Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/3139332e3136382e3138352e302f32342d3234203d3e20323135313532.roa
File: 3139332e3136382e3138352e302f32342d3234203d3e20323135313532.roa (raw, json)
Hash identifier: Afhq4U8xxGk8zsdJTFq68yaZYeL/HPyE0z3KZXwjH6s=
Subject key identifier: A3:FF:AD:1E:92:07:FA:84:A4:1F:B7:D0:11:A2:E5:2C:E5:38:FE:B0
Certificate issuer: /CN=7fea37fdfe29b34173e97f1b637a44ec41acebb8
Certificate serial: 128834E6F23FE19B0590A8027B83B29F7BB19175
Authority key identifier: 7F:EA:37:FD:FE:29:B3:41:73:E9:7F:1B:63:7A:44:EC:41:AC:EB:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/3139332e3136382e3138352e302f32342d3234203d3e20323135313532.roa
Signing time: Thu 14 May 2026 15:06:39 +0000
ROA not before: Thu 14 May 2026 15:01:39 +0000
ROA not after: Thu 13 May 2027 15:06:39 +0000
asID: 215152
IP address blocks: 193.168.185.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.crl
rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.mft
rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 May 2026 16:27:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:88:34:e6:f2:3f:e1:9b:05:90:a8:02:7b:83:b2:9f:7b:b1:91:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fea37fdfe29b34173e97f1b637a44ec41acebb8
Validity
Not Before: May 14 15:01:39 2026 GMT
Not After : May 13 15:06:39 2027 GMT
Subject: CN=A3FFAD1E9207FA84A41FB7D011A2E52CE538FEB0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:3b:12:6f:82:19:3e:e4:9d:b8:90:c9:2b:df:
0f:e2:87:fc:34:27:9c:e4:8d:8a:b7:50:55:af:78:
31:3c:68:b1:3f:15:10:f8:ae:28:ae:f2:60:5e:cd:
a6:cd:f3:a6:51:f4:82:c6:9e:cc:8e:5c:79:6c:01:
08:f6:23:4e:d2:b0:8e:53:b2:40:86:aa:da:bb:cc:
42:87:73:43:2d:36:d3:b2:35:12:3c:1e:55:d1:a7:
7f:9e:a7:3a:20:85:9b:df:23:fc:f9:5a:92:62:f0:
eb:1d:80:50:6d:b9:32:70:66:12:8d:b7:e2:c8:c3:
4d:8c:2b:af:16:22:ea:46:0d:60:1c:c3:f4:00:42:
7d:13:f8:b2:2f:2c:c6:a2:4e:f9:1b:55:03:bd:ed:
76:eb:7f:ca:f9:54:87:0e:d5:45:37:72:aa:89:d9:
82:29:3a:e2:d9:a6:37:e8:02:0e:c7:f1:ab:38:7a:
ed:ae:5e:52:df:57:55:b6:fb:0f:cb:8b:e3:12:25:
f0:70:c1:e6:0d:74:4e:be:bd:ab:0d:11:25:32:f9:
d1:cc:58:05:0d:e6:2a:ef:66:6b:bf:4f:1b:05:ab:
a4:18:20:14:a2:44:59:de:8f:b8:e9:65:84:d1:25:
80:07:9d:dd:53:a3:2b:b0:c7:9e:bf:80:7a:25:d8:
d0:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:FF:AD:1E:92:07:FA:84:A4:1F:B7:D0:11:A2:E5:2C:E5:38:FE:B0
X509v3 Authority Key Identifier:
keyid:7F:EA:37:FD:FE:29:B3:41:73:E9:7F:1B:63:7A:44:EC:41:AC:EB:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/3139332e3136382e3138352e302f32342d3234203d3e20323135313532.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.185.0/24
Signature Algorithm: sha256WithRSAEncryption
13:ed:b1:11:79:bd:71:3a:74:1a:53:c7:10:01:35:0c:d5:af:
d6:84:d8:34:8c:5a:ac:40:6e:a4:43:a4:09:cb:04:5f:29:b2:
d0:63:84:ef:90:73:75:2c:f8:2c:3e:a0:ba:af:fe:78:49:5b:
2f:d1:4b:2a:d4:4a:c2:ec:14:80:ae:df:5f:a2:c3:62:9e:8d:
92:41:10:36:50:a7:c8:a6:db:f7:cd:8f:4c:d8:94:c7:73:f1:
05:b1:09:e0:d7:c8:70:39:e7:f5:27:15:ac:83:e0:41:32:5c:
c4:24:c7:b7:34:76:59:f1:b3:fa:fe:10:c3:dc:9f:67:6d:83:
9d:0b:dd:7c:88:a4:2d:73:0f:6f:d6:b0:c5:e1:1a:1d:83:24:
76:8e:89:27:ee:e9:4b:3e:20:09:0b:80:64:04:16:bf:ea:b4:
2f:75:f3:1e:21:6b:90:f7:cb:eb:f1:4d:aa:4f:92:d3:cf:66:
6f:8f:50:73:ca:6c:ea:b0:9b:ab:a6:cd:a7:3e:20:ed:c2:02:
d1:f1:da:e9:f4:2b:03:82:db:93:a1:f4:9d:c8:c8:35:e2:9e:
c4:49:2d:5b:75:46:04:32:42:f5:53:3d:4f:c1:a8:94:aa:a7:
4d:a2:46:66:65:0e:ec:60:76:7d:92:87:8e:87:d1:87:ee:89:
ed:b4:e7:77
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUEog05vI/4ZsFkKgCe4Oyn3uxkXUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2ZlYTM3ZmRmZTI5YjM0MTczZTk3ZjFiNjM3YTQ0ZWM0
MWFjZWJiODAeFw0yNjA1MTQxNTAxMzlaFw0yNzA1MTMxNTA2MzlaMDMxMTAvBgNV
BAMTKEEzRkZBRDFFOTIwN0ZBODRBNDFGQjdEMDExQTJFNTJDRTUzOEZFQjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCOxJvghk+5J24kMkr3w/ih/w0
J5zkjYq3UFWveDE8aLE/FRD4riiu8mBezabN86ZR9ILGnsyOXHlsAQj2I07SsI5T
skCGqtq7zEKHc0MtNtOyNRI8HlXRp3+epzoghZvfI/z5WpJi8OsdgFBtuTJwZhKN
t+LIw02MK68WIupGDWAcw/QAQn0T+LIvLMaiTvkbVQO97Xbrf8r5VIcO1UU3cqqJ
2YIpOuLZpjfoAg7H8as4eu2uXlLfV1W2+w/Li+MSJfBwweYNdE6+vasNESUy+dHM
WAUN5irvZmu/TxsFq6QYIBSiRFnej7jpZYTRJYAHnd1Toyuwx56/gHol2NDRAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUo/+tHpIH+oSkH7fQEaLlLOU4/rAwHwYDVR0j
BBgwFoAUf+o3/f4ps0Fz6X8bY3pE7EGs67gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDNkZDQ4ZWItZDEzNi00ZjBlLWFmOGEtNTdhNmJkZDkz
YTlkLzAvN0ZFQTM3RkRGRTI5QjM0MTczRTk3RjFCNjM3QTQ0RUM0MUFDRUJCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2YtbzNfZjRwczBGejZYOGJZM3BFN0VH
czY3Zy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDNkZDQ4ZWIt
ZDEzNi00ZjBlLWFmOGEtNTdhNmJkZDkzYTlkLzAvMzEzOTMzMmUzMTM2MzgyZTMx
MzgzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNTMxMzUzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMGouTANBgkqhkiG9w0BAQsFAAOCAQEAE+2xEXm9cTp0GlPHEAE1DNWv1oTY
NIxarEBupEOkCcsEXymy0GOE75BzdSz4LD6guq/+eElbL9FLKtRKwuwUgK7fX6LD
Yp6NkkEQNlCnyKbb982PTNiUx3PxBbEJ4NfIcDnn9ScVrIPgQTJcxCTHtzR2WfGz
+v4Qw9yfZ22DnQvdfIikLXMPb9awxeEaHYMkdo6JJ+7pSz4gCQuAZAQWv+q0L3Xz
HiFrkPfL6/FNqk+S089mb49Qc8ps6rCbq6bNpz4g7cIC0fHa6fQrA4Lbk6H0ncjI
NeKexEktW3VGBDJC9VM9T8GolKqnTaJGZmUO7GB2fZKHjofRh+6J7bTndw==
-----END CERTIFICATE-----
Generated at Mon May 25 05:43:43 2026 by rpki-client