Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/3139332e3136382e3138352e302f32342d3234203d3e20313532393232.roa
File: 3139332e3136382e3138352e302f32342d3234203d3e20313532393232.roa (raw, json)
Hash identifier: 96ah8Tx4Fpl+ZYG04XU1/BXpf2WEMTkxQAte1reK0Gw=
Subject key identifier: 17:6B:59:1A:2B:CD:D6:2B:DF:F0:40:06:29:91:C9:77:6C:AD:B4:78
Certificate issuer: /CN=7fea37fdfe29b34173e97f1b637a44ec41acebb8
Certificate serial: 5AB93BF09F7C7EF53213B7AE63DFEFEDA33C503E
Authority key identifier: 7F:EA:37:FD:FE:29:B3:41:73:E9:7F:1B:63:7A:44:EC:41:AC:EB:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/3139332e3136382e3138352e302f32342d3234203d3e20313532393232.roa
Signing time: Thu 18 Jun 2026 09:19:14 +0000
ROA not before: Thu 18 Jun 2026 09:14:14 +0000
ROA not after: Thu 17 Jun 2027 09:19:14 +0000
asID: 152922
IP address blocks: 193.168.185.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.crl
rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.mft
rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Jun 2026 06:54:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:b9:3b:f0:9f:7c:7e:f5:32:13:b7:ae:63:df:ef:ed:a3:3c:50:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fea37fdfe29b34173e97f1b637a44ec41acebb8
Validity
Not Before: Jun 18 09:14:14 2026 GMT
Not After : Jun 17 09:19:14 2027 GMT
Subject: CN=176B591A2BCDD62BDFF040062991C9776CADB478
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:5a:78:4b:15:e3:48:6c:5f:6f:a4:98:d3:95:
78:ee:e9:6d:fc:e7:5c:4e:7d:ab:c9:32:a9:44:cc:
45:18:56:83:fb:16:eb:a5:66:35:15:6c:0f:f8:76:
33:17:22:ac:49:d3:a1:51:57:19:8d:8f:ad:f9:8a:
47:e2:cf:2f:40:98:5a:70:53:6e:d9:ff:ae:44:60:
97:0b:53:e9:af:58:b9:48:bd:56:e1:61:fc:28:3c:
55:18:c4:9c:a1:90:14:16:2b:c1:9c:7c:2a:18:58:
a8:33:3d:0e:2e:bc:a2:25:5e:5f:d1:4f:09:cd:0e:
91:44:66:34:f2:62:23:d0:19:2b:02:b7:cf:1c:45:
d3:86:f7:60:4d:b0:31:6d:f6:a8:0e:88:23:63:b9:
76:2a:a0:83:f1:67:0c:b8:66:93:bc:82:97:fa:18:
9f:b2:58:cb:79:e3:53:4d:7b:d5:45:6f:4f:1d:cf:
ff:b2:6e:8d:63:6a:0e:4f:30:4f:2d:6f:84:6e:05:
6e:7a:9b:52:a3:7a:4c:33:4c:8a:56:16:3d:e8:77:
24:f7:54:3c:0d:a4:1b:8a:30:26:ed:6a:23:d8:85:
7e:fc:a9:5e:75:93:02:8f:66:ce:37:c1:77:76:7a:
79:f6:d6:03:55:5d:fe:77:37:3d:ae:ee:56:a0:40:
12:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:6B:59:1A:2B:CD:D6:2B:DF:F0:40:06:29:91:C9:77:6C:AD:B4:78
X509v3 Authority Key Identifier:
keyid:7F:EA:37:FD:FE:29:B3:41:73:E9:7F:1B:63:7A:44:EC:41:AC:EB:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/3139332e3136382e3138352e302f32342d3234203d3e20313532393232.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.185.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:dc:aa:bf:c4:76:19:47:42:20:43:ed:09:75:af:fd:5c:90:
25:dd:bc:8c:f4:02:fb:df:bc:e3:9e:57:9e:39:19:43:4c:5b:
59:ba:79:c3:30:d7:6b:b5:b8:34:84:f6:c5:46:00:46:97:c6:
2f:2e:19:48:52:8e:f7:5f:f1:74:ce:72:2e:a9:e5:cd:2a:f1:
fb:30:22:e3:66:98:81:c8:e8:eb:7b:2a:6d:01:08:f9:67:31:
8a:38:33:65:d2:2a:75:6f:79:2b:9e:da:c8:77:65:e4:ff:35:
9e:54:30:f2:e3:ef:36:14:b9:91:70:13:60:86:ef:84:59:93:
44:21:17:53:ca:94:70:37:9d:d3:a2:c1:85:4a:38:6b:8c:4d:
72:48:e8:71:be:54:57:d5:85:a8:17:64:50:46:c0:b3:50:4a:
ba:32:2b:24:49:3c:9d:8f:47:a5:e9:3d:ba:d9:cd:38:11:c1:
a9:0e:5b:33:23:bf:2e:49:4a:9e:79:24:aa:32:91:1b:e0:be:
11:dc:70:75:ea:7b:b5:0f:c7:68:3b:7a:a9:fa:c3:cb:e9:04:
a5:3a:9a:b0:92:ab:3f:c2:36:58:09:97:28:4c:f7:b5:1a:17:
7c:ba:6a:96:2e:9a:d8:ae:43:05:91:19:da:60:e2:7d:06:ff:
ee:84:37:e9
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUWrk78J98fvUyE7euY9/v7aM8UD4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2ZlYTM3ZmRmZTI5YjM0MTczZTk3ZjFiNjM3YTQ0ZWM0
MWFjZWJiODAeFw0yNjA2MTgwOTE0MTRaFw0yNzA2MTcwOTE5MTRaMDMxMTAvBgNV
BAMTKDE3NkI1OTFBMkJDREQ2MkJERkYwNDAwNjI5OTFDOTc3NkNBREI0NzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDWnhLFeNIbF9vpJjTlXju6W38
51xOfavJMqlEzEUYVoP7FuulZjUVbA/4djMXIqxJ06FRVxmNj635ikfizy9AmFpw
U27Z/65EYJcLU+mvWLlIvVbhYfwoPFUYxJyhkBQWK8GcfCoYWKgzPQ4uvKIlXl/R
TwnNDpFEZjTyYiPQGSsCt88cRdOG92BNsDFt9qgOiCNjuXYqoIPxZwy4ZpO8gpf6
GJ+yWMt541NNe9VFb08dz/+ybo1jag5PME8tb4RuBW56m1KjekwzTIpWFj3odyT3
VDwNpBuKMCbtaiPYhX78qV51kwKPZs43wXd2enn21gNVXf53Nz2u7lagQBJhAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUF2tZGivN1ivf8EAGKZHJd2yttHgwHwYDVR0j
BBgwFoAUf+o3/f4ps0Fz6X8bY3pE7EGs67gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDNkZDQ4ZWItZDEzNi00ZjBlLWFmOGEtNTdhNmJkZDkz
YTlkLzAvN0ZFQTM3RkRGRTI5QjM0MTczRTk3RjFCNjM3QTQ0RUM0MUFDRUJCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2YtbzNfZjRwczBGejZYOGJZM3BFN0VH
czY3Zy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDNkZDQ4ZWIt
ZDEzNi00ZjBlLWFmOGEtNTdhNmJkZDkzYTlkLzAvMzEzOTMzMmUzMTM2MzgyZTMx
MzgzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzUzMjM5MzIzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMGouTANBgkqhkiG9w0BAQsFAAOCAQEAwdyqv8R2GUdCIEPtCXWv/VyQJd28
jPQC+9+8455XnjkZQ0xbWbp5wzDXa7W4NIT2xUYARpfGLy4ZSFKO91/xdM5yLqnl
zSrx+zAi42aYgcjo63sqbQEI+WcxijgzZdIqdW95K57ayHdl5P81nlQw8uPvNhS5
kXATYIbvhFmTRCEXU8qUcDed06LBhUo4a4xNckjocb5UV9WFqBdkUEbAs1BKujIr
JEk8nY9Hpek9utnNOBHBqQ5bMyO/LklKnnkkqjKRG+C+Edxwdep7tQ/HaDt6qfrD
y+kEpTqasJKrP8I2WAmXKEz3tRoXfLpqli6a2K5DBZEZ2mDifQb/7oQ36Q==
-----END CERTIFICATE-----
Generated at Sat Jun 27 23:50:16 2026 by rpki-client