Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39332e3131342e36302e302f32342d3234203d3e20313336373837.roa
File: 39332e3131342e36302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: xdP8udQOBwXidVcMpjYljf9LFonU5hGY/UBJEnjdv8o=
Subject key identifier: A9:E0:C7:69:62:72:86:C5:97:AC:D1:D3:43:F9:B3:30:65:C4:DA:BD
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5A8C237C2E2AA95B743981CCFEC3A5C9F84575E0
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39332e3131342e36302e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 29 Oct 2025 14:48:47 +0000
ROA not before: Wed 29 Oct 2025 14:43:47 +0000
ROA not after: Wed 28 Oct 2026 14:48:47 +0000
asID: 136787
IP address blocks: 93.114.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 19:48:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:8c:23:7c:2e:2a:a9:5b:74:39:81:cc:fe:c3:a5:c9:f8:45:75:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 29 14:43:47 2025 GMT
Not After : Oct 28 14:48:47 2026 GMT
Subject: CN=A9E0C769627286C597ACD1D343F9B33065C4DABD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:93:ab:08:c3:0f:26:71:fe:d0:9b:67:7f:e9:
ab:f5:0f:29:ed:e7:96:40:16:1b:f1:1c:ab:9a:96:
01:52:a7:c5:2d:77:0c:03:ad:02:6b:3f:56:ff:44:
7a:65:b6:e5:9d:89:7f:25:68:cf:31:19:de:4b:3f:
bb:04:14:93:21:a2:dd:c7:0d:d1:58:14:6a:56:b4:
89:f8:d1:63:3b:3d:28:fd:ed:ba:7f:73:ad:ad:d3:
f0:ca:34:f5:64:97:65:c7:aa:73:91:ba:c5:f0:70:
06:64:bb:a4:21:69:b1:30:71:e5:ba:df:e0:64:2b:
3d:4a:f1:74:a0:15:16:d8:4e:17:95:8f:bd:5b:2a:
bf:c1:00:60:8b:50:9c:3a:ad:7c:d6:49:ed:fd:09:
1b:d2:5e:51:c9:33:ee:ee:8b:f3:28:22:c8:e7:95:
fe:25:da:87:58:db:24:48:42:40:d6:b7:61:c3:78:
f3:c6:8e:54:64:94:cc:21:02:7b:b5:1d:83:73:2d:
cf:e2:f5:af:dd:6e:30:e1:c3:49:df:94:a0:3d:7a:
62:39:cb:04:36:2d:3f:68:c3:81:f1:9c:da:68:94:
a9:ea:a3:db:9d:09:8c:0a:07:09:0e:7b:58:b3:9b:
08:b4:64:0e:8c:0b:62:7b:bf:ac:f2:c8:34:54:3b:
f9:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:E0:C7:69:62:72:86:C5:97:AC:D1:D3:43:F9:B3:30:65:C4:DA:BD
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39332e3131342e36302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.114.60.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:51:dd:31:aa:57:15:4c:e6:9f:83:d8:d1:0f:a3:cc:92:06:
c2:07:e8:a4:b1:be:53:1f:04:c2:54:a0:d2:a7:d7:fe:6a:12:
ef:23:b7:e2:ac:89:59:7a:52:b5:6b:6a:61:ab:e1:a8:20:3a:
34:0d:e2:8e:b4:5f:10:98:a6:e3:b1:76:d3:a5:da:e7:a0:8f:
c8:3e:2e:29:fc:13:4e:80:8e:89:70:71:73:50:84:18:bf:68:
86:d0:5f:0e:71:4b:6b:0b:66:f9:e3:b4:e3:ae:ad:b8:88:9e:
71:48:0f:c9:40:88:a7:0e:be:8f:78:3d:14:39:8c:48:3c:bd:
a6:e7:38:ef:4c:82:91:25:e5:f8:79:9c:ae:3a:34:78:0f:3d:
a9:97:85:83:02:6a:bc:65:7d:b6:44:06:3d:d5:4f:cf:a1:9b:
a9:81:56:b1:e2:2c:bc:0c:90:b9:fa:25:fd:b5:a6:b9:34:23:
f8:1f:35:c5:d9:a5:9d:dd:44:11:b6:5c:2b:8a:66:7f:f9:54:
22:d1:5e:b5:2e:3b:4b:4b:88:b0:98:35:51:0f:a9:d7:3c:b2:
8f:8f:83:7e:ad:0c:ba:6d:ec:5d:7e:ab:5c:53:14:9c:e0:20:
f3:80:3d:9c:53:40:42:50:1f:92:77:87:77:b8:c3:e4:bd:11:
d5:c6:26:01
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUWowjfC4qqVt0OYHM/sOlyfhFdeAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTEwMjkxNDQzNDdaFw0yNjEwMjgxNDQ4NDdaMDMxMTAvBgNV
BAMTKEE5RTBDNzY5NjI3Mjg2QzU5N0FDRDFEMzQzRjlCMzMwNjVDNERBQkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtk6sIww8mcf7Qm2d/6av1Dynt
55ZAFhvxHKualgFSp8UtdwwDrQJrP1b/RHpltuWdiX8laM8xGd5LP7sEFJMhot3H
DdFYFGpWtIn40WM7PSj97bp/c62t0/DKNPVkl2XHqnORusXwcAZku6QhabEwceW6
3+BkKz1K8XSgFRbYTheVj71bKr/BAGCLUJw6rXzWSe39CRvSXlHJM+7ui/MoIsjn
lf4l2odY2yRIQkDWt2HDePPGjlRklMwhAnu1HYNzLc/i9a/dbjDhw0nflKA9emI5
ywQ2LT9ow4HxnNpolKnqo9udCYwKBwkOe1izmwi0ZA6MC2J7v6zyyDRUO/kfAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUqeDHaWJyhsWXrNHTQ/mzMGXE2r0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzkzMzJlMzEzMTM0MmUzNjMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
XXI8MA0GCSqGSIb3DQEBCwUAA4IBAQB9Ud0xqlcVTOafg9jRD6PMkgbCB+iksb5T
HwTCVKDSp9f+ahLvI7firIlZelK1a2phq+GoIDo0DeKOtF8QmKbjsXbTpdrnoI/I
Pi4p/BNOgI6JcHFzUIQYv2iG0F8OcUtrC2b547Tjrq24iJ5xSA/JQIinDr6PeD0U
OYxIPL2m5zjvTIKRJeX4eZyuOjR4Dz2pl4WDAmq8ZX22RAY91U/PoZupgVax4iy8
DJC5+iX9taa5NCP4HzXF2aWd3UQRtlwrimZ/+VQi0V61LjtLS4iwmDVRD6nXPLKP
j4N+rQy6bexdfqtcUxSc4CDzgD2cU0BCUB+Sd4d3uMPkvRHVxiYB
-----END CERTIFICATE-----
Generated at Wed Nov 5 07:13:42 2025 by rpki-client