Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3134362e31392e3231352e302f32342d3234203d3e20323031313331.roa
File: 3134362e31392e3231352e302f32342d3234203d3e20323031313331.roa (raw, json)
Hash identifier: u4ojb2YE51vFgMkjWXXe4FgVm1kbuMMqef5geHX+2I4=
Subject key identifier: 8E:F9:55:3C:D4:91:C9:0D:BD:15:EA:A6:61:7A:48:65:CF:80:F3:DE
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 5C73C544AD80C9B56EE0A3D578631AAA192084BB
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3134362e31392e3231352e302f32342d3234203d3e20323031313331.roa
Signing time: Mon 29 Jun 2026 11:48:50 +0000
ROA not before: Mon 29 Jun 2026 11:43:50 +0000
ROA not after: Mon 28 Jun 2027 11:48:50 +0000
asID: 201131
IP address blocks: 146.19.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 14:12:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:73:c5:44:ad:80:c9:b5:6e:e0:a3:d5:78:63:1a:aa:19:20:84:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Jun 29 11:43:50 2026 GMT
Not After : Jun 28 11:48:50 2027 GMT
Subject: CN=8EF9553CD491C90DBD15EAA6617A4865CF80F3DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:19:0c:dc:31:ca:fb:0c:da:a5:22:fd:d6:6f:
32:85:e7:fa:b2:ca:7d:13:3c:4f:be:d2:33:74:57:
1c:9c:04:c2:e7:91:9c:57:41:cb:42:9a:10:be:6d:
c0:f1:e8:be:40:13:84:3c:16:61:50:f9:cf:98:64:
41:8b:81:0f:48:97:b0:f9:be:95:8a:a8:a8:ed:93:
6a:52:27:0f:69:6f:e7:cb:e9:e1:75:a3:84:3e:c1:
b7:08:2f:61:f2:c3:cb:5d:61:7c:b0:33:98:8d:10:
b3:de:9b:22:7e:26:98:32:b6:02:1f:dd:3c:f9:a4:
22:bd:9b:9f:40:2a:5c:f3:a5:ba:3c:e5:3f:b6:95:
9c:23:2e:3c:ea:49:f9:7c:e7:9e:6b:92:46:8d:38:
94:ba:e9:9c:b3:74:d6:5f:fc:e1:ca:b4:df:2d:6d:
57:64:17:bc:72:b7:1c:9f:b8:b8:86:63:88:29:a3:
81:f4:ee:86:17:12:e4:c8:f2:9a:4f:f3:05:d0:51:
42:3b:96:e3:b1:e6:ba:c7:e1:a5:38:9b:f1:9c:1a:
50:84:36:29:d2:b1:f8:1d:35:9e:54:a3:b2:d4:e0:
fc:d8:c2:e8:d3:d0:36:52:78:65:d5:90:ee:ed:29:
bf:76:3b:c7:1d:f2:19:91:5a:e9:97:f1:4c:b3:87:
0a:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:F9:55:3C:D4:91:C9:0D:BD:15:EA:A6:61:7A:48:65:CF:80:F3:DE
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3134362e31392e3231352e302f32342d3234203d3e20323031313331.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.215.0/24
Signature Algorithm: sha256WithRSAEncryption
be:1f:70:6c:f5:fe:5c:56:ad:e6:6d:a1:e7:d2:39:12:f8:fb:
6d:f4:f1:a4:14:f0:c4:9d:26:55:4d:a6:c5:92:16:20:8f:c4:
01:d7:8a:93:f7:90:c6:77:5d:b6:b4:de:df:7b:bc:a2:34:5d:
df:ff:7d:62:4c:f8:ab:db:c8:f7:ff:03:f4:fb:95:2e:79:b6:
fa:17:ca:36:d6:21:8b:ec:b0:eb:f6:9e:e7:12:08:61:99:a4:
2c:43:b4:78:58:83:c1:f9:2f:aa:0a:b3:8e:39:88:40:9f:71:
80:80:7d:14:6f:81:09:cb:0a:d6:50:9e:bd:d5:8d:94:cb:dc:
8b:69:4f:a8:cf:c0:db:89:32:3d:65:1e:81:74:2a:26:24:74:
28:b6:91:4c:31:e2:6d:49:f4:20:48:31:5f:95:6d:df:01:6e:
af:03:a9:49:74:61:8e:d1:39:ea:f0:40:3b:f6:9e:7e:4d:53:
90:05:68:e8:c6:d9:1a:35:81:ba:da:71:7e:6d:76:bb:87:c3:
de:46:4c:7f:c4:f7:c4:d8:24:f7:21:79:61:a7:4e:4d:d0:09:
69:b4:67:0e:a4:62:20:15:1d:12:45:8c:d5:c3:a7:36:a2:a7:
91:e3:0e:9c:dd:ef:c7:49:2f:b8:33:63:d4:3d:f3:59:27:54:
3f:9c:41:a1
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUXHPFRK2AybVu4KPVeGMaqhkghLswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNjA2MjkxMTQzNTBaFw0yNzA2MjgxMTQ4NTBaMDMxMTAvBgNV
BAMTKDhFRjk1NTNDRDQ5MUM5MERCRDE1RUFBNjYxN0E0ODY1Q0Y4MEYzREUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAGQzcMcr7DNqlIv3WbzKF5/qy
yn0TPE++0jN0VxycBMLnkZxXQctCmhC+bcDx6L5AE4Q8FmFQ+c+YZEGLgQ9Il7D5
vpWKqKjtk2pSJw9pb+fL6eF1o4Q+wbcIL2Hyw8tdYXywM5iNELPemyJ+JpgytgIf
3Tz5pCK9m59AKlzzpbo85T+2lZwjLjzqSfl8555rkkaNOJS66ZyzdNZf/OHKtN8t
bVdkF7xytxyfuLiGY4gpo4H07oYXEuTI8ppP8wXQUUI7luOx5rrH4aU4m/GcGlCE
NinSsfgdNZ5Uo7LU4PzYwujT0DZSeGXVkO7tKb92O8cd8hmRWumX8UyzhwpzAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUjvlVPNSRyQ29FeqmYXpIZc+A894wHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzEzNDM2MmUzMTM5MmUzMjMx
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzEzMTMzMzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACSE9cwDQYJKoZIhvcNAQELBQADggEBAL4fcGz1/lxWreZtoefSORL4+2308aQU
8MSdJlVNpsWSFiCPxAHXipP3kMZ3Xba03t97vKI0Xd//fWJM+KvbyPf/A/T7lS55
tvoXyjbWIYvssOv2nucSCGGZpCxDtHhYg8H5L6oKs445iECfcYCAfRRvgQnLCtZQ
nr3VjZTL3ItpT6jPwNuJMj1lHoF0KiYkdCi2kUwx4m1J9CBIMV+Vbd8Bbq8DqUl0
YY7ROerwQDv2nn5NU5AFaOjG2Ro1gbracX5tdruHw95GTH/E98TYJPcheWGnTk3Q
CWm0Zw6kYiAVHRJFjNXDpzaip5HjDpzd78dJL7gzY9Q981knVD+cQaE=
-----END CERTIFICATE-----
Generated at Mon Jun 29 20:55:06 2026 by rpki-client