Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3137362e3132362e3130352e302f32342d3234203d3e20313532363732.roa
File: 3137362e3132362e3130352e302f32342d3234203d3e20313532363732.roa (raw, json)
Hash identifier: Aze0H1EmJtfCr2E388tFbkXXQhKMmQb0+wnPTMjfsF4=
Subject key identifier: D6:1B:9D:BB:2A:02:F4:D9:37:02:42:97:E8:B8:B4:A4:D7:B0:B3:5E
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 384DA5BFA452A09DCC1EA2D02888AF288A8FF10A
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3137362e3132362e3130352e302f32342d3234203d3e20313532363732.roa
Signing time: Mon 01 Jun 2026 06:47:19 +0000
ROA not before: Mon 01 Jun 2026 06:42:19 +0000
ROA not after: Mon 31 May 2027 06:47:19 +0000
asID: 152672
IP address blocks: 176.126.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Jun 2026 02:30:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:4d:a5:bf:a4:52:a0:9d:cc:1e:a2:d0:28:88:af:28:8a:8f:f1:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Jun 1 06:42:19 2026 GMT
Not After : May 31 06:47:19 2027 GMT
Subject: CN=D61B9DBB2A02F4D937024297E8B8B4A4D7B0B35E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:38:9e:9b:fd:1a:8b:5c:a1:70:b3:f6:4e:16:
fc:f3:66:a8:39:2a:a0:1d:66:ef:65:7a:8f:b0:5f:
03:65:db:cd:05:00:ef:cf:21:5c:2a:4c:7a:40:0e:
ad:fe:da:58:65:32:20:ec:5a:01:c4:3e:f2:59:49:
d0:e0:81:ee:ad:fe:52:78:b7:e6:5e:73:22:df:f1:
5a:f4:aa:d7:ed:ce:02:4c:19:8e:13:84:b5:d2:b3:
ee:f9:1d:36:fd:47:38:c2:2a:ce:ec:cc:2b:93:ec:
47:b5:8a:fa:c6:f8:5d:8d:5c:5a:e8:54:b0:f1:64:
27:e4:e5:e0:6a:fd:a5:9b:79:5f:40:cc:f8:7f:f8:
e3:cd:36:ed:f7:47:c5:05:4e:15:a7:d3:cf:8b:6a:
29:3b:16:76:50:83:23:42:62:76:ab:ab:3d:37:a8:
b3:a2:aa:5c:00:36:3d:73:b8:2c:0b:15:0f:89:c4:
d2:89:3c:e4:3a:dd:7f:bd:e1:5a:42:67:d7:08:5e:
62:b2:2e:9a:fb:5b:4a:c3:f9:7d:92:9e:8f:2b:10:
28:5e:b9:62:09:8c:ac:41:04:ac:a6:21:07:3c:bb:
87:a6:7f:ea:eb:43:b8:86:28:fc:fb:30:53:b5:30:
26:f8:6a:de:cb:d7:0f:07:a9:29:72:3a:e6:1b:66:
2e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:1B:9D:BB:2A:02:F4:D9:37:02:42:97:E8:B8:B4:A4:D7:B0:B3:5E
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3137362e3132362e3130352e302f32342d3234203d3e20313532363732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.126.105.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:1c:e7:e4:4f:92:01:05:6e:ca:d0:2f:e3:90:6f:90:ed:4c:
ae:65:93:c3:a5:19:00:ac:6c:37:b9:41:ed:be:f2:fb:5d:24:
3b:69:25:94:45:51:d5:d1:75:44:27:ea:91:84:be:b6:00:09:
bf:3d:bb:28:ad:b5:5d:fe:f4:f7:7a:2f:0c:71:2b:5e:ff:a3:
20:30:b9:a5:ff:f6:25:82:b7:92:c5:c3:10:ea:81:70:30:7c:
61:77:73:4e:93:64:e8:29:43:1f:8c:13:b3:99:2f:d1:5f:49:
25:95:da:be:7d:68:05:fc:b6:9b:c1:11:29:4a:c4:17:8d:6d:
fd:75:4d:a7:f1:9a:25:db:5d:1f:e9:56:8b:88:73:f8:75:c8:
2b:3e:b7:62:c4:38:e3:b9:82:63:d2:ac:d5:2e:8c:da:bb:c0:
d8:de:f6:5b:bc:2d:a4:83:e3:e0:26:3d:15:b0:49:12:63:06:
40:21:67:25:55:09:ff:d1:1f:1f:e1:ae:64:ce:e6:39:dc:d9:
7e:c4:e2:d0:b3:1b:b4:1a:4f:b2:14:6f:11:a1:30:9d:47:9f:
1c:74:b8:03:f5:6b:9c:11:27:90:e7:9f:7b:ae:11:0d:df:83:
f5:31:ce:b2:8e:e7:2e:36:10:04:4e:07:5d:2b:a5:dd:10:c4:
06:66:8b:c8
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUOE2lv6RSoJ3MHqLQKIivKIqP8QowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNjA2MDEwNjQyMTlaFw0yNzA1MzEwNjQ3MTlaMDMxMTAvBgNV
BAMTKEQ2MUI5REJCMkEwMkY0RDkzNzAyNDI5N0U4QjhCNEE0RDdCMEIzNUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPOJ6b/RqLXKFws/ZOFvzzZqg5
KqAdZu9leo+wXwNl280FAO/PIVwqTHpADq3+2lhlMiDsWgHEPvJZSdDgge6t/lJ4
t+ZecyLf8Vr0qtftzgJMGY4ThLXSs+75HTb9RzjCKs7szCuT7Ee1ivrG+F2NXFro
VLDxZCfk5eBq/aWbeV9AzPh/+OPNNu33R8UFThWn08+Laik7FnZQgyNCYnarqz03
qLOiqlwANj1zuCwLFQ+JxNKJPOQ63X+94VpCZ9cIXmKyLpr7W0rD+X2Sno8rEChe
uWIJjKxBBKymIQc8u4emf+rrQ7iGKPz7MFO1MCb4at7L1w8HqSlyOuYbZi63AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU1huduyoC9Nk3AkKX6Li0pNews14wHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzEzNzM2MmUzMTMyMzYyZTMx
MzAzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzUzMjM2MzczMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALB+aTANBgkqhkiG9w0BAQsFAAOCAQEADRzn5E+SAQVuytAv45BvkO1MrmWT
w6UZAKxsN7lB7b7y+10kO2kllEVR1dF1RCfqkYS+tgAJvz27KK21Xf7093ovDHEr
Xv+jIDC5pf/2JYK3ksXDEOqBcDB8YXdzTpNk6ClDH4wTs5kv0V9JJZXavn1oBfy2
m8ERKUrEF41t/XVNp/GaJdtdH+lWi4hz+HXIKz63YsQ447mCY9Ks1S6M2rvA2N72
W7wtpIPj4CY9FbBJEmMGQCFnJVUJ/9EfH+GuZM7mOdzZfsTi0LMbtBpPshRvEaEw
nUefHHS4A/VrnBEnkOefe64RDd+D9THOso7nLjYQBE4HXSul3RDEBmaLyA==
-----END CERTIFICATE-----
Generated at Mon Jun 8 16:56:06 2026 by rpki-client