Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3132382e302f32342d3234203d3e20313938363231.roa
File: 3139352e35382e3132382e302f32342d3234203d3e20313938363231.roa (raw, json)
Hash identifier: l+XTLQfX5yQ3z7ZHO1eIgcb1r1mW4fYeJV4EXq4TWow=
Subject key identifier: 88:67:A2:90:69:89:A6:95:36:30:E0:69:AA:6C:DC:8C:CB:73:90:C5
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 7049A111747642EAD7F15CDD2ED06A757736C321
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3132382e302f32342d3234203d3e20313938363231.roa
Signing time: Tue 28 Apr 2026 17:18:14 +0000
ROA not before: Tue 28 Apr 2026 17:13:14 +0000
ROA not after: Tue 27 Apr 2027 17:18:14 +0000
asID: 198621
IP address blocks: 195.58.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 18:48:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:49:a1:11:74:76:42:ea:d7:f1:5c:dd:2e:d0:6a:75:77:36:c3:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Apr 28 17:13:14 2026 GMT
Not After : Apr 27 17:18:14 2027 GMT
Subject: CN=8867A2906989A6953630E069AA6CDC8CCB7390C5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:3d:bc:0c:be:ee:49:12:aa:a8:a5:c5:cb:90:
f3:c7:c3:6b:b0:19:45:16:8b:47:5f:d2:4a:93:df:
45:fd:af:b7:f6:c9:27:3c:53:fa:47:fa:4c:e9:32:
2c:b9:46:56:1a:f5:ed:9f:f8:eb:3b:39:9f:a3:b0:
83:15:f7:2f:7f:47:ce:bd:3f:d9:ef:c3:79:9c:ac:
19:5d:36:a3:57:82:c1:e0:4b:5d:67:e7:34:12:58:
60:fd:60:da:b2:1c:f4:4c:72:a2:4b:38:45:3e:21:
36:4c:30:f3:39:55:ed:ea:72:46:f7:5c:ca:74:24:
be:69:64:a7:2b:8e:07:c5:6b:1e:f5:30:43:dd:2b:
11:60:e6:52:7d:63:dc:a8:f2:c2:0e:6d:cb:62:e8:
4f:a2:92:67:94:aa:56:3a:1d:db:55:ad:59:f1:73:
5e:29:8b:d3:13:cc:99:86:f3:eb:57:f1:75:ec:1a:
6c:43:66:17:41:b9:db:5d:aa:14:6c:b2:88:1c:6a:
f6:1d:02:d0:47:2b:23:17:55:f5:54:dd:5c:c9:b0:
30:8a:be:b0:c7:d3:40:3d:c9:2a:32:41:2e:e1:53:
7e:e9:63:3f:23:18:01:dd:d2:01:69:b6:29:d8:41:
3c:81:10:3a:2a:27:bf:a0:0b:57:96:f6:00:d6:2e:
d7:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:67:A2:90:69:89:A6:95:36:30:E0:69:AA:6C:DC:8C:CB:73:90:C5
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3132382e302f32342d3234203d3e20313938363231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.58.128.0/24
Signature Algorithm: sha256WithRSAEncryption
81:24:32:69:8e:90:98:47:65:a1:d6:8e:e5:cb:3a:4a:e5:51:
22:44:69:dc:ee:4b:87:79:43:2c:54:0f:23:5d:f1:c9:79:c3:
5e:90:9a:91:89:9e:71:85:14:c3:ae:1f:ff:94:b6:77:a3:e9:
83:f1:68:4e:87:47:49:e8:00:13:20:17:1a:b3:af:55:da:03:
ef:b3:34:2a:39:5f:73:18:2b:c8:b7:16:63:da:52:f2:f5:b4:
3a:e3:77:8e:58:37:8b:5a:2e:10:68:ce:28:ad:d2:a7:6e:12:
fa:a9:94:9a:f0:6e:67:52:a1:31:5b:73:0c:11:ee:b3:5e:4c:
db:52:b4:9d:c7:f2:42:8a:d2:02:15:c7:8f:d2:86:15:75:e8:
64:b1:40:f2:04:5d:96:d0:d0:fa:33:53:c0:96:72:2c:6b:fe:
d1:20:52:c4:20:da:68:be:6f:38:b1:4b:c9:8e:54:d8:3b:32:
51:73:84:88:ca:82:0d:d1:16:9d:79:97:f2:a6:0f:1e:3b:b4:
1e:c6:89:8d:10:fe:64:21:69:ea:0b:85:5c:5d:ed:05:fc:49:
51:cd:2e:4e:de:27:4e:c5:09:3f:26:f0:5e:f6:84:4b:3b:5e:
13:e3:33:84:4d:59:11:9a:33:3a:02:2f:80:f5:61:78:2b:32:
f4:12:00:ba
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUcEmhEXR2QurX8VzdLtBqdXc2wyEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjA0MjgxNzEzMTRaFw0yNzA0MjcxNzE4MTRaMDMxMTAvBgNV
BAMTKDg4NjdBMjkwNjk4OUE2OTUzNjMwRTA2OUFBNkNEQzhDQ0I3MzkwQzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCIPbwMvu5JEqqopcXLkPPHw2uw
GUUWi0df0kqT30X9r7f2ySc8U/pH+kzpMiy5RlYa9e2f+Os7OZ+jsIMV9y9/R869
P9nvw3mcrBldNqNXgsHgS11n5zQSWGD9YNqyHPRMcqJLOEU+ITZMMPM5Ve3qckb3
XMp0JL5pZKcrjgfFax71MEPdKxFg5lJ9Y9yo8sIObcti6E+ikmeUqlY6HdtVrVnx
c14pi9MTzJmG8+tX8XXsGmxDZhdBudtdqhRssogcavYdAtBHKyMXVfVU3VzJsDCK
vrDH00A9ySoyQS7hU37pYz8jGAHd0gFptinYQTyBEDoqJ7+gC1eW9gDWLtcZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUiGeikGmJppU2MOBpqmzcjMtzkMUwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzOTM1MmUzNTM4MmUzMTMy
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM5MzgzNjMyMzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADDOoAwDQYJKoZIhvcNAQELBQADggEBAIEkMmmOkJhHZaHWjuXLOkrlUSJEadzu
S4d5QyxUDyNd8cl5w16QmpGJnnGFFMOuH/+Utnej6YPxaE6HR0noABMgFxqzr1Xa
A++zNCo5X3MYK8i3FmPaUvL1tDrjd45YN4taLhBoziit0qduEvqplJrwbmdSoTFb
cwwR7rNeTNtStJ3H8kKK0gIVx4/ShhV16GSxQPIEXZbQ0PozU8CWcixr/tEgUsQg
2mi+bzixS8mOVNg7MlFzhIjKgg3RFp15l/KmDx47tB7GiY0Q/mQhaeoLhVxd7QX8
SVHNLk7eJ07FCT8m8F72hEs7XhPjM4RNWRGaMzoCL4D1YXgrMvQSALo=
-----END CERTIFICATE-----
Generated at Wed May 6 01:11:52 2026 by rpki-client