Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3134342e302f32342d3234203d3e203332383738.roa
File: 3139352e35382e3134342e302f32342d3234203d3e203332383738.roa (raw, json)
Hash identifier: qHIHvPNlCIdk61FIk0B9gnFq0+9BXxWoP+p4QKGLamE=
Subject key identifier: E6:9A:DA:8E:2C:2B:A3:DA:42:60:B1:5E:7D:3D:FD:7C:33:A7:90:18
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 7C123FB57960BF9B0B02A3969557CFA78D9196CB
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3134342e302f32342d3234203d3e203332383738.roa
Signing time: Fri 13 Mar 2026 08:17:14 +0000
ROA not before: Fri 13 Mar 2026 08:12:14 +0000
ROA not after: Fri 12 Mar 2027 08:17:14 +0000
asID: 32878
IP address blocks: 195.58.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 16:34:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:12:3f:b5:79:60:bf:9b:0b:02:a3:96:95:57:cf:a7:8d:91:96:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Mar 13 08:12:14 2026 GMT
Not After : Mar 12 08:17:14 2027 GMT
Subject: CN=E69ADA8E2C2BA3DA4260B15E7D3DFD7C33A79018
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:59:40:10:c0:ce:18:b4:c4:e1:f3:e3:53:48:
76:4b:d1:c3:16:f4:b1:c3:8b:53:c4:c5:90:d4:71:
da:3d:af:44:2b:58:45:9f:5e:9c:15:e4:47:d4:03:
66:ce:d1:5c:d1:df:40:75:ec:e5:29:41:e1:a4:31:
4d:b2:a4:38:53:ea:25:38:d1:83:8a:a9:b2:63:52:
14:0b:7b:0a:37:1f:84:74:69:0c:b3:3d:49:45:4c:
28:51:a8:d7:08:7b:18:90:7e:ea:3e:fa:6d:a8:83:
9e:49:1c:ff:1a:df:08:85:36:66:93:c6:44:84:be:
bd:32:2f:ea:17:11:a6:c7:b8:5f:cb:7e:69:fc:58:
a4:2b:e0:55:72:b8:3f:29:9d:7f:df:30:72:27:fa:
6f:44:88:f0:a8:86:72:4b:24:77:9e:f6:6a:f0:8c:
c3:63:21:17:87:52:ca:3b:bc:0a:03:05:70:89:64:
8e:31:97:ae:72:77:e2:bc:2d:aa:8f:69:ae:9b:c9:
ce:24:29:b4:a8:5f:8d:53:6c:46:c5:0a:9b:63:f8:
a6:3f:13:e2:af:24:b4:48:2d:d1:1d:b1:c8:52:4d:
57:8d:f7:ef:1f:ef:d9:ad:5f:bd:a8:06:37:e5:6f:
a5:7b:a3:63:60:56:0e:6a:7e:8b:92:30:b9:f9:cc:
ff:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:9A:DA:8E:2C:2B:A3:DA:42:60:B1:5E:7D:3D:FD:7C:33:A7:90:18
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3134342e302f32342d3234203d3e203332383738.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.58.144.0/24
Signature Algorithm: sha256WithRSAEncryption
44:77:b3:0a:fc:56:4c:a6:c0:17:35:0b:0c:a5:09:64:63:65:
05:0a:84:77:59:c0:db:e5:19:29:ef:4b:62:fe:09:88:b6:c5:
40:5f:73:2b:34:c8:fc:af:2a:2e:66:b8:f2:31:c1:c2:48:bb:
99:64:f2:5f:99:f7:e6:2b:46:3c:64:b2:5e:4d:f8:63:b0:07:
88:47:cc:98:bb:66:25:2c:b0:6a:1f:76:2d:0e:f9:4a:87:b7:
2f:8f:7a:a5:fe:98:02:13:c2:17:db:d8:09:89:cb:20:a0:57:
16:56:52:84:77:67:2c:e6:f6:1f:f4:4d:68:43:d9:d3:20:30:
3e:c4:52:3b:f2:c6:cb:12:f8:70:02:c2:af:bd:72:eb:41:b5:
49:b4:05:a2:f2:56:f2:0a:5e:96:63:18:a8:92:2c:90:36:fb:
45:56:03:b4:79:4c:dd:e6:1b:0e:01:25:a1:7e:ef:19:c8:ab:
3e:20:37:44:a7:0b:af:ad:6d:be:02:c7:2a:d4:e4:02:74:94:
dc:15:50:20:3f:59:85:3d:7d:a1:77:2c:0d:d2:35:cc:22:c1:
fc:1b:e7:1f:0b:fe:fc:1a:ea:12:8b:38:ff:01:e4:71:6d:dc:
51:53:a3:5e:f4:99:67:8e:e3:83:a4:3f:89:3b:ca:12:8e:41:
d6:44:56:f5
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUfBI/tXlgv5sLAqOWlVfPp42RlsswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjAzMTMwODEyMTRaFw0yNzAzMTIwODE3MTRaMDMxMTAvBgNV
BAMTKEU2OUFEQThFMkMyQkEzREE0MjYwQjE1RTdEM0RGRDdDMzNBNzkwMTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChWUAQwM4YtMTh8+NTSHZL0cMW
9LHDi1PExZDUcdo9r0QrWEWfXpwV5EfUA2bO0VzR30B17OUpQeGkMU2ypDhT6iU4
0YOKqbJjUhQLewo3H4R0aQyzPUlFTChRqNcIexiQfuo++m2og55JHP8a3wiFNmaT
xkSEvr0yL+oXEabHuF/Lfmn8WKQr4FVyuD8pnX/fMHIn+m9EiPCohnJLJHee9mrw
jMNjIReHUso7vAoDBXCJZI4xl65yd+K8LaqPaa6byc4kKbSoX41TbEbFCptj+KY/
E+KvJLRILdEdschSTVeN9+8f79mtX72oBjflb6V7o2NgVg5qfouSMLn5zP+LAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU5prajiwro9pCYLFefT39fDOnkBgwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzOTM1MmUzNTM4MmUzMTM0
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzMyMzgzNzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wzqQMA0GCSqGSIb3DQEBCwUAA4IBAQBEd7MK/FZMpsAXNQsMpQlkY2UFCoR3WcDb
5Rkp70ti/gmItsVAX3MrNMj8ryouZrjyMcHCSLuZZPJfmffmK0Y8ZLJeTfhjsAeI
R8yYu2YlLLBqH3YtDvlKh7cvj3ql/pgCE8IX29gJicsgoFcWVlKEd2cs5vYf9E1o
Q9nTIDA+xFI78sbLEvhwAsKvvXLrQbVJtAWi8lbyCl6WYxiokiyQNvtFVgO0eUzd
5hsOASWhfu8ZyKs+IDdEpwuvrW2+Ascq1OQCdJTcFVAgP1mFPX2hdywN0jXMIsH8
G+cfC/78GuoSizj/AeRxbdxRU6Ne9JlnjuODpD+JO8oSjkHWRFb1
-----END CERTIFICATE-----
Generated at Fri Mar 13 20:46:51 2026 by rpki-client