Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3135302e302f32342d3234203d3e20313938343230.roa
File: 3139352e35382e3135302e302f32342d3234203d3e20313938343230.roa (raw, json)
Hash identifier: Yb8ZggmQm15ny9FM1xtYILR46C/kYmvLDoVrroOiEjA=
Subject key identifier: 0D:B9:C9:D5:8F:29:F9:B5:E7:14:97:DB:A7:F5:3D:6B:67:3A:F2:35
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 1D8F4BE27264D70CC74B5F8B603FF0B7C777B2DA
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3135302e302f32342d3234203d3e20313938343230.roa
Signing time: Sun 31 May 2026 05:16:55 +0000
ROA not before: Sun 31 May 2026 05:11:55 +0000
ROA not after: Sun 30 May 2027 05:16:55 +0000
asID: 198420
IP address blocks: 195.58.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 11:28:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:8f:4b:e2:72:64:d7:0c:c7:4b:5f:8b:60:3f:f0:b7:c7:77:b2:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: May 31 05:11:55 2026 GMT
Not After : May 30 05:16:55 2027 GMT
Subject: CN=0DB9C9D58F29F9B5E71497DBA7F53D6B673AF235
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:09:4c:f1:2d:d5:c2:2e:59:e1:7f:3d:bc:28:
a3:ee:f5:51:38:cb:2f:81:3f:56:df:2a:4e:d1:68:
06:b9:dc:da:90:e9:a4:df:70:aa:1f:07:e1:21:8d:
ec:0d:34:51:e1:49:dd:6c:3f:8c:04:15:d0:24:8c:
01:93:bd:76:b4:41:bb:66:75:8a:12:e1:32:dc:8d:
5d:db:a3:ac:a9:fd:f3:ab:2c:2e:96:c0:01:c2:f4:
ea:44:f4:df:90:62:e0:38:bd:ed:5a:d5:1a:ba:0e:
5d:ca:7a:8c:2b:a3:ee:e3:42:2e:74:07:bd:e8:1a:
27:32:aa:36:20:26:d5:ba:5a:c5:61:aa:5a:05:0a:
e5:8a:ed:f7:30:60:20:01:32:b1:db:ae:bc:cf:89:
ff:d4:80:2c:cf:c6:3b:0c:c7:93:0b:75:7d:ed:fb:
05:6c:6d:70:bc:35:e7:bb:11:c6:c1:11:16:89:94:
e7:f4:d4:1e:17:1e:34:f5:3f:5b:e1:a6:bd:4a:38:
40:29:ea:05:51:4e:00:74:a3:e1:a9:b7:0d:2e:14:
ea:09:fc:a8:d2:38:1d:d6:a9:55:0c:b8:d5:f2:61:
b3:ae:d3:d4:e2:23:13:66:f9:3b:f7:33:69:97:0d:
0d:72:08:a7:a5:a0:e0:ba:d6:97:46:a7:6f:ec:f0:
9d:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:B9:C9:D5:8F:29:F9:B5:E7:14:97:DB:A7:F5:3D:6B:67:3A:F2:35
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3135302e302f32342d3234203d3e20313938343230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.58.150.0/24
Signature Algorithm: sha256WithRSAEncryption
49:cc:c0:30:a0:d5:15:6a:82:c4:3e:e0:79:1b:7d:3d:96:2c:
da:71:23:7a:6c:81:60:46:13:7a:f5:eb:87:d5:b7:8c:b9:56:
c6:56:ec:23:07:53:80:03:0b:66:d6:d6:5b:9b:30:3c:18:e2:
6f:8b:ed:08:70:36:30:4e:b7:8b:a2:29:94:21:e7:81:02:78:
83:17:dd:7f:e1:96:2a:4d:08:ba:a9:f3:ee:4e:94:52:41:76:
78:1c:78:dd:56:5a:6a:f8:bc:3e:75:d9:cd:15:88:16:62:c3:
55:76:65:ff:0a:be:1b:fb:1c:ff:a8:02:5b:b3:a9:80:67:3c:
14:d3:e2:c0:87:e1:e7:6e:35:12:a3:e3:c3:b6:87:bc:e1:e9:
e1:16:b9:7e:5b:49:95:7c:58:45:aa:4a:03:42:6d:f1:07:02:
8b:1f:65:b4:81:be:68:c7:e3:29:62:26:e0:09:f2:1a:a4:2e:
56:2a:f4:42:26:58:a2:c1:50:f6:64:d3:f6:38:91:ef:6e:8b:
12:72:ca:6d:ee:6b:0c:cc:b7:ef:eb:56:aa:79:58:2d:c9:07:
7d:a9:fc:cb:c4:49:23:9b:5e:62:33:27:10:51:ed:ed:12:2c:
ca:74:46:77:45:92:8f:19:59:83:56:05:68:dd:54:25:94:e4:
6b:93:42:03
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUHY9L4nJk1wzHS1+LYD/wt8d3stowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjA1MzEwNTExNTVaFw0yNzA1MzAwNTE2NTVaMDMxMTAvBgNV
BAMTKDBEQjlDOUQ1OEYyOUY5QjVFNzE0OTdEQkE3RjUzRDZCNjczQUYyMzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbCUzxLdXCLlnhfz28KKPu9VE4
yy+BP1bfKk7RaAa53NqQ6aTfcKofB+EhjewNNFHhSd1sP4wEFdAkjAGTvXa0Qbtm
dYoS4TLcjV3bo6yp/fOrLC6WwAHC9OpE9N+QYuA4ve1a1Rq6Dl3Keowro+7jQi50
B73oGicyqjYgJtW6WsVhqloFCuWK7fcwYCABMrHbrrzPif/UgCzPxjsMx5MLdX3t
+wVsbXC8Nee7EcbBERaJlOf01B4XHjT1P1vhpr1KOEAp6gVRTgB0o+Gptw0uFOoJ
/KjSOB3WqVUMuNXyYbOu09TiIxNm+Tv3M2mXDQ1yCKeloOC61pdGp2/s8J0dAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUDbnJ1Y8p+bXnFJfbp/U9a2c68jUwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzOTM1MmUzNTM4MmUzMTM1
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM5MzgzNDMyMzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADDOpYwDQYJKoZIhvcNAQELBQADggEBAEnMwDCg1RVqgsQ+4HkbfT2WLNpxI3ps
gWBGE3r164fVt4y5VsZW7CMHU4ADC2bW1lubMDwY4m+L7QhwNjBOt4uiKZQh54EC
eIMX3X/hlipNCLqp8+5OlFJBdngceN1WWmr4vD512c0ViBZiw1V2Zf8Kvhv7HP+o
AluzqYBnPBTT4sCH4eduNRKj48O2h7zh6eEWuX5bSZV8WEWqSgNCbfEHAosfZbSB
vmjH4yliJuAJ8hqkLlYq9EImWKLBUPZk0/Y4ke9uixJyym3uawzMt+/rVqp5WC3J
B32p/MvESSObXmIzJxBR7e0SLMp0RndFko8ZWYNWBWjdVCWU5GuTQgM=
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:25:01 2026 by rpki-client