Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6c43d3a6-7d13-4895-959d-419b9a6eb34b/4/3139352e3134342e32342e302f32342d3332203d3e20323130343634.roa
File: 3139352e3134342e32342e302f32342d3332203d3e20323130343634.roa (raw, json)
Hash identifier: HB9HGgTweFVtW/gslktXVB+L0d08UgCcpj9As8LURAo=
Subject key identifier: 3D:3D:D6:37:E5:1A:F5:A6:F3:A9:9F:42:70:2A:EC:05:81:19:1A:98
Certificate issuer: /CN=acb5dff8a45df5cdafa2a95c715f10c5fe5f91a3
Certificate serial: 64272A03B3FCB51201A6A1AB15C33E625D75A6F3
Authority key identifier: AC:B5:DF:F8:A4:5D:F5:CD:AF:A2:A9:5C:71:5F:10:C5:FE:5F:91:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rLXf-KRd9c2voqlccV8Qxf5fkaM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6c43d3a6-7d13-4895-959d-419b9a6eb34b/4/3139352e3134342e32342e302f32342d3332203d3e20323130343634.roa
Signing time: Thu 09 Apr 2026 17:27:02 +0000
ROA not before: Thu 09 Apr 2026 17:22:02 +0000
ROA not after: Thu 08 Apr 2027 17:27:02 +0000
asID: 210464
IP address blocks: 195.144.24.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6c43d3a6-7d13-4895-959d-419b9a6eb34b/4/ACB5DFF8A45DF5CDAFA2A95C715F10C5FE5F91A3.crl
rsync://rsync.paas.rpki.ripe.net/repository/6c43d3a6-7d13-4895-959d-419b9a6eb34b/4/ACB5DFF8A45DF5CDAFA2A95C715F10C5FE5F91A3.mft
rsync://rpki.ripe.net/repository/DEFAULT/rLXf-KRd9c2voqlccV8Qxf5fkaM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 Apr 2026 14:30:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:27:2a:03:b3:fc:b5:12:01:a6:a1:ab:15:c3:3e:62:5d:75:a6:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acb5dff8a45df5cdafa2a95c715f10c5fe5f91a3
Validity
Not Before: Apr 9 17:22:02 2026 GMT
Not After : Apr 8 17:27:02 2027 GMT
Subject: CN=3D3DD637E51AF5A6F3A99F42702AEC0581191A98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b0:8e:27:94:bc:b4:9d:9f:d6:dc:da:a5:02:
2d:04:13:ac:29:62:8e:6e:d0:e8:21:89:79:ca:1c:
a7:04:0e:d7:98:70:70:a8:4c:51:f5:0c:f9:d8:3c:
25:bf:ab:4e:0e:85:8f:5b:c2:ee:fa:4c:b2:9b:d3:
e4:13:9b:79:d2:35:87:ed:99:4c:99:58:3c:24:4f:
17:92:2f:6b:1f:d7:83:59:d6:63:ab:bd:f5:f4:a9:
b7:29:d1:cf:5a:37:b9:dc:ce:5c:c9:2e:42:a3:8c:
86:d9:d3:a5:0f:8e:fd:73:fe:b7:1c:ef:12:f8:71:
3f:30:b3:39:c3:8c:78:c2:38:7c:04:99:d0:38:72:
8e:fd:8d:32:78:94:07:d5:40:53:bb:66:54:86:c4:
c7:6c:e8:04:1d:46:d9:3e:b8:f8:e4:c7:ee:0a:78:
da:7c:ef:2f:93:fb:fc:68:64:59:d1:14:db:a0:ea:
32:6f:01:cd:33:eb:8f:d3:a8:4e:df:76:ef:9d:93:
12:e6:5c:f8:76:a3:fe:44:c8:2e:5b:e9:eb:68:d4:
14:ea:79:ab:33:53:7f:ca:0b:87:91:01:d4:28:a8:
4e:2b:da:7b:b8:59:19:79:e7:db:25:29:94:f1:8d:
27:ae:3e:d1:e1:16:e8:91:67:3c:f7:5d:af:2c:69:
0d:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:3D:D6:37:E5:1A:F5:A6:F3:A9:9F:42:70:2A:EC:05:81:19:1A:98
X509v3 Authority Key Identifier:
keyid:AC:B5:DF:F8:A4:5D:F5:CD:AF:A2:A9:5C:71:5F:10:C5:FE:5F:91:A3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6c43d3a6-7d13-4895-959d-419b9a6eb34b/4/ACB5DFF8A45DF5CDAFA2A95C715F10C5FE5F91A3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rLXf-KRd9c2voqlccV8Qxf5fkaM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6c43d3a6-7d13-4895-959d-419b9a6eb34b/4/3139352e3134342e32342e302f32342d3332203d3e20323130343634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.144.24.0/24
Signature Algorithm: sha256WithRSAEncryption
38:32:88:e4:50:bd:88:70:e1:91:f5:c4:2b:c3:0e:47:77:3f:
b4:e8:e7:0c:bd:45:e5:87:98:70:2d:e9:62:d1:39:50:62:65:
02:16:6f:a7:da:21:b3:62:ca:9e:85:6b:ba:2c:02:10:74:c0:
63:75:b2:16:65:c8:ca:0f:c1:0d:71:c3:0a:0a:b2:f3:86:57:
52:15:ce:41:ca:f2:0c:c9:95:15:fd:ea:65:ce:cf:80:24:b7:
e4:7c:63:b0:43:85:73:6c:d1:2f:bd:5d:3a:0c:37:22:31:6a:
db:7a:65:fc:1b:6c:ee:24:a8:3a:11:0c:25:ce:54:5f:53:36:
ff:24:be:c9:a6:01:21:e4:74:50:db:fd:96:3f:da:4f:d8:d8:
bc:c9:69:61:51:de:32:16:0a:42:d3:b6:b6:13:5d:e7:2a:4e:
07:d8:f0:81:f7:c7:d4:be:2f:11:6d:fc:b5:66:b3:08:f3:4a:
41:d0:ba:b5:d0:0a:24:fe:bf:16:1a:bb:4f:06:c3:ba:98:4d:
9e:b3:d0:94:56:ce:1d:84:8e:10:3f:3d:ed:6a:88:a8:9c:6a:
17:a0:54:2d:b1:d8:2a:19:a2:af:21:e6:0c:53:16:3c:f0:5b:
c0:a1:69:a0:e4:b8:07:87:73:f6:94:76:ca:74:3b:55:e4:b9:
c9:0a:3b:29
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZCcqA7P8tRIBpqGrFcM+Yl11pvMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWNiNWRmZjhhNDVkZjVjZGFmYTJhOTVjNzE1ZjEwYzVm
ZTVmOTFhMzAeFw0yNjA0MDkxNzIyMDJaFw0yNzA0MDgxNzI3MDJaMDMxMTAvBgNV
BAMTKDNEM0RENjM3RTUxQUY1QTZGM0E5OUY0MjcwMkFFQzA1ODExOTFBOTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtsI4nlLy0nZ/W3NqlAi0EE6wp
Yo5u0OghiXnKHKcEDteYcHCoTFH1DPnYPCW/q04OhY9bwu76TLKb0+QTm3nSNYft
mUyZWDwkTxeSL2sf14NZ1mOrvfX0qbcp0c9aN7nczlzJLkKjjIbZ06UPjv1z/rcc
7xL4cT8wsznDjHjCOHwEmdA4co79jTJ4lAfVQFO7ZlSGxMds6AQdRtk+uPjkx+4K
eNp87y+T+/xoZFnRFNug6jJvAc0z64/TqE7fdu+dkxLmXPh2o/5EyC5b6eto1BTq
easzU3/KC4eRAdQoqE4r2nu4WRl559slKZTxjSeuPtHhFuiRZzz3Xa8saQ0pAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUPT3WN+Ua9abzqZ9CcCrsBYEZGpgwHwYDVR0j
BBgwFoAUrLXf+KRd9c2voqlccV8Qxf5fkaMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmM0M2QzYTYtN2QxMy00ODk1LTk1OWQtNDE5YjlhNmVi
MzRiLzQvQUNCNURGRjhBNDVERjVDREFGQTJBOTVDNzE1RjEwQzVGRTVGOTFBMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3JMWGYtS1JkOWMydm9xbGNjVjhReGY1
ZmthTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmM0M2QzYTYt
N2QxMy00ODk1LTk1OWQtNDE5YjlhNmViMzRiLzQvMzEzOTM1MmUzMTM0MzQyZTMy
MzQyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzMjMxMzAzNDM2MzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADDkBgwDQYJKoZIhvcNAQELBQADggEBADgyiORQvYhw4ZH1xCvDDkd3P7To5wy9
ReWHmHAt6WLROVBiZQIWb6faIbNiyp6Fa7osAhB0wGN1shZlyMoPwQ1xwwoKsvOG
V1IVzkHK8gzJlRX96mXOz4Akt+R8Y7BDhXNs0S+9XToMNyIxatt6ZfwbbO4kqDoR
DCXOVF9TNv8kvsmmASHkdFDb/ZY/2k/Y2LzJaWFR3jIWCkLTtrYTXecqTgfY8IH3
x9S+LxFt/LVmswjzSkHQurXQCiT+vxYau08Gw7qYTZ6z0JRWzh2EjhA/Pe1qiKic
ahegVC2x2CoZoq8h5gxTFjzwW8ChaaDkuAeHc/aUdsp0O1XkuckKOyk=
-----END CERTIFICATE-----
Generated at Thu Apr 9 22:16:35 2026 by rpki-client