Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3134342e302f32342d3234203d3e20313938303837.roa
File: 3139352e35382e3134342e302f32342d3234203d3e20313938303837.roa (raw, json)
Hash identifier: yv5KHuxJ7GUJMda2TuZyOF1TkQigXEfccqGNah7Vf+c=
Subject key identifier: A8:74:91:FA:C7:F0:8E:CB:5E:1F:C7:64:53:BE:F0:55:6D:1D:D0:41
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 2696D091D3D5AD9C18AEFC29E15744A7DDB23E91
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3134342e302f32342d3234203d3e20313938303837.roa
Signing time: Wed 18 Mar 2026 10:02:10 +0000
ROA not before: Wed 18 Mar 2026 09:57:10 +0000
ROA not after: Wed 17 Mar 2027 10:02:10 +0000
asID: 198087
IP address blocks: 195.58.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 07:19:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:96:d0:91:d3:d5:ad:9c:18:ae:fc:29:e1:57:44:a7:dd:b2:3e:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Mar 18 09:57:10 2026 GMT
Not After : Mar 17 10:02:10 2027 GMT
Subject: CN=A87491FAC7F08ECB5E1FC76453BEF0556D1DD041
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:83:ec:00:89:db:79:86:23:34:a2:c2:3a:73:
00:84:fc:59:ec:c7:6a:54:64:0a:ba:76:ca:f3:65:
c4:64:e6:47:f6:c9:51:12:38:0b:15:98:36:8d:cd:
88:ba:71:25:bc:06:57:92:93:a2:64:8d:37:f9:30:
f0:4f:f0:6f:03:19:74:2a:08:51:3f:3f:11:26:ca:
83:c2:16:9d:65:51:19:43:18:3c:d6:2b:bc:04:68:
82:af:b5:eb:fd:0b:c8:9a:1c:3c:76:fd:e0:e2:16:
12:f9:7d:18:b9:36:c2:c9:49:c5:80:93:c3:c1:0a:
44:97:25:1a:28:4e:9d:61:22:04:1d:6b:c0:f0:73:
bf:dd:c5:b5:d3:23:07:ca:b7:28:8b:8e:41:72:37:
5a:44:00:b7:90:52:9b:ee:b9:51:fa:f7:fc:e1:51:
3f:0c:ce:4f:3a:d3:48:d3:47:08:3c:85:13:9e:a9:
6a:80:dc:f1:06:a1:68:ce:c5:65:85:20:2d:61:ea:
ea:c6:da:69:20:8a:af:3a:82:83:91:49:78:1e:03:
df:d8:11:54:2c:07:9b:4d:23:8d:82:ba:18:c2:b0:
14:c7:e2:ab:a6:40:c7:2e:44:f9:89:b7:5d:9e:9d:
d4:95:11:bf:e8:e5:83:64:33:fd:22:bb:f1:f4:b6:
ab:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:74:91:FA:C7:F0:8E:CB:5E:1F:C7:64:53:BE:F0:55:6D:1D:D0:41
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3134342e302f32342d3234203d3e20313938303837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.58.144.0/24
Signature Algorithm: sha256WithRSAEncryption
64:37:fa:0c:0b:6b:93:16:67:ff:40:0b:ae:67:8c:e4:2d:ac:
6a:81:72:5a:a3:33:d6:db:9f:4d:17:68:59:a2:60:b6:72:78:
0d:63:3e:5a:29:97:83:20:4d:e9:e6:83:8e:62:c4:ff:03:6b:
1b:c1:1b:4c:14:9c:46:c7:80:42:2b:f6:fa:20:0f:9e:fa:9f:
00:99:6b:15:11:59:b1:bd:2f:66:66:4c:ff:ed:ad:52:42:bc:
26:f8:3e:9c:dc:66:8a:9a:45:58:17:2e:45:0b:b5:d0:4f:ca:
bd:be:87:a0:70:c5:51:7d:d5:f9:2f:0e:c8:d4:2f:7f:94:a6:
23:d3:c8:00:05:ed:04:e2:aa:df:8f:b2:fd:cd:dc:11:3f:d0:
57:2d:f1:3d:96:4e:fe:6f:a2:60:ab:3b:c9:5a:9a:46:78:57:
ac:fa:53:47:8a:e5:83:64:5b:94:95:3b:6e:3e:79:23:cb:c0:
f6:84:9e:3b:09:ee:74:69:fd:57:93:ef:9a:36:00:0c:71:c1:
df:80:e9:ee:60:05:03:54:b6:66:3b:01:51:1a:9b:87:b5:11:
f5:d7:da:2c:50:00:35:71:aa:77:0b:8c:c3:e0:8e:76:0c:e2:
b5:bd:0a:66:eb:61:82:4e:08:ca:9f:9d:20:a1:fd:70:15:69:
3d:7f:5c:1b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJpbQkdPVrZwYrvwp4VdEp92yPpEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjAzMTgwOTU3MTBaFw0yNzAzMTcxMDAyMTBaMDMxMTAvBgNV
BAMTKEE4NzQ5MUZBQzdGMDhFQ0I1RTFGQzc2NDUzQkVGMDU1NkQxREQwNDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVg+wAidt5hiM0osI6cwCE/Fns
x2pUZAq6dsrzZcRk5kf2yVESOAsVmDaNzYi6cSW8BleSk6JkjTf5MPBP8G8DGXQq
CFE/PxEmyoPCFp1lURlDGDzWK7wEaIKvtev9C8iaHDx2/eDiFhL5fRi5NsLJScWA
k8PBCkSXJRooTp1hIgQda8Dwc7/dxbXTIwfKtyiLjkFyN1pEALeQUpvuuVH69/zh
UT8Mzk8600jTRwg8hROeqWqA3PEGoWjOxWWFIC1h6urG2mkgiq86goORSXgeA9/Y
EVQsB5tNI42CuhjCsBTH4qumQMcuRPmJt12endSVEb/o5YNkM/0iu/H0tqudAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUqHSR+sfwjsteH8dkU77wVW0d0EEwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzOTM1MmUzNTM4MmUzMTM0
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM5MzgzMDM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADDOpAwDQYJKoZIhvcNAQELBQADggEBAGQ3+gwLa5MWZ/9AC65njOQtrGqBclqj
M9bbn00XaFmiYLZyeA1jPlopl4MgTenmg45ixP8DaxvBG0wUnEbHgEIr9vogD576
nwCZaxURWbG9L2ZmTP/trVJCvCb4PpzcZoqaRVgXLkULtdBPyr2+h6BwxVF91fkv
DsjUL3+UpiPTyAAF7QTiqt+Psv3N3BE/0Fct8T2WTv5vomCrO8lamkZ4V6z6U0eK
5YNkW5SVO24+eSPLwPaEnjsJ7nRp/VeT75o2AAxxwd+A6e5gBQNUtmY7AVEam4e1
EfXX2ixQADVxqncLjMPgjnYM4rW9CmbrYYJOCMqfnSCh/XAVaT1/XBs=
-----END CERTIFICATE-----
Generated at Sat Mar 21 20:37:08 2026 by rpki-client