Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/3139332e3136382e3138342e302f32342d3234203d3e203432343233.roa
File: 3139332e3136382e3138342e302f32342d3234203d3e203432343233.roa (raw, json)
Hash identifier: Iz06+Pwv2M+di5qjVXLucAYbs8iuVXevsOznZd3+D4g=
Subject key identifier: 87:7B:77:56:CB:00:74:96:BF:48:DD:4F:7D:FB:82:0B:4C:0F:D8:A4
Certificate issuer: /CN=7fea37fdfe29b34173e97f1b637a44ec41acebb8
Certificate serial: 52DB314846012F7ADA1A3DEF9EEE0D8463ED8041
Authority key identifier: 7F:EA:37:FD:FE:29:B3:41:73:E9:7F:1B:63:7A:44:EC:41:AC:EB:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/3139332e3136382e3138342e302f32342d3234203d3e203432343233.roa
Signing time: Wed 06 May 2026 16:45:00 +0000
ROA not before: Wed 06 May 2026 16:40:00 +0000
ROA not after: Wed 05 May 2027 16:45:00 +0000
asID: 42423
IP address blocks: 193.168.184.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.crl
rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.mft
rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 19:46:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:db:31:48:46:01:2f:7a:da:1a:3d:ef:9e:ee:0d:84:63:ed:80:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fea37fdfe29b34173e97f1b637a44ec41acebb8
Validity
Not Before: May 6 16:40:00 2026 GMT
Not After : May 5 16:45:00 2027 GMT
Subject: CN=877B7756CB007496BF48DD4F7DFB820B4C0FD8A4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:38:36:35:da:99:2d:a2:3a:77:aa:58:a6:77:
f0:51:cd:e2:eb:74:65:28:27:92:20:23:ee:35:fd:
3c:92:17:e6:ba:dc:91:95:25:6a:ba:1f:b3:72:c2:
f3:95:54:35:b6:99:28:95:0e:a4:77:51:d2:69:2c:
67:c9:e3:7c:65:03:26:c3:b3:26:6b:86:da:4e:aa:
8b:7f:ff:38:c2:f8:4f:19:76:1b:d1:5c:39:61:0b:
f6:8d:35:8a:04:94:e3:eb:f8:74:14:7f:9f:a4:d7:
83:a1:52:45:33:79:58:23:97:a1:ee:d7:57:c2:cd:
36:46:c1:18:dc:4c:cb:20:fc:c6:68:c1:4e:60:87:
24:ea:53:33:b5:40:f2:e2:c0:84:90:a8:af:e2:d3:
01:f6:17:4c:43:3f:1b:c8:75:ae:ca:75:65:96:5a:
db:f3:ae:95:93:d7:30:1f:3a:e1:02:93:15:40:00:
e7:b0:02:6c:fd:c0:5c:e6:69:71:35:8f:0c:c6:90:
c3:c2:52:37:60:5b:28:63:4a:b2:e6:af:eb:9c:7c:
3d:ed:70:21:9b:b6:2f:17:07:49:f5:fb:89:40:7b:
98:2c:7a:12:02:58:3d:c2:b8:50:13:d2:2b:b5:ae:
75:b8:ef:0f:c6:6e:67:2a:ec:9a:82:c8:43:d6:22:
2c:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:7B:77:56:CB:00:74:96:BF:48:DD:4F:7D:FB:82:0B:4C:0F:D8:A4
X509v3 Authority Key Identifier:
keyid:7F:EA:37:FD:FE:29:B3:41:73:E9:7F:1B:63:7A:44:EC:41:AC:EB:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/3139332e3136382e3138342e302f32342d3234203d3e203432343233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.184.0/24
Signature Algorithm: sha256WithRSAEncryption
08:3d:0d:d0:50:ca:ac:9a:db:fa:7a:2c:38:8a:7d:bf:5a:e4:
56:85:49:31:4b:96:08:a5:2d:a3:80:75:cf:ce:d3:ba:34:06:
49:22:0c:f9:71:7e:2d:6b:ca:5b:28:53:31:46:8e:db:70:f7:
11:9e:65:26:c3:12:1b:2e:51:a1:87:34:f2:0b:be:98:cf:ac:
32:e3:96:99:cf:e5:f9:d8:bd:87:4b:72:79:24:78:df:8e:c9:
c8:5e:47:57:c9:0a:fc:fb:7b:9e:a6:b3:60:3d:c5:14:83:8f:
d8:06:be:fa:8b:75:e6:db:6b:73:b2:6d:6f:ba:92:46:d9:06:
fd:fa:9c:da:4d:e5:39:89:93:f0:35:18:84:33:83:d2:a7:f9:
4e:76:d4:a9:fc:e9:ed:09:9b:6c:d6:cf:82:83:f8:23:d8:32:
f3:07:ca:19:a8:2d:f2:df:f0:99:68:0e:a5:84:aa:68:0b:4e:
d3:9d:70:ab:99:41:29:f3:ca:57:d9:2f:61:de:5e:9b:5a:1d:
e0:8d:4f:0b:e0:27:a9:cd:b3:94:73:0e:05:af:57:67:c6:f0:
11:6c:06:93:75:e4:2a:30:d5:57:bf:7a:c8:b7:92:ed:71:40:
88:22:a2:9c:54:25:b6:bf:bf:08:26:df:48:5e:50:6c:c3:d4:
03:52:d6:a9
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUUtsxSEYBL3raGj3vnu4NhGPtgEEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2ZlYTM3ZmRmZTI5YjM0MTczZTk3ZjFiNjM3YTQ0ZWM0
MWFjZWJiODAeFw0yNjA1MDYxNjQwMDBaFw0yNzA1MDUxNjQ1MDBaMDMxMTAvBgNV
BAMTKDg3N0I3NzU2Q0IwMDc0OTZCRjQ4REQ0RjdERkI4MjBCNEMwRkQ4QTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0ODY12pktojp3qlimd/BRzeLr
dGUoJ5IgI+41/TySF+a63JGVJWq6H7NywvOVVDW2mSiVDqR3UdJpLGfJ43xlAybD
syZrhtpOqot//zjC+E8ZdhvRXDlhC/aNNYoElOPr+HQUf5+k14OhUkUzeVgjl6Hu
11fCzTZGwRjcTMsg/MZowU5ghyTqUzO1QPLiwISQqK/i0wH2F0xDPxvIda7KdWWW
WtvzrpWT1zAfOuECkxVAAOewAmz9wFzmaXE1jwzGkMPCUjdgWyhjSrLmr+ucfD3t
cCGbti8XB0n1+4lAe5gsehICWD3CuFAT0iu1rnW47w/Gbmcq7JqCyEPWIizdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUh3t3VssAdJa/SN1PffuCC0wP2KQwHwYDVR0j
BBgwFoAUf+o3/f4ps0Fz6X8bY3pE7EGs67gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDNkZDQ4ZWItZDEzNi00ZjBlLWFmOGEtNTdhNmJkZDkz
YTlkLzAvN0ZFQTM3RkRGRTI5QjM0MTczRTk3RjFCNjM3QTQ0RUM0MUFDRUJCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2YtbzNfZjRwczBGejZYOGJZM3BFN0VH
czY3Zy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDNkZDQ4ZWIt
ZDEzNi00ZjBlLWFmOGEtNTdhNmJkZDkzYTlkLzAvMzEzOTMzMmUzMTM2MzgyZTMx
MzgzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzIzNDMyMzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADBqLgwDQYJKoZIhvcNAQELBQADggEBAAg9DdBQyqya2/p6LDiKfb9a5FaFSTFL
lgilLaOAdc/O07o0BkkiDPlxfi1rylsoUzFGjttw9xGeZSbDEhsuUaGHNPILvpjP
rDLjlpnP5fnYvYdLcnkkeN+OycheR1fJCvz7e56ms2A9xRSDj9gGvvqLdebba3Oy
bW+6kkbZBv36nNpN5TmJk/A1GIQzg9Kn+U521Kn86e0Jm2zWz4KD+CPYMvMHyhmo
LfLf8JloDqWEqmgLTtOdcKuZQSnzylfZL2HeXptaHeCNTwvgJ6nNs5RzDgWvV2fG
8BFsBpN15Cow1Ve/esi3ku1xQIgiopxUJba/vwgm30heUGzD1ANS1qk=
-----END CERTIFICATE-----
Generated at Wed May 13 12:39:06 2026 by rpki-client