Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3134392e302f32342d3234203d3e20313939393135.roa
File: 3139352e35382e3134392e302f32342d3234203d3e20313939393135.roa (raw, json)
Hash identifier: 3Mj/czyKvzJvBOAr+N4/hqCZ4Nz6TSfuuRSmK4rh/zQ=
Subject key identifier: 9D:0C:46:9D:73:2B:0A:6F:75:8F:A7:E8:A0:A8:CF:07:81:AF:C3:72
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 4EB36EAB8E34780FA77502BA6A888924EDE17CDB
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3134392e302f32342d3234203d3e20313939393135.roa
Signing time: Fri 27 Mar 2026 17:28:24 +0000
ROA not before: Fri 27 Mar 2026 17:23:24 +0000
ROA not after: Fri 26 Mar 2027 17:28:24 +0000
asID: 199915
IP address blocks: 195.58.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Mar 2026 19:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:b3:6e:ab:8e:34:78:0f:a7:75:02:ba:6a:88:89:24:ed:e1:7c:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Mar 27 17:23:24 2026 GMT
Not After : Mar 26 17:28:24 2027 GMT
Subject: CN=9D0C469D732B0A6F758FA7E8A0A8CF0781AFC372
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:62:b0:a1:d5:0d:c2:a8:b2:e9:51:62:48:65:
b8:f5:7b:45:bf:45:76:fc:67:35:12:95:20:bf:0c:
f3:51:99:ed:44:80:92:1a:b1:b8:b7:a0:4a:7a:75:
4a:6c:33:a1:0f:c8:8f:5a:f3:1e:0d:a6:7d:11:cf:
fa:34:7c:4a:e2:34:ea:80:7f:b8:cc:76:6b:1a:16:
43:b4:35:07:8c:d8:67:aa:15:89:72:2e:69:ed:b5:
2a:e6:81:70:5b:25:5f:4d:a4:08:ae:2c:b0:60:07:
53:a7:3f:48:9e:eb:32:93:34:30:89:e1:fc:65:8d:
20:2f:e7:4e:88:e1:ca:9a:6f:1f:e5:7a:b6:0e:7a:
70:f3:fc:34:9b:1e:3f:58:2a:eb:2c:ec:06:79:d8:
a8:3d:de:39:28:7a:97:11:b3:c3:26:6e:7b:ad:6a:
a9:32:ed:05:0f:e8:6c:3e:91:fe:6a:a2:c5:be:06:
ba:45:84:f4:de:75:85:9b:27:50:a6:93:6e:49:a1:
8e:eb:50:df:4d:d2:57:3c:01:76:2c:de:59:d5:be:
00:4e:e3:40:72:c1:ca:38:a2:ca:3c:d3:17:44:e0:
05:1d:38:65:42:f0:87:3d:5b:f3:56:7a:90:4d:4c:
b8:f3:52:a9:ee:a7:8b:6f:67:74:69:95:26:69:75:
2d:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:0C:46:9D:73:2B:0A:6F:75:8F:A7:E8:A0:A8:CF:07:81:AF:C3:72
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3134392e302f32342d3234203d3e20313939393135.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.58.149.0/24
Signature Algorithm: sha256WithRSAEncryption
05:1d:3d:2f:fc:d9:11:81:f1:fe:0c:c8:89:1c:9d:c1:7f:3a:
c5:d3:04:c1:63:08:17:f3:3d:c6:cf:79:d2:b1:f2:b5:59:15:
c7:25:c3:7c:a9:1b:d5:98:2c:54:87:fd:1b:00:9d:9b:92:7e:
1b:91:e5:95:94:20:97:7b:65:a6:50:0b:91:42:5b:e4:c0:ad:
2a:96:8c:89:66:60:ee:9f:e6:f5:a0:1f:05:2e:8f:bf:7a:b5:
88:71:cb:20:4c:2e:45:e2:24:0a:5e:5c:24:9b:db:b6:9f:ce:
33:3c:2c:28:01:ae:91:98:4b:33:b3:aa:e5:b7:ed:e2:9a:e4:
96:23:ab:94:2e:27:22:38:b7:73:0c:08:34:0a:e9:69:9d:36:
d6:8c:ba:f2:b9:83:e7:19:63:c7:7b:36:a0:9d:1d:25:1a:1d:
6b:f0:b2:66:69:81:98:fb:73:06:9e:18:4b:b0:61:16:bd:10:
52:50:f1:97:77:fd:d1:be:93:b0:aa:62:e7:22:47:d6:08:19:
95:98:16:cd:d1:cd:28:4c:d5:6a:39:19:f2:3b:94:05:c2:49:
98:91:a3:e4:4e:0c:5b:67:30:3b:bf:cc:fe:4d:de:e0:be:c0:
54:88:05:08:8b:af:49:55:31:cd:38:44:1a:b5:9b:c3:03:2b:
87:6a:25:3d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUTrNuq440eA+ndQK6aoiJJO3hfNswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjAzMjcxNzIzMjRaFw0yNzAzMjYxNzI4MjRaMDMxMTAvBgNV
BAMTKDlEMEM0NjlENzMyQjBBNkY3NThGQTdFOEEwQThDRjA3ODFBRkMzNzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqYrCh1Q3CqLLpUWJIZbj1e0W/
RXb8ZzUSlSC/DPNRme1EgJIasbi3oEp6dUpsM6EPyI9a8x4Npn0Rz/o0fEriNOqA
f7jMdmsaFkO0NQeM2GeqFYlyLmnttSrmgXBbJV9NpAiuLLBgB1OnP0ie6zKTNDCJ
4fxljSAv506I4cqabx/lerYOenDz/DSbHj9YKuss7AZ52Kg93jkoepcRs8Mmbnut
aqky7QUP6Gw+kf5qosW+BrpFhPTedYWbJ1Cmk25JoY7rUN9N0lc8AXYs3lnVvgBO
40Bywco4oso80xdE4AUdOGVC8Ic9W/NWepBNTLjzUqnup4tvZ3RplSZpdS1jAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUnQxGnXMrCm91j6fooKjPB4Gvw3IwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzOTM1MmUzNTM4MmUzMTM0
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM5MzkzOTMxMzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADDOpUwDQYJKoZIhvcNAQELBQADggEBAAUdPS/82RGB8f4MyIkcncF/OsXTBMFj
CBfzPcbPedKx8rVZFcclw3ypG9WYLFSH/RsAnZuSfhuR5ZWUIJd7ZaZQC5FCW+TA
rSqWjIlmYO6f5vWgHwUuj796tYhxyyBMLkXiJApeXCSb27afzjM8LCgBrpGYSzOz
quW37eKa5JYjq5QuJyI4t3MMCDQK6WmdNtaMuvK5g+cZY8d7NqCdHSUaHWvwsmZp
gZj7cwaeGEuwYRa9EFJQ8Zd3/dG+k7CqYuciR9YIGZWYFs3RzShM1Wo5GfI7lAXC
SZiRo+RODFtnMDu/zP5N3uC+wFSIBQiLr0lVMc04RBq1m8MDK4dqJT0=
-----END CERTIFICATE-----
Generated at Sat Mar 28 03:16:08 2026 by rpki-client