Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136322e302f32342d3234203d3e20343031373736.roa
File: 3130392e3131302e3136322e302f32342d3234203d3e20343031373736.roa (raw, json)
Hash identifier: nq8w83UiASUMJkdx1VQJPAgE4C1nkbNN/UcOw5YNiHs=
Subject key identifier: D3:A9:59:5E:47:CB:EF:FF:D6:8C:97:18:5A:40:02:EE:B1:73:3A:0E
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 30CF9BA733952B2674F246566465D682435A0CEC
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136322e302f32342d3234203d3e20343031373736.roa
Signing time: Wed 13 May 2026 07:44:55 +0000
ROA not before: Wed 13 May 2026 07:39:55 +0000
ROA not after: Wed 12 May 2027 07:44:55 +0000
asID: 401776
IP address blocks: 109.110.162.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:cf:9b:a7:33:95:2b:26:74:f2:46:56:64:65:d6:82:43:5a:0c:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: May 13 07:39:55 2026 GMT
Not After : May 12 07:44:55 2027 GMT
Subject: CN=D3A9595E47CBEFFFD68C97185A4002EEB1733A0E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:55:e7:9f:cb:8d:1f:6f:8a:b2:85:4a:24:bc:
c0:26:2a:40:d1:6e:c5:b9:7b:cb:78:51:2c:3e:14:
c9:2d:65:ed:f9:90:39:13:bc:3d:14:f9:c4:8f:9c:
df:28:19:aa:65:e4:d5:e6:3a:56:d9:bf:89:ec:a4:
db:37:de:82:21:6d:be:9c:e0:53:6b:cf:be:9a:98:
91:10:04:46:0c:8f:95:15:29:af:43:56:c6:80:e2:
40:4f:5f:78:21:31:2e:d0:e2:c1:c9:c1:4a:b2:84:
53:50:ff:da:c7:80:8f:c8:c8:37:49:ee:ae:d8:18:
2b:34:92:1b:73:01:67:74:0b:d7:1b:6d:21:70:21:
d9:4e:ba:20:f1:cb:21:65:07:d0:17:ef:f8:5b:52:
1f:53:db:ea:4f:1b:e1:a1:0c:60:c6:32:a4:4d:49:
93:6f:57:5c:af:f1:f5:b4:c2:53:d7:d5:69:8a:0f:
68:9a:0e:a2:23:a0:f3:0d:1a:8f:e7:aa:30:4f:5a:
07:c9:7c:9d:25:38:5a:59:32:d0:21:53:60:1f:2f:
b8:0b:41:02:86:f3:e5:45:e2:d1:ef:13:a9:3b:c2:
25:66:25:ab:c5:54:aa:26:6d:1a:aa:fd:14:d5:73:
e3:91:ac:18:12:d8:07:21:c0:1a:89:ee:6b:6f:4d:
23:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:A9:59:5E:47:CB:EF:FF:D6:8C:97:18:5A:40:02:EE:B1:73:3A:0E
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136322e302f32342d3234203d3e20343031373736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.162.0/24
Signature Algorithm: sha256WithRSAEncryption
96:be:41:2f:4e:42:64:f7:7c:78:e4:96:78:e0:0b:67:f6:69:
42:dc:43:03:fc:d7:9a:b6:b8:4e:45:b3:9c:ab:60:7a:3b:1f:
10:2d:ab:87:3a:a7:65:1b:fd:c0:d2:31:10:6d:10:a2:ad:d1:
6d:fd:0f:a4:0c:89:11:60:5d:43:00:3c:78:1c:f0:64:85:a9:
bf:d3:7f:93:e8:b1:e5:22:78:09:4c:06:09:7d:63:d0:64:ef:
0d:04:76:52:ff:ba:5d:78:55:db:28:c8:4d:7f:91:59:cd:58:
c7:34:81:ec:eb:dd:a0:4a:02:fb:7e:c2:81:4c:a2:6b:78:50:
bc:8a:0a:fa:d8:87:9b:7d:1f:53:eb:45:bd:c3:df:eb:0e:e8:
19:55:a2:1c:55:d0:09:b3:d3:b0:e1:0d:86:62:e5:28:d2:bb:
16:5c:b0:f2:29:41:93:94:1b:ec:2d:41:68:1d:71:c6:d0:77:
12:04:25:e9:26:ac:27:12:ae:7e:53:92:ed:3a:2f:07:c3:5e:
f0:62:63:2d:57:4b:f0:be:be:55:c8:d4:00:73:75:6a:ef:f0:
a0:6a:25:e5:84:74:ff:3c:e8:6c:0d:83:3a:80:89:de:54:8b:
83:c8:13:0b:9a:76:91:ea:f6:6a:82:1a:ca:b7:5b:e1:e8:f7:
32:7e:bf:ac
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUMM+bpzOVKyZ08kZWZGXWgkNaDOwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNjA1MTMwNzM5NTVaFw0yNzA1MTIwNzQ0NTVaMDMxMTAvBgNV
BAMTKEQzQTk1OTVFNDdDQkVGRkZENjhDOTcxODVBNDAwMkVFQjE3MzNBMEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXVeefy40fb4qyhUokvMAmKkDR
bsW5e8t4USw+FMktZe35kDkTvD0U+cSPnN8oGapl5NXmOlbZv4nspNs33oIhbb6c
4FNrz76amJEQBEYMj5UVKa9DVsaA4kBPX3ghMS7Q4sHJwUqyhFNQ/9rHgI/IyDdJ
7q7YGCs0khtzAWd0C9cbbSFwIdlOuiDxyyFlB9AX7/hbUh9T2+pPG+GhDGDGMqRN
SZNvV1yv8fW0wlPX1WmKD2iaDqIjoPMNGo/nqjBPWgfJfJ0lOFpZMtAhU2AfL7gL
QQKG8+VF4tHvE6k7wiVmJavFVKombRqq/RTVc+ORrBgS2AchwBqJ7mtvTSMFAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU06lZXkfL7//WjJcYWkAC7rFzOg4wHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzYzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzAzMTM3MzczNi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAG1uojANBgkqhkiG9w0BAQsFAAOCAQEAlr5BL05CZPd8eOSWeOALZ/ZpQtxD
A/zXmra4TkWznKtgejsfEC2rhzqnZRv9wNIxEG0Qoq3Rbf0PpAyJEWBdQwA8eBzw
ZIWpv9N/k+ix5SJ4CUwGCX1j0GTvDQR2Uv+6XXhV2yjITX+RWc1YxzSB7OvdoEoC
+37CgUyia3hQvIoK+tiHm30fU+tFvcPf6w7oGVWiHFXQCbPTsOENhmLlKNK7Flyw
8ilBk5Qb7C1BaB1xxtB3EgQl6SasJxKuflOS7TovB8Ne8GJjLVdL8L6+VcjUAHN1
au/woGol5YR0/zzobA2DOoCJ3lSLg8gTC5p2ker2aoIayrdb4ej3Mn6/rA==
-----END CERTIFICATE-----
Generated at Thu Jun 4 05:16:59 2026 by rpki-client