Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/39312e3233322e39392e302f32342d3234203d3e20313937353337.roa
File: 39312e3233322e39392e302f32342d3234203d3e20313937353337.roa (raw, json)
Hash identifier: 1zceVbNoNbGigb739DKGH12Lz3EUL5EUuGLD5sTpqIs=
Subject key identifier: 00:87:50:46:21:63:56:E4:38:67:1D:AD:35:45:E9:58:D4:89:DD:8E
Certificate issuer: /CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Certificate serial: 50EEAB6F56CC704EC673DED041C958181F9E9FAB
Authority key identifier: E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/39312e3233322e39392e302f32342d3234203d3e20313937353337.roa
Signing time: Fri 24 Apr 2026 12:47:05 +0000
ROA not before: Fri 24 Apr 2026 12:42:05 +0000
ROA not after: Fri 23 Apr 2027 12:47:05 +0000
asID: 197537
IP address blocks: 91.232.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.mft
rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 00:20:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:ee:ab:6f:56:cc:70:4e:c6:73:de:d0:41:c9:58:18:1f:9e:9f:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Validity
Not Before: Apr 24 12:42:05 2026 GMT
Not After : Apr 23 12:47:05 2027 GMT
Subject: CN=00875046216356E438671DAD3545E958D489DD8E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d9:0a:2c:fc:87:53:ba:02:8d:48:63:e5:0b:
ff:62:f7:8f:16:47:1d:8e:ad:fa:4d:41:ed:3a:c8:
23:2f:90:b3:8c:b6:dc:47:bd:92:74:78:b1:18:cb:
5e:ae:aa:5f:66:eb:49:6c:8f:4e:c0:03:59:f6:b4:
e8:93:3e:5b:db:46:53:db:34:0f:53:24:8e:72:74:
e2:ae:22:2a:fb:76:33:28:a9:1f:8d:4b:49:bc:5c:
01:4b:08:bf:45:6d:1c:2c:ed:e3:85:88:df:25:64:
70:16:1f:97:47:19:c9:df:51:64:c4:5b:39:61:e2:
52:d0:8c:a0:85:cf:a6:b4:ad:3c:78:9b:c2:bf:91:
6c:fa:d4:30:c0:82:80:7b:b8:83:23:1c:b7:19:85:
d6:09:83:df:d2:55:e8:ca:f9:72:02:60:6d:f2:eb:
65:51:54:4d:9b:a0:b0:a5:b1:c2:d8:d2:b6:2b:ec:
bf:71:de:ff:f8:7b:98:1d:db:f8:8d:83:5e:ac:7d:
86:af:52:54:73:24:8f:70:c0:3e:26:5a:2b:48:f9:
84:c8:44:fa:65:26:91:41:f6:66:0d:ed:91:e5:dc:
6f:f6:08:95:17:06:c8:8d:c5:cb:34:6a:d6:ac:19:
f8:26:bc:93:5f:ca:24:b9:f9:64:f5:32:05:69:38:
f6:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:87:50:46:21:63:56:E4:38:67:1D:AD:35:45:E9:58:D4:89:DD:8E
X509v3 Authority Key Identifier:
keyid:E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/39312e3233322e39392e302f32342d3234203d3e20313937353337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.99.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:7d:7b:be:d8:34:4d:0c:c9:b4:47:2c:e2:01:5f:62:0b:87:
bc:e9:47:9f:9f:ac:fd:ab:57:2e:b5:10:69:8e:a0:20:36:e1:
24:3b:ad:cf:55:8c:06:c1:6a:d0:06:a1:9a:a3:1e:9c:67:91:
9b:62:21:4d:76:e7:6b:c2:f1:45:f4:fc:64:1f:c1:71:a2:f2:
55:64:18:77:c9:a1:b4:47:e0:da:15:58:d1:5d:21:68:26:a7:
5f:a8:ea:b2:2e:2d:3b:f1:f7:2c:6a:02:93:33:bf:df:57:41:
e4:ba:61:60:be:05:fc:a5:fb:ac:ee:59:cd:74:1e:36:c6:44:
51:46:aa:ce:72:48:86:d7:93:18:19:4b:8d:72:fb:b2:46:8a:
68:74:4a:b0:1e:f3:69:19:73:d0:ee:11:75:c4:0f:47:a4:77:
e3:0c:a5:ab:f4:bc:00:5e:0e:69:09:70:99:5d:62:13:80:96:
a9:0f:34:43:16:78:d3:1d:1a:89:2f:65:9e:17:54:7a:3d:89:
58:b2:f9:6a:54:77:8f:39:b0:b8:2a:80:9d:00:5a:85:04:ef:
c6:fb:7b:87:45:c9:30:ed:66:cd:cd:29:6d:2b:65:e0:82:b3:
80:3e:5f:19:c9:78:41:7a:31:32:27:8b:61:45:65:63:cb:b0:
0a:d9:22:74
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUUO6rb1bMcE7Gc97QQclYGB+en6swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTFmMzUxMmY1MWRjNDJiYjllYjEyYWJjMGJiNTI5NjY4
YjJlZGVlNDAeFw0yNjA0MjQxMjQyMDVaFw0yNzA0MjMxMjQ3MDVaMDMxMTAvBgNV
BAMTKDAwODc1MDQ2MjE2MzU2RTQzODY3MURBRDM1NDVFOTU4RDQ4OUREOEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCg2Qos/IdTugKNSGPlC/9i948W
Rx2OrfpNQe06yCMvkLOMttxHvZJ0eLEYy16uql9m60lsj07AA1n2tOiTPlvbRlPb
NA9TJI5ydOKuIir7djMoqR+NS0m8XAFLCL9FbRws7eOFiN8lZHAWH5dHGcnfUWTE
Wzlh4lLQjKCFz6a0rTx4m8K/kWz61DDAgoB7uIMjHLcZhdYJg9/SVejK+XICYG3y
62VRVE2boLClscLY0rYr7L9x3v/4e5gd2/iNg16sfYavUlRzJI9wwD4mWitI+YTI
RPplJpFB9mYN7ZHl3G/2CJUXBsiNxcs0atasGfgmvJNfyiS5+WT1MgVpOPY1AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUAIdQRiFjVuQ4Zx2tNUXpWNSJ3Y4wHwYDVR0j
BBgwFoAU4fNRL1HcQruesSq8C7UpZosu3uQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgtZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3
OWE3LzAvRTFGMzUxMkY1MURDNDJCQjlFQjEyQUJDMEJCNTI5NjY4QjJFREVFNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRmTlJMMUhjUXJ1ZXNTcThDN1VwWm9z
dTN1US5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgt
ZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3OWE3LzAvMzkzMTJlMzIzMzMyMmUzOTM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzOTM3MzUzMzM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
W+hjMA0GCSqGSIb3DQEBCwUAA4IBAQCcfXu+2DRNDMm0RyziAV9iC4e86Uefn6z9
q1cutRBpjqAgNuEkO63PVYwGwWrQBqGaox6cZ5GbYiFNdudrwvFF9PxkH8FxovJV
ZBh3yaG0R+DaFVjRXSFoJqdfqOqyLi078fcsagKTM7/fV0HkumFgvgX8pfus7lnN
dB42xkRRRqrOckiG15MYGUuNcvuyRopodEqwHvNpGXPQ7hF1xA9HpHfjDKWr9LwA
Xg5pCXCZXWITgJapDzRDFnjTHRqJL2WeF1R6PYlYsvlqVHePObC4KoCdAFqFBO/G
+3uHRckw7WbNzSltK2XggrOAPl8ZyXhBejEyJ4thRWVjy7AK2SJ0
-----END CERTIFICATE-----
Generated at Mon Apr 27 17:09:14 2026 by rpki-client