Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e3135302e3230342e302f32342d3234203d3e20323132333335.roa
File: 3139342e3135302e3230342e302f32342d3234203d3e20323132333335.roa (raw, json)
Hash identifier: UHzdwINy3X5D7Bq/KWbJ8Elw7/dD3nzv31C1/IprIUE=
Subject key identifier: 15:1B:6E:BC:1C:F8:CF:CE:ED:95:D9:02:69:45:8A:CF:39:88:26:91
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 1777A172231E5F7CCB1E14A977282FAC5FBF6984
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e3135302e3230342e302f32342d3234203d3e20323132333335.roa
Signing time: Tue 28 Apr 2026 07:47:06 +0000
ROA not before: Tue 28 Apr 2026 07:42:06 +0000
ROA not after: Tue 27 Apr 2027 07:47:06 +0000
asID: 212335
IP address blocks: 194.150.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.mft
rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 May 2026 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:77:a1:72:23:1e:5f:7c:cb:1e:14:a9:77:28:2f:ac:5f:bf:69:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Apr 28 07:42:06 2026 GMT
Not After : Apr 27 07:47:06 2027 GMT
Subject: CN=151B6EBC1CF8CFCEED95D90269458ACF39882691
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:43:8a:29:ce:fb:82:e2:67:6d:38:ee:0f:c6:
49:d7:a9:96:f7:66:9b:fd:89:bd:d5:1f:96:59:d4:
82:72:3b:22:6c:33:ba:2a:07:31:e0:5f:89:20:75:
06:03:ee:2d:93:f5:18:96:5a:ae:07:e2:8d:8d:c4:
4c:6b:e0:14:36:fa:65:d5:04:73:1c:4a:8b:09:25:
f1:7f:28:f6:d4:ac:5b:c3:be:2d:7a:68:47:bf:58:
fd:c4:c6:1d:4b:52:ac:a0:12:70:48:c8:a5:d5:8d:
9d:a4:4b:eb:c7:de:4f:ef:95:7b:9f:cb:4a:5b:4b:
15:35:e1:b2:3a:89:37:3d:ae:10:35:8f:c0:14:7f:
5f:12:75:79:c2:b0:bf:fb:89:93:f2:57:ad:9a:c4:
fe:41:b7:bf:9a:63:59:18:2f:d7:2e:2b:88:b0:93:
60:8a:89:69:7b:cf:dd:85:b6:a0:08:04:11:e2:30:
8c:c8:56:62:2e:58:43:03:6e:a8:91:98:78:50:9c:
83:2c:83:cb:ba:ef:22:25:b7:ed:e9:7e:49:03:02:
f4:c9:ad:49:36:27:e0:68:b9:0c:c5:15:03:85:97:
85:d1:87:3b:b4:75:f7:4d:de:c9:c7:f8:18:f8:66:
81:03:84:5a:f6:57:65:45:b4:ad:74:0f:9e:23:61:
d4:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:1B:6E:BC:1C:F8:CF:CE:ED:95:D9:02:69:45:8A:CF:39:88:26:91
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e3135302e3230342e302f32342d3234203d3e20323132333335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.150.204.0/24
Signature Algorithm: sha256WithRSAEncryption
99:17:14:67:e9:17:12:5a:01:3b:5b:89:d4:5e:5b:40:8c:65:
a9:b7:94:1b:38:8a:41:14:74:31:9c:68:60:2c:34:6b:57:47:
fc:10:f4:e8:0f:1e:17:e4:f7:51:e5:ca:62:d2:b8:21:74:b3:
75:97:a0:0e:4c:1a:94:56:6e:d2:6c:22:23:f4:51:f0:c4:dd:
c5:1d:86:4e:65:b1:4e:06:9b:16:2b:d2:aa:d4:41:08:f1:71:
5c:70:85:6e:b6:92:fc:b3:11:06:3a:c3:fc:87:a7:7f:3d:87:
55:23:95:7b:2e:94:b1:70:4c:89:28:23:c5:01:9f:f5:bb:80:
16:ba:3d:33:31:65:d6:c7:65:4b:ff:d0:4c:11:e6:b3:3d:4d:
2a:d0:1d:a7:f1:9e:b3:2c:14:35:e6:9a:cf:ad:72:ad:d2:48:
7a:1a:55:0d:c2:a8:62:37:7b:8c:ab:ff:f4:c8:ea:c1:a7:32:
a6:6c:38:01:73:ff:c0:5b:ca:0c:65:54:fd:02:31:23:e2:a2:
48:a5:8e:34:6b:f9:67:9d:f3:76:aa:74:94:c7:98:5f:5e:e8:
bb:5a:ee:0e:87:c5:a5:ea:ab:f3:60:49:7e:b3:9e:cf:9c:e9:
60:b2:3a:99:4a:bc:13:ce:13:5b:d1:f3:2c:b9:c4:23:dc:c4:
d6:b9:de:65
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUF3ehciMeX3zLHhSpdygvrF+/aYQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNjA0MjgwNzQyMDZaFw0yNzA0MjcwNzQ3MDZaMDMxMTAvBgNV
BAMTKDE1MUI2RUJDMUNGOENGQ0VFRDk1RDkwMjY5NDU4QUNGMzk4ODI2OTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtQ4opzvuC4mdtOO4PxknXqZb3
Zpv9ib3VH5ZZ1IJyOyJsM7oqBzHgX4kgdQYD7i2T9RiWWq4H4o2NxExr4BQ2+mXV
BHMcSosJJfF/KPbUrFvDvi16aEe/WP3Exh1LUqygEnBIyKXVjZ2kS+vH3k/vlXuf
y0pbSxU14bI6iTc9rhA1j8AUf18SdXnCsL/7iZPyV62axP5Bt7+aY1kYL9cuK4iw
k2CKiWl7z92FtqAIBBHiMIzIVmIuWEMDbqiRmHhQnIMsg8u67yIlt+3pfkkDAvTJ
rUk2J+BouQzFFQOFl4XRhzu0dfdN3snH+Bj4ZoEDhFr2V2VFtK10D54jYdRPAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUFRtuvBz4z87tldkCaUWKzzmIJpEwHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzEzOTM0MmUzMTM1MzAyZTMy
MzAzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMzMzMzNS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMKWzDANBgkqhkiG9w0BAQsFAAOCAQEAmRcUZ+kXEloBO1uJ1F5bQIxlqbeU
GziKQRR0MZxoYCw0a1dH/BD06A8eF+T3UeXKYtK4IXSzdZegDkwalFZu0mwiI/RR
8MTdxR2GTmWxTgabFivSqtRBCPFxXHCFbraS/LMRBjrD/Ienfz2HVSOVey6UsXBM
iSgjxQGf9buAFro9MzFl1sdlS//QTBHmsz1NKtAdp/GesywUNeaaz61yrdJIehpV
DcKoYjd7jKv/9Mjqwacypmw4AXP/wFvKDGVU/QIxI+KiSKWONGv5Z53zdqp0lMeY
X17ou1ruDofFpeqr82BJfrOez5zpYLI6mUq8E84TW9HzLLnEI9zE1rneZQ==
-----END CERTIFICATE-----
Generated at Sat May 9 12:07:49 2026 by rpki-client