Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3135312e302f32342d3234203d3e20323032343538.roa
File: 3139352e35382e3135312e302f32342d3234203d3e20323032343538.roa (raw, json)
Hash identifier: S52wGd4ZwVigg1qwK1PLqhCMszEkIbLvDfCCJBJzY5Y=
Subject key identifier: F3:93:98:E9:15:70:27:81:C2:2C:6C:B0:E5:DC:A8:9B:9C:28:93:A0
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 4ACB9C97A1AE2B564792AA7CE84057D8B00DC60D
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3135312e302f32342d3234203d3e20323032343538.roa
Signing time: Wed 08 Apr 2026 12:07:01 +0000
ROA not before: Wed 08 Apr 2026 12:02:01 +0000
ROA not after: Wed 07 Apr 2027 12:07:01 +0000
asID: 202458
IP address blocks: 195.58.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 Apr 2026 19:21:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:cb:9c:97:a1:ae:2b:56:47:92:aa:7c:e8:40:57:d8:b0:0d:c6:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Apr 8 12:02:01 2026 GMT
Not After : Apr 7 12:07:01 2027 GMT
Subject: CN=F39398E915702781C22C6CB0E5DCA89B9C2893A0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:72:d7:88:86:69:f5:87:35:43:5b:e1:c0:44:
a7:c9:32:1b:98:71:ca:4b:27:82:84:8e:a0:31:bd:
44:64:ed:c7:1c:a3:56:1e:bf:fd:55:0c:54:8d:a8:
71:28:e4:99:f0:55:1f:49:84:38:62:f2:a0:4f:83:
f1:8f:db:67:ef:b7:a2:b0:bf:4a:a7:7b:ef:33:28:
d4:71:a0:30:54:a9:69:b3:2b:22:58:20:e9:8c:c3:
34:df:43:a9:00:4a:60:e7:1d:7a:e1:ec:b1:91:60:
4a:b3:e4:cf:9e:8d:c7:0f:dc:56:a6:2e:6d:dc:c3:
5d:63:e5:48:63:c3:d6:d7:88:52:45:f8:36:7e:fd:
dd:35:b6:30:a0:13:58:b9:ee:c8:ee:02:40:e5:0b:
e3:95:5d:f0:11:84:13:96:53:71:df:ce:1e:81:b9:
3d:a4:e6:5b:6c:41:e9:0f:75:70:f9:97:c7:e2:20:
19:34:4e:9c:b3:2f:37:37:8f:f9:29:ca:b7:9c:e1:
2d:b3:61:53:3d:97:8a:a0:cc:f7:41:9c:69:16:1f:
e9:84:f7:a0:61:e3:82:4f:9f:68:14:07:b2:cd:27:
4b:ba:4e:07:a7:13:ba:d5:71:a5:57:5e:f7:39:ba:
13:dc:21:21:d3:d7:50:70:b0:27:96:ea:61:7b:8c:
73:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:93:98:E9:15:70:27:81:C2:2C:6C:B0:E5:DC:A8:9B:9C:28:93:A0
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3135312e302f32342d3234203d3e20323032343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.58.151.0/24
Signature Algorithm: sha256WithRSAEncryption
92:21:82:aa:b8:5a:08:60:1d:54:b2:7f:23:cb:14:19:a9:ac:
53:9a:3c:9a:38:ed:ee:3a:ee:99:f2:93:f2:cb:bd:35:4c:e8:
40:69:fc:d4:86:5f:6b:71:6e:05:3d:a8:ea:f5:ef:ea:13:5a:
4e:b3:3d:ba:cc:c0:ad:e9:5f:a3:99:ba:a1:88:9b:b5:54:e0:
c9:67:ba:47:a5:d5:07:2c:be:cb:b7:27:d9:03:79:7e:40:44:
e0:96:bd:68:f2:2b:69:53:06:05:b5:1a:8d:70:eb:26:25:e6:
65:da:34:e2:30:38:fe:9e:3c:a6:89:fe:86:c5:a3:9d:b4:08:
cb:4b:b9:8c:8d:00:ca:df:70:5d:fc:15:a3:78:c8:a0:c1:cd:
8f:2b:6b:53:44:c5:7d:be:8c:32:1a:64:29:bb:5d:cb:31:38:
d7:d3:92:1d:c3:07:1e:c6:b7:30:91:b1:7c:f7:9f:d6:04:1f:
c1:a3:1f:cc:10:d7:d5:2b:07:4c:13:76:b9:ac:e8:00:b8:c7:
aa:cb:2a:bf:ff:e3:52:f3:a5:5a:f8:ec:42:30:04:39:3b:da:
69:e8:6c:5b:29:6a:60:05:77:42:b2:13:49:2d:5b:61:ea:da:
d0:bb:16:32:03:31:ad:be:fd:4b:f2:10:0a:37:2a:cf:98:be:
70:a1:a3:16
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUSsucl6GuK1ZHkqp86EBX2LANxg0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjA0MDgxMjAyMDFaFw0yNzA0MDcxMjA3MDFaMDMxMTAvBgNV
BAMTKEYzOTM5OEU5MTU3MDI3ODFDMjJDNkNCMEU1RENBODlCOUMyODkzQTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfcteIhmn1hzVDW+HARKfJMhuY
ccpLJ4KEjqAxvURk7ccco1Yev/1VDFSNqHEo5JnwVR9JhDhi8qBPg/GP22fvt6Kw
v0qne+8zKNRxoDBUqWmzKyJYIOmMwzTfQ6kASmDnHXrh7LGRYEqz5M+ejccP3Fam
Lm3cw11j5Uhjw9bXiFJF+DZ+/d01tjCgE1i57sjuAkDlC+OVXfARhBOWU3Hfzh6B
uT2k5ltsQekPdXD5l8fiIBk0TpyzLzc3j/kpyrec4S2zYVM9l4qgzPdBnGkWH+mE
96Bh44JPn2gUB7LNJ0u6TgenE7rVcaVXXvc5uhPcISHT11BwsCeW6mF7jHOtAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU85OY6RVwJ4HCLGyw5dyom5wok6AwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzOTM1MmUzNTM4MmUzMTM1
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzIzNDM1Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADDOpcwDQYJKoZIhvcNAQELBQADggEBAJIhgqq4WghgHVSyfyPLFBmprFOaPJo4
7e467pnyk/LLvTVM6EBp/NSGX2txbgU9qOr17+oTWk6zPbrMwK3pX6OZuqGIm7VU
4Mlnukel1Qcsvsu3J9kDeX5AROCWvWjyK2lTBgW1Go1w6yYl5mXaNOIwOP6ePKaJ
/obFo520CMtLuYyNAMrfcF38FaN4yKDBzY8ra1NExX2+jDIaZCm7XcsxONfTkh3D
Bx7GtzCRsXz3n9YEH8GjH8wQ19UrB0wTdrms6AC4x6rLKr//41LzpVr47EIwBDk7
2mnobFspamAFd0KyE0ktW2Hq2tC7FjIDMa2+/UvyEAo3Ks+YvnChoxY=
-----END CERTIFICATE-----
Generated at Thu Apr 16 07:42:18 2026 by rpki-client