Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3139332e3234362e3136342e302f32342d3234203d3e20323134343332.roa
File: 3139332e3234362e3136342e302f32342d3234203d3e20323134343332.roa (raw, json)
Hash identifier: dY1TZgYtt2XOIsVBxW8tOuYVl+qsqJFS06ZKgYUYzuc=
Subject key identifier: 6C:DB:40:7C:B2:B4:A1:F1:DA:DB:4F:B4:DF:ED:18:8D:FA:85:16:CF
Certificate issuer: /CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Certificate serial: 0DE55487070C8C05D06F185E8A4027DF3DEE8C
Authority key identifier: 45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3139332e3234362e3136342e302f32342d3234203d3e20323134343332.roa
Signing time: Sun 24 May 2026 16:23:37 +0000
ROA not before: Sun 24 May 2026 16:18:37 +0000
ROA not after: Sun 23 May 2027 16:23:37 +0000
asID: 214432
IP address blocks: 193.246.164.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 02:56:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:e5:54:87:07:0c:8c:05:d0:6f:18:5e:8a:40:27:df:3d:ee:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Validity
Not Before: May 24 16:18:37 2026 GMT
Not After : May 23 16:23:37 2027 GMT
Subject: CN=6CDB407CB2B4A1F1DADB4FB4DFED188DFA8516CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7e:39:08:c2:c4:6f:3a:62:28:d5:b2:12:cf:
45:47:df:21:13:d5:de:18:76:b2:27:65:01:3d:c9:
26:92:40:70:93:26:bd:d5:5b:3c:fc:6a:b1:3e:fd:
67:0e:7f:d2:34:2a:5f:9a:f0:05:bb:1e:c2:c6:4f:
de:5c:82:0e:14:38:9a:74:d9:f0:74:aa:ec:9a:9b:
58:b9:f9:ea:b3:a3:80:6e:ef:bd:ea:2a:f2:e8:0e:
ad:a6:4f:2b:f4:c4:22:2c:f1:db:5f:f2:6a:f7:ae:
23:09:18:1c:5f:68:7f:64:7f:8f:cf:a2:6a:34:87:
fc:09:4d:6e:91:b5:0d:65:84:6e:16:43:91:48:16:
b3:9e:6e:12:69:63:64:ef:92:b6:f7:d6:f4:04:3f:
c9:99:f2:09:97:3b:92:93:2a:70:66:63:4e:fa:0e:
df:50:ab:56:c1:98:ab:c2:3a:d6:1a:dc:95:27:cb:
6e:8d:fc:79:05:4c:70:7f:85:d6:e6:7e:96:d3:13:
5b:ea:19:51:d4:50:6b:29:c5:d8:9a:e3:1d:9b:d5:
3d:86:bf:b8:9a:3e:9e:9e:82:b3:8b:06:7b:05:24:
a8:74:6f:14:23:62:7d:b1:3b:12:ae:cf:14:28:f7:
a0:29:23:36:95:d7:34:81:2d:00:76:74:97:b3:e0:
ea:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:DB:40:7C:B2:B4:A1:F1:DA:DB:4F:B4:DF:ED:18:8D:FA:85:16:CF
X509v3 Authority Key Identifier:
keyid:45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3139332e3234362e3136342e302f32342d3234203d3e20323134343332.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.246.164.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:1f:e2:4d:3a:d0:78:16:73:af:ed:c4:f9:bb:d2:cc:93:68:
f5:ca:b3:09:d5:e7:83:ef:3b:16:27:08:18:6a:86:ef:46:05:
45:18:15:51:02:5b:d9:3e:7c:4e:3b:15:d2:65:c5:7d:06:f4:
46:91:05:45:d9:50:85:c1:3e:80:25:a8:87:cd:27:ea:0f:ac:
be:5e:44:c2:e7:b0:9d:11:29:97:af:88:81:3a:30:27:b0:e8:
ec:53:82:f0:22:51:d4:74:b0:ed:3e:62:0d:e5:69:1d:cd:a4:
9d:e9:c4:f2:50:44:06:b4:18:20:0f:47:1c:e3:31:a1:d0:4c:
e7:e5:d5:8b:c9:f7:8b:59:fd:7f:4f:79:48:55:49:96:e0:6d:
96:4f:0b:6f:e9:f1:93:e7:8d:4a:74:c3:99:94:06:2b:37:5f:
58:c8:8a:cc:fb:c6:b3:2e:3a:0b:d3:aa:3f:d3:98:03:43:1d:
4b:e0:dd:9d:68:d3:6e:dc:15:fc:80:cb:94:6b:a9:0d:49:5d:
06:e8:71:db:5b:4d:31:b8:93:d4:4e:c1:a0:c8:b3:28:6e:44:
a6:89:d8:9c:92:15:f3:6d:a5:9f:f6:3d:6d:88:ba:7a:7e:ab:
05:01:69:08:44:6a:c4:ec:a1:10:1c:8f:a5:94:91:08:dc:ce:
fe:86:e8:c5
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgITDeVUhwcMjAXQbxheikAn3z3ujDANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg0NWU4NjQ4ZTQ0NWRjY2QwZDhlZTY5OWY1MTQwYmI4MTRl
NDNhZTFiMB4XDTI2MDUyNDE2MTgzN1oXDTI3MDUyMzE2MjMzN1owMzExMC8GA1UE
AxMoNkNEQjQwN0NCMkI0QTFGMURBREI0RkI0REZFRDE4OERGQTg1MTZDRjCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK1+OQjCxG86YijVshLPRUffIRPV
3hh2sidlAT3JJpJAcJMmvdVbPPxqsT79Zw5/0jQqX5rwBbsewsZP3lyCDhQ4mnTZ
8HSq7JqbWLn56rOjgG7vveoq8ugOraZPK/TEIizx21/yaveuIwkYHF9of2R/j8+i
ajSH/AlNbpG1DWWEbhZDkUgWs55uEmljZO+StvfW9AQ/yZnyCZc7kpMqcGZjTvoO
31CrVsGYq8I61hrclSfLbo38eQVMcH+F1uZ+ltMTW+oZUdRQaynF2JrjHZvVPYa/
uJo+np6Cs4sGewUkqHRvFCNifbE7Eq7PFCj3oCkjNpXXNIEtAHZ0l7Pg6lsCAwEA
AaOCAkEwggI9MB0GA1UdDgQWBBRs20B8srSh8drbT7Tf7RiN+oUWzzAfBgNVHSME
GDAWgBRF6GSORF3M0NjuaZ9RQLuBTkOuGzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5u
ZXQvcmVwb3NpdG9yeS85MzNiMmZkNy0zMWMxLTQ1MWMtODI4OC1jMWFhMGFhMTI3
NTAvMC80NUU4NjQ4RTQ0NURDQ0QwRDhFRTY5OUY1MTQwQkI4MTRFNDNBRTFCLmNy
bDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvUmVoa2prUmR6TkRZN21tZlVVQzdnVTVE
cmhzLmNlcjCBsQYIKwYBBQUHAQsEgaQwgaEwgZ4GCCsGAQUFBzALhoGRcnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS85MzNiMmZkNy0z
MWMxLTQ1MWMtODI4OC1jMWFhMGFhMTI3NTAvMC8zMTM5MzMyZTMyMzQzNjJlMzEz
NjM0MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM0MzQzMzMyLnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAwfakMA0GCSqGSIb3DQEBCwUAA4IBAQAPH+JNOtB4FnOv7cT5u9LMk2j1yrMJ
1eeD7zsWJwgYaobvRgVFGBVRAlvZPnxOOxXSZcV9BvRGkQVF2VCFwT6AJaiHzSfq
D6y+XkTC57CdESmXr4iBOjAnsOjsU4LwIlHUdLDtPmIN5WkdzaSd6cTyUEQGtBgg
D0cc4zGh0Ezn5dWLyfeLWf1/T3lIVUmW4G2WTwtv6fGT541KdMOZlAYrN19YyIrM
+8azLjoL06o/05gDQx1L4N2daNNu3BX8gMuUa6kNSV0G6HHbW00xuJPUTsGgyLMo
bkSmidickhXzbaWf9j1tiLp6fqsFAWkIRGrE7KEQHI+llJEI3M7+hujF
-----END CERTIFICATE-----
Generated at Thu Jun 11 16:28:06 2026 by rpki-client