Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3135302e3235312e3233312e302f32342d3234203d3e203633313939.roa
File: 3135302e3235312e3233312e302f32342d3234203d3e203633313939.roa (raw, json)
Hash identifier: nOdkF2oLzkeUcWgIM8F3FhA8vX9MjMTAnEFAB1UxJHg=
Subject key identifier: 5F:4C:D2:73:E1:BF:0B:3F:A1:F5:02:E1:9F:55:3C:FE:FB:7F:93:B6
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 78FA26D6C20337A3828D57F8C58F68B6EE79D4B1
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3135302e3235312e3233312e302f32342d3234203d3e203633313939.roa
Signing time: Thu 19 Mar 2026 09:34:02 +0000
ROA not before: Thu 19 Mar 2026 09:29:02 +0000
ROA not after: Thu 18 Mar 2027 09:34:02 +0000
asID: 63199
IP address blocks: 150.251.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 07:19:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:fa:26:d6:c2:03:37:a3:82:8d:57:f8:c5:8f:68:b6:ee:79:d4:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Mar 19 09:29:02 2026 GMT
Not After : Mar 18 09:34:02 2027 GMT
Subject: CN=5F4CD273E1BF0B3FA1F502E19F553CFEFB7F93B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:4b:c3:f2:3f:9c:12:45:87:c9:99:6e:54:15:
74:19:69:7c:e3:65:6e:19:55:48:3d:f7:b0:4a:79:
dd:06:4c:ea:7a:09:7b:b7:c9:a1:d7:c1:04:47:c1:
0d:bc:be:1c:61:fd:d8:ea:96:e4:1c:1b:67:a3:00:
9f:97:5b:21:4b:7e:35:60:21:cb:e4:2d:34:97:2a:
3d:59:b1:fc:00:9a:c4:ee:1c:6b:86:3c:5d:a0:13:
be:93:12:fe:82:a2:68:c5:bd:98:65:45:bf:99:0c:
ef:6a:a3:98:e6:13:94:1d:f6:58:06:10:3d:51:b5:
c6:2b:a7:77:79:b8:41:77:94:8b:ca:5c:b4:e0:64:
4c:5b:ce:28:a0:08:1c:44:97:d5:69:35:a2:45:95:
1c:26:ee:7e:e1:c6:55:6a:fb:b8:3c:ab:83:86:46:
d6:f4:8a:de:1c:4e:31:4f:18:cc:88:7f:b5:d9:47:
bb:ec:ab:02:55:60:06:cf:0e:05:58:11:af:f8:80:
8f:f6:29:64:a6:1a:4c:2e:ee:da:d5:ba:be:ef:11:
e1:f3:e1:ec:97:b5:c0:64:6b:ff:44:b3:93:ca:9a:
55:9c:29:ef:17:10:68:17:13:1a:a7:59:d4:b5:b3:
20:c0:3e:bf:0c:51:57:2e:2e:ee:5f:37:98:a1:b4:
da:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:4C:D2:73:E1:BF:0B:3F:A1:F5:02:E1:9F:55:3C:FE:FB:7F:93:B6
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3135302e3235312e3233312e302f32342d3234203d3e203633313939.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
90:a7:b3:a2:a4:9f:d9:0d:e0:67:3c:c1:62:4c:1d:1b:d6:01:
4c:42:aa:13:c2:c0:74:91:54:ad:b9:c1:82:48:5e:13:d0:86:
ad:e2:01:54:72:b1:9e:17:57:59:bb:a8:50:56:c2:9a:44:ca:
41:92:f0:e1:69:88:ce:9e:0c:57:fa:71:29:ba:13:09:b1:24:
56:ed:1e:3e:74:9c:ec:d5:78:fa:df:ea:03:de:5f:c8:17:50:
e9:6e:d0:c7:1e:bb:1f:d9:28:b5:11:fa:e1:8c:67:36:ba:bb:
ed:37:86:c5:11:81:bd:9d:7d:b9:82:73:8a:61:41:f6:20:36:
39:c8:cc:18:e3:46:66:49:3f:d8:76:51:6e:5b:6f:cc:a7:07:
53:95:e9:9f:58:a7:73:17:b1:5a:84:b6:fe:87:57:82:20:a5:
ae:ce:f3:56:1a:fb:db:b2:57:fb:70:74:8a:22:fc:ea:45:d7:
d8:e3:a4:eb:a5:74:79:c1:1b:e9:b8:86:7c:78:ce:ed:ad:0f:
12:20:c9:22:66:9c:e9:ed:d0:b3:f1:85:14:9b:b3:79:ed:3b:
ef:6d:9f:4c:5c:75:f8:b4:24:7d:ae:9a:c9:4c:ad:81:1f:fd:
88:69:85:56:dd:1e:44:48:58:40:a7:73:58:68:9c:e3:c4:0f:
d2:64:3f:5c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUePom1sIDN6OCjVf4xY9otu551LEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjAzMTkwOTI5MDJaFw0yNzAzMTgwOTM0MDJaMDMxMTAvBgNV
BAMTKDVGNENEMjczRTFCRjBCM0ZBMUY1MDJFMTlGNTUzQ0ZFRkI3RjkzQjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPS8PyP5wSRYfJmW5UFXQZaXzj
ZW4ZVUg997BKed0GTOp6CXu3yaHXwQRHwQ28vhxh/djqluQcG2ejAJ+XWyFLfjVg
IcvkLTSXKj1ZsfwAmsTuHGuGPF2gE76TEv6ComjFvZhlRb+ZDO9qo5jmE5Qd9lgG
ED1RtcYrp3d5uEF3lIvKXLTgZExbziigCBxEl9VpNaJFlRwm7n7hxlVq+7g8q4OG
Rtb0it4cTjFPGMyIf7XZR7vsqwJVYAbPDgVYEa/4gI/2KWSmGkwu7trVur7vEeHz
4eyXtcBka/9Es5PKmlWcKe8XEGgXExqnWdS1syDAPr8MUVcuLu5fN5ihtNonAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUX0zSc+G/Cz+h9QLhn1U8/vt/k7YwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzNTMwMmUzMjM1MzEyZTMy
MzMzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzMzMTM5Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACW++cwDQYJKoZIhvcNAQELBQADggEBAJCns6Kkn9kN4Gc8wWJMHRvWAUxCqhPC
wHSRVK25wYJIXhPQhq3iAVRysZ4XV1m7qFBWwppEykGS8OFpiM6eDFf6cSm6Ewmx
JFbtHj50nOzVePrf6gPeX8gXUOlu0Mceux/ZKLUR+uGMZza6u+03hsURgb2dfbmC
c4phQfYgNjnIzBjjRmZJP9h2UW5bb8ynB1OV6Z9Yp3MXsVqEtv6HV4Igpa7O81Ya
+9uyV/twdIoi/OpF19jjpOuldHnBG+m4hnx4zu2tDxIgySJmnOnt0LPxhRSbs3nt
O+9tn0xcdfi0JH2umslMrYEf/YhphVbdHkRIWECnc1honOPED9JkP1w=
-----END CERTIFICATE-----
Generated at Sat Mar 21 20:32:40 2026 by rpki-client