Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/3139342e3132342e3233342e302f32342d3234203d3e203134363138.roa
File: 3139342e3132342e3233342e302f32342d3234203d3e203134363138.roa (raw, json)
Hash identifier: jmldibQztUu/uE9gn0LxmihLjuBeh91SIaguqVgH56w=
Subject key identifier: 68:EA:2D:4E:82:46:29:9E:C7:F8:E5:FA:D0:0E:60:D3:36:D1:BD:A5
Certificate issuer: /CN=cb29a77669df5a7a5cb506d839ee8aa4337ccaac
Certificate serial: 7541D870AEE9FF944FBD11AC4A03E9799C1E9AAD
Authority key identifier: CB:29:A7:76:69:DF:5A:7A:5C:B5:06:D8:39:EE:8A:A4:33:7C:CA:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yymndmnfWnpctQbYOe6KpDN8yqw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/3139342e3132342e3233342e302f32342d3234203d3e203134363138.roa
Signing time: Tue 03 Feb 2026 09:12:36 +0000
ROA not before: Tue 03 Feb 2026 09:07:36 +0000
ROA not after: Tue 02 Feb 2027 09:12:36 +0000
asID: 14618
IP address blocks: 194.124.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/CB29A77669DF5A7A5CB506D839EE8AA4337CCAAC.crl
rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/CB29A77669DF5A7A5CB506D839EE8AA4337CCAAC.mft
rsync://rpki.ripe.net/repository/DEFAULT/yymndmnfWnpctQbYOe6KpDN8yqw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Feb 2026 19:07:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:41:d8:70:ae:e9:ff:94:4f:bd:11:ac:4a:03:e9:79:9c:1e:9a:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb29a77669df5a7a5cb506d839ee8aa4337ccaac
Validity
Not Before: Feb 3 09:07:36 2026 GMT
Not After : Feb 2 09:12:36 2027 GMT
Subject: CN=68EA2D4E8246299EC7F8E5FAD00E60D336D1BDA5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:35:c2:89:65:e5:6d:ff:ae:c7:a9:4b:28:7c:
3d:a0:c7:0f:ff:f8:8c:fa:c4:3f:bb:ee:90:d8:97:
a1:e9:fe:22:f8:a8:d1:8e:e9:df:7d:e8:c3:9e:da:
d4:fb:27:de:67:63:1d:46:51:c7:3f:05:3a:d1:df:
a0:61:e3:04:af:13:5e:08:1d:a1:fd:20:06:c8:61:
23:2a:62:1c:73:9d:62:55:34:70:9d:f4:1a:74:a7:
be:f9:b7:4a:82:5c:43:d1:63:3a:39:78:a2:a4:eb:
0c:bd:54:e3:6e:e7:ee:67:f9:45:cb:3d:35:a5:54:
bf:ce:82:47:a5:63:91:b5:fb:96:4b:c2:1a:63:8b:
e3:41:e4:af:e7:21:6b:41:1d:fc:43:25:68:09:0d:
3a:f5:5c:1c:53:81:61:95:77:14:b8:b7:eb:9b:a7:
50:87:0e:b4:ca:7f:6a:4d:3e:ed:00:eb:73:df:e4:
b1:de:a7:13:35:b5:d5:90:a9:38:4c:b6:5e:67:ce:
23:cc:5d:ed:42:1b:1c:ea:5c:25:06:4c:97:f0:a1:
fd:c4:d5:ee:48:1b:f8:50:34:28:b7:db:79:40:29:
07:f3:f6:84:de:a1:ae:e2:63:b1:1a:b3:e5:d8:f7:
9d:86:1d:0c:7b:21:16:84:9b:21:48:a3:9e:1d:4e:
a6:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:EA:2D:4E:82:46:29:9E:C7:F8:E5:FA:D0:0E:60:D3:36:D1:BD:A5
X509v3 Authority Key Identifier:
keyid:CB:29:A7:76:69:DF:5A:7A:5C:B5:06:D8:39:EE:8A:A4:33:7C:CA:AC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/CB29A77669DF5A7A5CB506D839EE8AA4337CCAAC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yymndmnfWnpctQbYOe6KpDN8yqw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/3139342e3132342e3233342e302f32342d3234203d3e203134363138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.124.234.0/24
Signature Algorithm: sha256WithRSAEncryption
13:d2:53:7c:62:2a:5e:bf:21:a4:cf:9e:1b:ee:fa:62:ca:cc:
22:0f:29:15:ff:aa:d8:1b:41:54:82:bd:28:f5:94:9f:d5:4c:
9a:42:d8:53:c5:c3:20:e3:f1:d5:7c:8a:2c:89:0d:af:6a:d6:
0f:0f:25:34:4b:1e:eb:38:e0:13:25:f6:12:fe:19:d8:97:0e:
6c:a3:0c:87:44:a6:d2:79:cd:7e:92:3a:d6:36:fa:61:b7:9b:
f2:5b:79:74:cd:0b:b7:88:65:da:60:d0:07:df:c8:63:bc:d3:
b5:5f:69:d8:cc:40:0c:1a:9b:51:a4:bc:3b:31:cb:a5:4a:25:
d3:f3:e8:00:99:09:54:a0:a1:96:4c:f0:65:75:a3:88:8e:01:
64:98:f8:e4:e0:55:78:22:ac:8a:29:4e:ed:56:77:69:a5:56:
4f:4d:2d:e3:db:4c:e0:c9:01:7d:bb:c9:e4:33:d2:c9:7d:76:
47:97:8b:49:fe:92:c3:f5:f3:04:23:ec:5e:0a:72:77:f0:62:
3e:93:75:81:32:dd:05:fe:4c:0e:47:69:92:a8:ce:7e:28:67:
4d:f7:c7:ef:22:14:f2:aa:46:f0:b0:3d:05:d2:af:58:ac:17:
c0:db:bf:84:c9:43:6e:54:31:23:0a:3d:23:f2:7f:ed:05:20:
30:c4:15:88
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUdUHYcK7p/5RPvRGsSgPpeZwemq0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2IyOWE3NzY2OWRmNWE3YTVjYjUwNmQ4MzllZThhYTQz
MzdjY2FhYzAeFw0yNjAyMDMwOTA3MzZaFw0yNzAyMDIwOTEyMzZaMDMxMTAvBgNV
BAMTKDY4RUEyRDRFODI0NjI5OUVDN0Y4RTVGQUQwMEU2MEQzMzZEMUJEQTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8NcKJZeVt/67HqUsofD2gxw//
+Iz6xD+77pDYl6Hp/iL4qNGO6d996MOe2tT7J95nYx1GUcc/BTrR36Bh4wSvE14I
HaH9IAbIYSMqYhxznWJVNHCd9Bp0p775t0qCXEPRYzo5eKKk6wy9VONu5+5n+UXL
PTWlVL/OgkelY5G1+5ZLwhpji+NB5K/nIWtBHfxDJWgJDTr1XBxTgWGVdxS4t+ub
p1CHDrTKf2pNPu0A63Pf5LHepxM1tdWQqThMtl5nziPMXe1CGxzqXCUGTJfwof3E
1e5IG/hQNCi323lAKQfz9oTeoa7iY7Eas+XY952GHQx7IRaEmyFIo54dTqYHAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUaOotToJGKZ7H+OX60A5g0zbRvaUwHwYDVR0j
BBgwFoAUyymndmnfWnpctQbYOe6KpDN8yqwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmIyNWQwNjgtN2Y5Yy00YjBlLWE2OTUtMTc3OWI3ZDhm
MDZlLzAvQ0IyOUE3NzY2OURGNUE3QTVDQjUwNkQ4MzlFRThBQTQzMzdDQ0FBQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3l5bW5kbW5mV25wY3RRYllPZTZLcERO
OHlxdy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmIyNWQwNjgt
N2Y5Yy00YjBlLWE2OTUtMTc3OWI3ZDhmMDZlLzAvMzEzOTM0MmUzMTMyMzQyZTMy
MzMzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzNjMxMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCfOowDQYJKoZIhvcNAQELBQADggEBABPSU3xiKl6/IaTPnhvu+mLKzCIPKRX/
qtgbQVSCvSj1lJ/VTJpC2FPFwyDj8dV8iiyJDa9q1g8PJTRLHus44BMl9hL+GdiX
DmyjDIdEptJ5zX6SOtY2+mG3m/JbeXTNC7eIZdpg0AffyGO807VfadjMQAwam1Gk
vDsxy6VKJdPz6ACZCVSgoZZM8GV1o4iOAWSY+OTgVXgirIopTu1Wd2mlVk9NLePb
TODJAX27yeQz0sl9dkeXi0n+ksP18wQj7F4KcnfwYj6TdYEy3QX+TA5HaZKozn4o
Z033x+8iFPKqRvCwPQXSr1isF8Dbv4TJQ25UMSMKPSPyf+0FIDDEFYg=
-----END CERTIFICATE-----
Generated at Sat Feb 21 04:55:31 2026 by rpki-client