMTMx
MzEyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
W+ZvMA0GCSqGSIb3DQEBCwUAA4IBAQAAFtWviuZsaKBH9KV6pE3pfm36WamEFPt0
MNr408KM7znOPD+NbLuJvcx7mUN2rN3A3HL7hdLJkQZuoQ208ArvDT/ivn3iI6Us
MPG6fdLU6oF+ljHOcKgDQwX5H7VSvzUFvEfUWLXFJ4Pwvi0ixStMnZh9zBnh2bu9
aaChEIzIagyhvpXDFhu6SmHXWAh3YXLCRLsGV8mkrwvf5z/A+/I96eOYW4Z2oabX
mZg8Ivz/YVpEU1s+zd14Tj9NhHRSqNi0gfwBWwR0jbcbxvXG+LJzTlEiaAa4JYeN
ODIYo0EFxiTg9cK/pzHzMZfQL6bKXc7DDAkvpHGID73jhWBjdt1/
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:42:01 2025 by rpki-client