Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3130392e3130362e31342e302f32342d3234203d3e203332383738.roa
File: 3130392e3130362e31342e302f32342d3234203d3e203332383738.roa (raw, json)
Hash identifier: aUjQtXmZ2dsTP6gICJLGfGajiABTe80at9D0e5wOGcw=
Subject key identifier: 83:3B:FB:E6:C7:5C:4B:EB:16:88:79:7D:6A:5C:E3:04:9D:34:22:72
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 74F2D46BE2E933ECBA823449D02863C92B76E4B4
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3130392e3130362e31342e302f32342d3234203d3e203332383738.roa
Signing time: Fri 13 Mar 2026 09:46:52 +0000
ROA not before: Fri 13 Mar 2026 09:41:52 +0000
ROA not after: Fri 12 Mar 2027 09:46:52 +0000
asID: 32878
IP address blocks: 109.106.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 17:33:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:f2:d4:6b:e2:e9:33:ec:ba:82:34:49:d0:28:63:c9:2b:76:e4:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Mar 13 09:41:52 2026 GMT
Not After : Mar 12 09:46:52 2027 GMT
Subject: CN=833BFBE6C75C4BEB1688797D6A5CE3049D342272
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:64:f9:96:48:be:e2:7c:db:11:cf:60:82:1b:
77:55:57:45:3c:f0:b1:63:85:31:9f:23:bc:59:8e:
2e:be:85:1f:1d:ec:d0:71:52:69:26:81:71:90:1f:
3b:d7:fb:15:90:16:55:55:21:5c:80:33:b1:31:b0:
c3:62:7b:a9:6c:1d:a2:5c:58:74:2f:29:21:cd:1e:
4b:66:af:45:92:b7:90:cc:d3:c9:15:91:28:48:3d:
dd:9d:b6:a3:d9:d4:93:40:f8:90:3e:d7:57:9f:d7:
1b:de:cc:6f:af:d6:c4:0a:1d:95:92:08:a6:05:27:
97:6c:8d:ad:32:4f:26:9b:72:5c:04:2a:a1:3f:c8:
96:4f:92:de:3b:0a:97:15:6e:5b:65:0f:49:3c:53:
e7:2a:b8:61:8e:4b:e4:9d:c2:71:f0:95:42:b1:d9:
04:16:7d:8c:e2:55:29:4c:e6:4d:5c:6f:60:16:f8:
ae:48:00:e1:1b:ef:e8:fa:e8:ca:e7:fd:cd:62:57:
27:6c:55:c0:4d:a5:ab:29:1a:90:35:46:ab:a5:4b:
a5:e9:83:fe:6f:e2:e0:e2:42:62:ee:2f:b2:5c:10:
9d:5f:ad:2b:64:14:3c:50:72:f1:f9:78:b5:0d:6a:
24:40:b1:23:af:c0:7c:b8:fd:f9:2c:e1:72:7a:0e:
ad:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:3B:FB:E6:C7:5C:4B:EB:16:88:79:7D:6A:5C:E3:04:9D:34:22:72
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3130392e3130362e31342e302f32342d3234203d3e203332383738.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.106.14.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:23:0c:1a:94:fd:5b:74:ab:49:42:c0:13:41:7f:ab:e0:19:
05:5f:c4:54:f2:21:0c:47:46:23:c9:c3:80:ab:a3:e4:b8:36:
a7:a4:a7:8a:09:f1:d2:01:57:46:45:89:31:ce:8e:28:ce:55:
61:d8:32:32:ae:cb:82:77:f1:aa:bc:9c:d8:cf:d7:48:2a:35:
53:51:12:69:30:9f:dc:55:97:6a:64:30:a0:8d:0a:10:03:f5:
cf:96:74:7b:1d:f5:66:06:1a:76:c7:b2:52:69:a9:5c:6a:96:
72:cf:ac:3d:7e:97:b2:c6:03:98:75:7c:b9:fe:77:92:18:86:
87:86:85:8e:88:94:65:8a:26:54:43:f8:7c:c3:e7:23:d5:5a:
03:14:f9:53:1a:61:bf:e1:7b:38:88:92:91:34:5b:fd:3e:09:
42:78:0e:86:b1:a9:a6:78:c5:9e:ce:7c:c8:98:54:16:72:2f:
8a:62:65:91:06:91:57:84:f5:a5:9e:a8:e0:d4:17:42:89:91:
98:f8:3c:c9:ba:07:d7:d8:bf:01:1c:5a:32:b6:6a:c0:f4:7e:
b3:3e:23:12:90:f8:4b:77:9e:2b:59:d2:12:06:20:da:7a:00:
fc:df:21:46:40:9d:45:4a:76:be:9f:c6:eb:da:51:dd:3b:6f:
7c:8b:4b:5a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUdPLUa+LpM+y6gjRJ0ChjySt25LQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNjAzMTMwOTQxNTJaFw0yNzAzMTIwOTQ2NTJaMDMxMTAvBgNV
BAMTKDgzM0JGQkU2Qzc1QzRCRUIxNjg4Nzk3RDZBNUNFMzA0OUQzNDIyNzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYZPmWSL7ifNsRz2CCG3dVV0U8
8LFjhTGfI7xZji6+hR8d7NBxUmkmgXGQHzvX+xWQFlVVIVyAM7ExsMNie6lsHaJc
WHQvKSHNHktmr0WSt5DM08kVkShIPd2dtqPZ1JNA+JA+11ef1xvezG+v1sQKHZWS
CKYFJ5dsja0yTyabclwEKqE/yJZPkt47CpcVbltlD0k8U+cquGGOS+SdwnHwlUKx
2QQWfYziVSlM5k1cb2AW+K5IAOEb7+j66Mrn/c1iVydsVcBNpaspGpA1RqulS6Xp
g/5v4uDiQmLuL7JcEJ1frStkFDxQcvH5eLUNaiRAsSOvwHy4/fks4XJ6Dq0NAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUgzv75sdcS+sWiHl9alzjBJ00InIwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzMDM5MmUzMTMwMzYyZTMx
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzMyMzgzNzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
bWoOMA0GCSqGSIb3DQEBCwUAA4IBAQBOIwwalP1bdKtJQsATQX+r4BkFX8RU8iEM
R0YjycOAq6PkuDanpKeKCfHSAVdGRYkxzo4ozlVh2DIyrsuCd/GqvJzYz9dIKjVT
URJpMJ/cVZdqZDCgjQoQA/XPlnR7HfVmBhp2x7JSaalcapZyz6w9fpeyxgOYdXy5
/neSGIaHhoWOiJRliiZUQ/h8w+cj1VoDFPlTGmG/4Xs4iJKRNFv9PglCeA6Gsamm
eMWeznzImFQWci+KYmWRBpFXhPWlnqjg1BdCiZGY+DzJugfX2L8BHFoytmrA9H6z
PiMSkPhLd54rWdISBiDaegD83yFGQJ1FSna+n8br2lHdO298i0ta
-----END CERTIFICATE-----
Generated at Fri Mar 13 20:51:47 2026 by rpki-client