Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/352e3139392e302e302f32332d3234203d3e20383334.roa
File: 352e3139392e302e302f32332d3234203d3e20383334.roa (raw, json)
Hash identifier: orlzScj6pxFg9KKDL4i4KRSFWxeOBKcrwBKbslho96k=
Subject key identifier: 3B:DE:17:0E:11:9B:E4:5E:B5:D3:D4:92:C7:0F:D0:9E:22:81:D7:2D
Certificate issuer: /CN=4b3aca3a7c652a9faf8e4e119bd2f7bf54afde76
Certificate serial: 56CC76B454FD3C6B3B89DBD718B6E6A9FD025CDB
Authority key identifier: 4B:3A:CA:3A:7C:65:2A:9F:AF:8E:4E:11:9B:D2:F7:BF:54:AF:DE:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/352e3139392e302e302f32332d3234203d3e20383334.roa
Signing time: Fri 19 Jun 2026 09:12:26 +0000
ROA not before: Fri 19 Jun 2026 09:07:26 +0000
ROA not after: Fri 18 Jun 2027 09:12:26 +0000
asID: 834
IP address blocks: 5.199.0.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.crl
rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.mft
rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:cc:76:b4:54:fd:3c:6b:3b:89:db:d7:18:b6:e6:a9:fd:02:5c:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b3aca3a7c652a9faf8e4e119bd2f7bf54afde76
Validity
Not Before: Jun 19 09:07:26 2026 GMT
Not After : Jun 18 09:12:26 2027 GMT
Subject: CN=3BDE170E119BE45EB5D3D492C70FD09E2281D72D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:86:d7:02:f0:a0:dc:7a:c6:4a:33:2e:eb:41:
d0:72:fb:ec:47:40:e1:b0:01:9d:4a:37:8a:d3:1c:
54:a4:59:e9:75:01:8e:1e:21:f0:b6:53:9e:1c:6f:
68:e3:0f:c7:e4:1a:e9:53:2c:73:b8:22:aa:8a:b4:
dd:38:cb:e6:ed:68:07:01:e7:57:0e:19:52:e0:e9:
96:a3:4d:bb:ad:53:cf:f8:02:15:7f:90:db:f4:c9:
93:cd:8c:ec:32:09:f7:23:a7:43:da:a3:e1:3b:77:
fe:8a:49:f5:26:29:aa:ea:73:f9:76:51:fb:83:fb:
86:ef:17:e7:be:d7:ef:2f:fc:db:e9:45:f5:c2:b2:
d3:c7:f3:df:68:67:ee:34:33:c8:3c:d2:bc:5b:72:
79:eb:3d:9f:93:a0:30:d7:71:c0:f8:16:9a:9b:42:
df:36:0b:20:22:ca:76:d2:45:aa:3e:52:a9:3d:9b:
b5:29:c8:32:cb:46:a9:f9:17:71:df:58:3b:bf:30:
19:ce:d2:14:8e:4b:c8:2a:ad:e1:ec:f3:ab:72:69:
89:c2:d8:3a:06:6c:c9:68:65:38:bb:a9:d4:56:73:
67:85:fe:45:1d:c9:60:5a:db:dc:28:b1:d8:05:62:
ed:18:7c:89:a8:11:04:8b:14:03:14:60:35:10:47:
78:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:DE:17:0E:11:9B:E4:5E:B5:D3:D4:92:C7:0F:D0:9E:22:81:D7:2D
X509v3 Authority Key Identifier:
keyid:4B:3A:CA:3A:7C:65:2A:9F:AF:8E:4E:11:9B:D2:F7:BF:54:AF:DE:76
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/352e3139392e302e302f32332d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.199.0.0/23
Signature Algorithm: sha256WithRSAEncryption
83:13:65:51:d0:0e:f0:1d:4e:60:43:4c:44:0b:43:ac:6c:07:
81:76:7b:31:7d:b8:e8:da:d3:64:72:a8:90:86:9c:a9:a2:f4:
d7:c0:63:98:ce:53:c8:5d:77:39:51:03:bd:06:b1:56:71:98:
05:7b:e1:fc:ab:35:50:2d:70:f2:0e:37:45:3d:ea:84:a4:25:
2f:10:42:68:31:7c:f5:fb:41:59:b8:02:90:f6:db:ea:94:4f:
ca:fe:49:e5:34:8a:92:69:a5:36:52:81:46:97:59:92:cb:e6:
a6:55:1e:8b:0a:d3:0b:81:1c:a2:ab:a4:e0:7a:3b:2b:88:a5:
3f:1c:0c:36:8e:a7:ea:99:9a:df:20:c1:ee:6c:11:eb:29:db:
c8:b5:12:fa:ee:f8:a2:10:f1:f2:b2:01:19:6a:ca:82:c3:50:
05:57:1b:a6:e5:5b:6d:64:5e:9e:ed:02:c0:af:fd:e0:79:35:
cb:ec:98:54:6f:ad:bb:07:a7:ba:cb:66:39:6d:59:b7:12:00:
02:b6:ec:af:13:44:26:54:7a:c5:e6:48:f3:3e:75:78:15:84:
51:68:65:af:7a:0e:4a:4e:07:a3:c3:fd:58:6f:c2:9a:13:3e:
0c:fb:17:02:65:41:61:1d:c3:bb:48:64:3f:91:5c:19:b2:c1:
da:30:0c:2c
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUVsx2tFT9PGs7idvXGLbmqf0CXNswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGIzYWNhM2E3YzY1MmE5ZmFmOGU0ZTExOWJkMmY3YmY1
NGFmZGU3NjAeFw0yNjA2MTkwOTA3MjZaFw0yNzA2MTgwOTEyMjZaMDMxMTAvBgNV
BAMTKDNCREUxNzBFMTE5QkU0NUVCNUQzRDQ5MkM3MEZEMDlFMjI4MUQ3MkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNhtcC8KDcesZKMy7rQdBy++xH
QOGwAZ1KN4rTHFSkWel1AY4eIfC2U54cb2jjD8fkGulTLHO4IqqKtN04y+btaAcB
51cOGVLg6ZajTbutU8/4AhV/kNv0yZPNjOwyCfcjp0Pao+E7d/6KSfUmKarqc/l2
UfuD+4bvF+e+1+8v/NvpRfXCstPH899oZ+40M8g80rxbcnnrPZ+ToDDXccD4Fpqb
Qt82CyAiynbSRao+Uqk9m7UpyDLLRqn5F3HfWDu/MBnO0hSOS8gqreHs86tyaYnC
2DoGbMloZTi7qdRWc2eF/kUdyWBa29wosdgFYu0YfImoEQSLFAMUYDUQR3iNAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUO94XDhGb5F6109SSxw/QniKB1y0wHwYDVR0j
BBgwFoAUSzrKOnxlKp+vjk4Rm9L3v1Sv3nYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGQ4NTRjNzctZmQ4Yi00MjVhLWJkNTUtODJlMWQ3ZmFh
NzgyLzAvNEIzQUNBM0E3QzY1MkE5RkFGOEU0RTExOUJEMkY3QkY1NEFGREU3Ni5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1N6cktPbnhsS3AtdmprNFJtOUwzdjFT
djNuWS5jZXIwgaMGCCsGAQUFBwELBIGWMIGTMIGQBggrBgEFBQcwC4aBg3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGQ4NTRjNzct
ZmQ4Yi00MjVhLWJkNTUtODJlMWQ3ZmFhNzgyLzAvMzUyZTMxMzkzOTJlMzAyZTMw
MmYzMjMzMmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAEFxwAwDQYJKoZI
hvcNAQELBQADggEBAIMTZVHQDvAdTmBDTEQLQ6xsB4F2ezF9uOja02RyqJCGnKmi
9NfAY5jOU8hddzlRA70GsVZxmAV74fyrNVAtcPION0U96oSkJS8QQmgxfPX7QVm4
ApD22+qUT8r+SeU0ipJppTZSgUaXWZLL5qZVHosK0wuBHKKrpOB6OyuIpT8cDDaO
p+qZmt8gwe5sEesp28i1Evru+KIQ8fKyARlqyoLDUAVXG6blW21kXp7tAsCv/eB5
NcvsmFRvrbsHp7rLZjltWbcSAAK27K8TRCZUesXmSPM+dXgVhFFoZa96DkpOB6PD
/VhvwpoTPgz7FwJlQWEdw7tIZD+RXBmywdowDCw=
-----END CERTIFICATE-----
Generated at Mon Jun 29 09:59:51 2026 by rpki-client