Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3134342e302f32342d3234203d3e203633313939.roa
File: 3139352e35382e3134342e302f32342d3234203d3e203633313939.roa (raw, json)
Hash identifier: hOnldz1ePHQLUUUoJJLrxFbeYJ9fiD7DLRrRbDm/yi8=
Subject key identifier: 4E:4E:44:C9:D3:4F:F8:31:42:D2:37:3C:55:C6:89:44:74:95:E3:53
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 2DC41B72D39639D28882BFD6A58AD4E30F5419C3
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3134342e302f32342d3234203d3e203633313939.roa
Signing time: Mon 02 Mar 2026 10:10:16 +0000
ROA not before: Mon 02 Mar 2026 10:05:16 +0000
ROA not after: Mon 01 Mar 2027 10:10:16 +0000
asID: 63199
IP address blocks: 195.58.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 11:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:c4:1b:72:d3:96:39:d2:88:82:bf:d6:a5:8a:d4:e3:0f:54:19:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Mar 2 10:05:16 2026 GMT
Not After : Mar 1 10:10:16 2027 GMT
Subject: CN=4E4E44C9D34FF83142D2373C55C689447495E353
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:6a:75:d3:61:26:1f:a4:01:37:28:50:bb:c3:
99:f8:35:0e:3e:c2:d1:db:31:47:bf:3b:ba:b4:f7:
35:77:0f:a2:cf:74:40:80:7a:10:12:19:15:fa:c5:
af:3a:d7:15:7e:c7:2b:01:88:16:6a:28:a6:53:48:
e4:6c:6b:f5:3e:69:1c:ab:c9:c1:ba:b6:80:b0:5d:
70:3e:54:07:ea:5e:59:43:29:82:59:d6:e6:a1:55:
43:55:64:6c:69:6b:be:88:80:5d:11:7c:03:3c:2a:
c9:e2:13:c5:16:f0:31:18:26:9d:fe:23:51:54:f9:
76:fc:df:3a:71:86:b8:9f:29:fb:f9:3e:92:1f:f5:
ee:4a:86:8d:ca:7b:47:d2:cb:71:ed:b2:fd:44:75:
bd:b9:b2:5b:78:81:b9:ba:e6:a4:c7:25:ac:5c:18:
0b:3c:97:c3:8f:73:c0:dd:39:75:91:53:6b:2c:eb:
cf:fe:75:33:4d:47:fa:dd:ef:99:9d:93:81:41:8a:
4a:73:35:fd:70:15:a9:ed:7d:f3:ad:1a:26:0a:a6:
ac:63:bd:15:d9:a4:89:4e:9e:97:00:a3:b2:25:37:
b0:ad:0e:26:25:3e:cd:e2:76:77:9f:2e:dd:f4:5d:
96:71:d7:12:f3:3e:5d:7a:09:22:12:b5:f8:48:05:
02:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:4E:44:C9:D3:4F:F8:31:42:D2:37:3C:55:C6:89:44:74:95:E3:53
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3134342e302f32342d3234203d3e203633313939.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.58.144.0/24
Signature Algorithm: sha256WithRSAEncryption
71:da:5f:bf:1a:d6:d8:bc:fb:03:d8:f8:5f:e4:87:71:6e:1d:
13:b0:df:78:45:a7:5a:77:90:a7:95:76:ec:95:a9:81:a3:a4:
4a:b7:ad:6d:47:5d:fc:5c:3f:30:27:c3:84:83:86:09:34:62:
bb:da:ee:88:62:00:0e:46:63:92:1f:56:a9:98:60:f9:15:1a:
da:ce:6b:f0:4f:73:8f:30:93:62:40:95:ec:29:93:f9:26:32:
70:a2:ba:52:39:09:e2:41:af:15:04:eb:7f:82:39:ac:5e:0a:
e5:ad:a5:63:de:e5:d1:20:ec:68:13:8b:ab:c0:72:0f:90:ae:
5c:eb:27:03:5d:0a:e1:2d:14:1a:fb:b8:12:f8:93:05:62:f4:
6c:d0:96:80:fb:9e:26:68:4a:8f:a5:67:29:87:bb:6b:50:bf:
04:62:03:5e:8d:03:38:f5:c1:d0:0b:88:19:93:44:70:71:2e:
0a:1d:8f:64:b6:7a:5c:f0:02:23:8c:6c:50:0c:f2:04:55:ad:
e4:a1:55:a8:82:90:a4:1f:34:00:72:44:4f:e7:a4:23:38:7c:
50:3a:97:1a:76:0b:67:d0:57:bf:ea:28:c9:b1:65:70:be:42:
01:a7:12:77:ab:4c:34:8a:18:1b:58:3d:10:ab:dc:8e:5d:23:
34:5e:b2:91
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIULcQbctOWOdKIgr/WpYrU4w9UGcMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjAzMDIxMDA1MTZaFw0yNzAzMDExMDEwMTZaMDMxMTAvBgNV
BAMTKDRFNEU0NEM5RDM0RkY4MzE0MkQyMzczQzU1QzY4OTQ0NzQ5NUUzNTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDwanXTYSYfpAE3KFC7w5n4NQ4+
wtHbMUe/O7q09zV3D6LPdECAehASGRX6xa861xV+xysBiBZqKKZTSORsa/U+aRyr
ycG6toCwXXA+VAfqXllDKYJZ1uahVUNVZGxpa76IgF0RfAM8KsniE8UW8DEYJp3+
I1FU+Xb83zpxhrifKfv5PpIf9e5Kho3Ke0fSy3Htsv1Edb25slt4gbm65qTHJaxc
GAs8l8OPc8DdOXWRU2ss68/+dTNNR/rd75mdk4FBikpzNf1wFantffOtGiYKpqxj
vRXZpIlOnpcAo7IlN7CtDiYlPs3idnefLt30XZZx1xLzPl16CSIStfhIBQL5AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUTk5EydNP+DFC0jc8VcaJRHSV41MwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzOTM1MmUzNTM4MmUzMTM0
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMzMzEzOTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wzqQMA0GCSqGSIb3DQEBCwUAA4IBAQBx2l+/GtbYvPsD2Phf5Idxbh0TsN94Rada
d5CnlXbslamBo6RKt61tR138XD8wJ8OEg4YJNGK72u6IYgAORmOSH1apmGD5FRra
zmvwT3OPMJNiQJXsKZP5JjJworpSOQniQa8VBOt/gjmsXgrlraVj3uXRIOxoE4ur
wHIPkK5c6ycDXQrhLRQa+7gS+JMFYvRs0JaA+54maEqPpWcph7trUL8EYgNejQM4
9cHQC4gZk0RwcS4KHY9ktnpc8AIjjGxQDPIEVa3koVWogpCkHzQAckRP56QjOHxQ
Opcadgtn0Fe/6ijJsWVwvkIBpxJ3q0w0ihgbWD0Qq9yOXSM0XrKR
-----END CERTIFICATE-----
Generated at Thu Mar 5 20:43:43 2026 by rpki-client