Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3130392e3130362e31342e302f32342d3234203d3e20313938303837.roa
File: 3130392e3130362e31342e302f32342d3234203d3e20313938303837.roa (raw, json)
Hash identifier: +1JUJmfmvgMMOf0D1mimxpiTXsWILe84G2G5rtsRBSQ=
Subject key identifier: B7:F9:93:2C:61:05:70:7D:C0:5A:A1:18:B6:6A:92:34:52:00:FD:C8
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 77F6C675ADDEBB067BA1EEA7627C0037E02B05C6
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3130392e3130362e31342e302f32342d3234203d3e20313938303837.roa
Signing time: Wed 18 Mar 2026 20:59:25 +0000
ROA not before: Wed 18 Mar 2026 20:54:25 +0000
ROA not after: Wed 17 Mar 2027 20:59:25 +0000
asID: 198087
IP address blocks: 109.106.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 13:45:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:f6:c6:75:ad:de:bb:06:7b:a1:ee:a7:62:7c:00:37:e0:2b:05:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Mar 18 20:54:25 2026 GMT
Not After : Mar 17 20:59:25 2027 GMT
Subject: CN=B7F9932C6105707DC05AA118B66A92345200FDC8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:70:7e:9f:e9:85:ec:6a:b1:66:78:ed:61:8d:
5a:00:5d:5a:e0:06:a9:f6:ff:fc:10:df:45:b9:05:
3c:c4:6c:56:f4:8a:3c:50:63:64:34:f8:6c:1a:93:
37:c6:5b:0a:b3:4e:70:8e:ba:b0:df:bb:93:9d:12:
17:76:fa:70:32:81:9f:22:61:69:05:52:4d:98:6c:
9f:e9:64:e6:05:da:d1:da:a9:6d:f8:17:ad:67:68:
77:fc:04:39:6d:24:39:75:b8:18:a2:5b:0d:1f:e4:
b0:d1:01:a1:c3:8d:ba:a8:5d:f5:0b:91:54:1a:77:
4e:40:eb:8d:1b:81:0d:86:40:f6:04:d4:9d:e9:67:
ea:79:12:99:44:51:a4:f3:18:97:c5:dc:19:38:02:
38:e3:24:ee:39:58:04:e2:38:e1:b8:75:45:42:e3:
64:49:cd:ac:62:dc:d0:8c:10:50:28:6b:d7:d6:6c:
f4:bf:0a:5d:5a:dd:ab:f7:c6:b8:f9:30:88:63:c1:
16:7c:08:2a:11:3a:dc:f1:5f:13:dd:3a:13:01:6d:
88:45:55:3a:1e:48:cd:c2:ec:6b:36:a3:ee:09:09:
03:46:94:5c:c1:49:b5:e2:ac:77:6c:16:cc:c8:34:
79:db:09:90:18:90:1b:dd:b0:45:55:be:a8:71:3e:
af:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:F9:93:2C:61:05:70:7D:C0:5A:A1:18:B6:6A:92:34:52:00:FD:C8
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3130392e3130362e31342e302f32342d3234203d3e20313938303837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.106.14.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:de:e8:ff:c9:8d:14:bb:4e:8d:bf:b2:e7:77:75:4a:70:7f:
fb:f1:ae:98:01:22:de:87:a4:13:7a:83:7b:5e:0d:d2:be:98:
01:86:39:1f:ce:88:e9:dd:a9:54:84:bd:84:79:3e:ea:2c:1a:
5b:0e:3c:54:da:20:6b:92:af:c8:1b:e8:a3:7b:92:31:60:9c:
d1:85:35:3c:fd:ea:9f:bf:0c:f9:dc:c8:95:7f:24:88:2b:69:
a2:8a:55:99:14:e8:e7:c5:31:f7:07:fa:47:86:52:be:83:b0:
32:7c:b1:d8:1f:40:a5:b8:ed:b3:69:bc:18:0e:cb:62:5c:29:
5b:ed:54:65:6f:68:ff:7b:db:e0:e4:f3:d3:5b:99:96:b2:99:
09:9b:e8:0f:19:59:63:e3:dc:81:cc:5b:0f:d4:4d:ef:06:a1:
6c:2f:81:7c:aa:7d:75:de:3b:ca:d2:26:77:43:c7:9e:af:bc:
a7:71:1f:85:2b:8c:59:81:89:d1:8c:9c:b0:25:8f:4d:42:88:
f8:cd:e6:49:34:85:1f:1c:60:b8:b4:75:6c:3e:d2:1a:d3:5d:
30:45:a9:ab:11:81:1e:c8:9b:47:43:0c:83:da:b5:f6:ca:5f:
84:27:a4:e6:2d:0d:53:3a:3c:5c:25:2e:63:fe:f6:71:07:47:
55:4b:63:ea
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUd/bGda3euwZ7oe6nYnwAN+ArBcYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNjAzMTgyMDU0MjVaFw0yNzAzMTcyMDU5MjVaMDMxMTAvBgNV
BAMTKEI3Rjk5MzJDNjEwNTcwN0RDMDVBQTExOEI2NkE5MjM0NTIwMEZEQzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKcH6f6YXsarFmeO1hjVoAXVrg
Bqn2//wQ30W5BTzEbFb0ijxQY2Q0+GwakzfGWwqzTnCOurDfu5OdEhd2+nAygZ8i
YWkFUk2YbJ/pZOYF2tHaqW34F61naHf8BDltJDl1uBiiWw0f5LDRAaHDjbqoXfUL
kVQad05A640bgQ2GQPYE1J3pZ+p5EplEUaTzGJfF3Bk4AjjjJO45WATiOOG4dUVC
42RJzaxi3NCMEFAoa9fWbPS/Cl1a3av3xrj5MIhjwRZ8CCoROtzxXxPdOhMBbYhF
VToeSM3C7Gs2o+4JCQNGlFzBSbXirHdsFszINHnbCZAYkBvdsEVVvqhxPq8xAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUt/mTLGEFcH3AWqEYtmqSNFIA/cgwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzMDM5MmUzMTMwMzYyZTMx
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM5MzgzMDM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABtag4wDQYJKoZIhvcNAQELBQADggEBAIve6P/JjRS7To2/sud3dUpwf/vxrpgB
It6HpBN6g3teDdK+mAGGOR/OiOndqVSEvYR5PuosGlsOPFTaIGuSr8gb6KN7kjFg
nNGFNTz96p+/DPncyJV/JIgraaKKVZkU6OfFMfcH+keGUr6DsDJ8sdgfQKW47bNp
vBgOy2JcKVvtVGVvaP972+Dk89NbmZaymQmb6A8ZWWPj3IHMWw/UTe8GoWwvgXyq
fXXeO8rSJndDx56vvKdxH4UrjFmBidGMnLAlj01CiPjN5kk0hR8cYLi0dWw+0hrT
XTBFqasRgR7Im0dDDIPatfbKX4QnpOYtDVM6PFwlLmP+9nEHR1VLY+o=
-----END CERTIFICATE-----
Generated at Sat Mar 21 23:02:42 2026 by rpki-client