Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e35302e3232342e302f32342d3234203d3e20323132323338.roa
File: 3139342e35302e3232342e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: kpmT1YVYkqDVD1xtAO6q6GqhqK8i87KXMBeGomGmaDY=
Subject key identifier: 5F:2C:AF:C6:9F:6A:F4:54:79:39:82:78:7D:F6:02:71:44:57:40:95
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 7294A97854ACAD8228302D99D4CBD7412657F0EE
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e35302e3232342e302f32342d3234203d3e20323132323338.roa
Signing time: Wed 04 Mar 2026 10:20:32 +0000
ROA not before: Wed 04 Mar 2026 10:15:32 +0000
ROA not after: Wed 03 Mar 2027 10:20:32 +0000
asID: 212238
IP address blocks: 194.50.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.mft
rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Mar 2026 12:39:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:94:a9:78:54:ac:ad:82:28:30:2d:99:d4:cb:d7:41:26:57:f0:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Mar 4 10:15:32 2026 GMT
Not After : Mar 3 10:20:32 2027 GMT
Subject: CN=5F2CAFC69F6AF454793982787DF6027144574095
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:15:29:0c:10:4a:7f:ae:1d:a1:68:2b:d6:db:
24:2b:81:37:d7:7e:c9:5d:90:70:bb:a9:53:db:cf:
5b:e4:d5:5f:c7:e6:2c:63:32:b8:47:5f:f7:83:3c:
96:c6:83:65:b3:24:08:d1:88:47:89:9f:10:f8:c7:
9b:1a:3f:c1:4d:6e:26:db:9f:cb:6b:5b:ec:9f:8d:
a7:20:3f:e6:7d:09:3d:7c:27:b2:37:f0:49:e2:8e:
2d:56:f9:23:7e:90:7f:92:b4:a8:34:a3:5c:f6:48:
82:87:64:2f:c7:04:bc:b8:de:d5:83:b0:c1:5c:cf:
66:a4:96:e0:8e:b5:4d:8b:2a:54:73:16:95:2e:fb:
ba:c9:3a:39:8f:bc:f4:da:d2:fb:e4:ea:ea:a3:9e:
09:1b:da:ea:08:a5:00:2d:5b:b0:17:bb:5e:e4:06:
af:5d:46:e8:4b:b5:cd:4a:25:16:d2:9f:76:70:60:
cb:3b:43:2f:4f:55:87:50:a4:87:ca:e7:35:8d:8e:
cf:90:61:ff:de:4d:22:58:ee:6e:ee:a8:e5:99:6b:
1d:8f:84:b1:03:72:33:8d:e6:c1:48:e2:22:fc:e2:
98:3d:28:ab:f6:df:b9:f7:78:b0:9c:be:65:c1:b3:
4b:a5:c7:58:6e:ee:49:f6:02:21:b0:de:e2:8b:b3:
e0:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:2C:AF:C6:9F:6A:F4:54:79:39:82:78:7D:F6:02:71:44:57:40:95
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/3139342e35302e3232342e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.224.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:b7:4a:ff:ed:dc:45:38:28:2c:a2:30:49:f7:76:2c:09:7d:
e5:09:09:ab:04:34:99:1e:f2:16:d9:52:56:bd:5c:7d:a9:46:
8f:7a:89:7c:21:a3:fd:cf:3b:c5:c8:ad:03:c9:7f:aa:fe:80:
2a:eb:ce:45:e2:60:74:6b:80:47:aa:da:30:33:a1:2f:3d:e5:
c5:dc:6d:89:fd:00:04:91:57:e5:e1:df:d9:15:88:5d:4c:a4:
e8:87:86:b5:5b:ca:79:10:91:62:14:de:80:58:f8:10:5c:bb:
e6:b2:91:c6:f4:68:d2:c8:d9:27:aa:87:ea:f0:b0:7e:18:fe:
6c:eb:13:38:e0:e8:55:15:15:3c:38:c9:74:c1:5f:ec:3b:77:
fd:96:d5:1c:9d:28:05:0b:7e:b9:11:b6:79:b3:b9:d0:bf:f4:
26:db:ae:21:c9:e3:8d:7e:fc:69:66:7c:92:7c:ed:a3:26:a0:
59:21:76:e5:a6:6c:c0:21:22:01:be:ac:43:e2:f0:29:95:1b:
72:3c:a8:99:9c:fc:6c:2c:74:13:bf:d0:f9:a6:48:03:49:df:
3a:5a:5e:72:06:76:a1:a3:ff:43:5b:a4:e0:68:9b:bc:00:36:
e1:b4:9b:c5:7b:42:2c:fa:7d:2f:dd:43:5b:62:ed:ed:31:cd:
28:7f:91:dc
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUcpSpeFSsrYIoMC2Z1MvXQSZX8O4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNjAzMDQxMDE1MzJaFw0yNzAzMDMxMDIwMzJaMDMxMTAvBgNV
BAMTKDVGMkNBRkM2OUY2QUY0NTQ3OTM5ODI3ODdERjYwMjcxNDQ1NzQwOTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVFSkMEEp/rh2haCvW2yQrgTfX
fsldkHC7qVPbz1vk1V/H5ixjMrhHX/eDPJbGg2WzJAjRiEeJnxD4x5saP8FNbibb
n8trW+yfjacgP+Z9CT18J7I38Eniji1W+SN+kH+StKg0o1z2SIKHZC/HBLy43tWD
sMFcz2akluCOtU2LKlRzFpUu+7rJOjmPvPTa0vvk6uqjngkb2uoIpQAtW7AXu17k
Bq9dRuhLtc1KJRbSn3ZwYMs7Qy9PVYdQpIfK5zWNjs+QYf/eTSJY7m7uqOWZax2P
hLEDcjON5sFI4iL84pg9KKv237n3eLCcvmXBs0ulx1hu7kn2AiGw3uKLs+CFAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUXyyvxp9q9FR5OYJ4ffYCcURXQJUwHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzEzOTM0MmUzNTMwMmUzMjMy
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMjMzMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCMuAwDQYJKoZIhvcNAQELBQADggEBADy3Sv/t3EU4KCyiMEn3diwJfeUJCasE
NJke8hbZUla9XH2pRo96iXwho/3PO8XIrQPJf6r+gCrrzkXiYHRrgEeq2jAzoS89
5cXcbYn9AASRV+Xh39kViF1MpOiHhrVbynkQkWIU3oBY+BBcu+aykcb0aNLI2Seq
h+rwsH4Y/mzrEzjg6FUVFTw4yXTBX+w7d/2W1RydKAULfrkRtnmzudC/9CbbriHJ
441+/GlmfJJ87aMmoFkhduWmbMAhIgG+rEPi8CmVG3I8qJmc/GwsdBO/0PmmSANJ
3zpaXnIGdqGj/0NbpOBom7wANuG0m8V7Qiz6fS/dQ1ti7e0xzSh/kdw=
-----END CERTIFICATE-----
Generated at Wed Mar 4 18:25:22 2026 by rpki-client