Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3130392e3130362e31342e302f32342d3234203d3e203633313939.roa
File: 3130392e3130362e31342e302f32342d3234203d3e203633313939.roa (raw, json)
Hash identifier: ExhCWtaqhdVTbmBdbKKSB5r8irRtthx44zhLMKW5oRw=
Subject key identifier: A1:04:31:EE:17:CD:EF:7E:E5:A9:21:78:8D:E0:3B:B3:7A:11:5A:B4
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 37158E2F362E845E785ED09289D51328E52CD036
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3130392e3130362e31342e302f32342d3234203d3e203633313939.roa
Signing time: Mon 02 Mar 2026 11:42:26 +0000
ROA not before: Mon 02 Mar 2026 11:37:26 +0000
ROA not after: Mon 01 Mar 2027 11:42:26 +0000
asID: 63199
IP address blocks: 109.106.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 09:20:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:15:8e:2f:36:2e:84:5e:78:5e:d0:92:89:d5:13:28:e5:2c:d0:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Mar 2 11:37:26 2026 GMT
Not After : Mar 1 11:42:26 2027 GMT
Subject: CN=A10431EE17CDEF7EE5A921788DE03BB37A115AB4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:eb:9a:53:23:82:21:f0:b8:26:7d:9c:04:21:
5c:0a:f2:de:9b:65:29:5e:82:b9:de:52:f8:fb:ed:
89:e5:27:cf:99:01:06:18:58:3c:7f:7c:85:52:d4:
a5:41:bc:88:4f:46:2f:53:1d:0c:bc:73:3a:c3:e1:
da:a8:36:da:a8:7f:40:82:b5:66:f3:b7:d6:10:37:
cd:87:b5:fc:90:04:59:05:68:30:56:eb:eb:63:11:
6a:2d:11:8a:05:fe:5f:7b:dc:4c:9e:25:ce:a3:99:
b3:cd:d8:b0:3a:b1:79:2d:9d:e9:33:cf:7e:f6:ce:
ba:f1:53:0f:46:ef:7d:88:99:3e:c5:60:a1:1a:0c:
0f:eb:e3:44:72:12:23:12:3d:0c:25:7b:df:29:b9:
e3:6c:b9:75:8a:8d:ee:12:23:26:c6:ba:34:1c:55:
66:4c:3d:08:21:f3:59:c6:9f:10:ea:fd:c4:5b:bc:
ac:3d:57:c3:8f:df:61:a5:25:18:02:42:06:ac:7e:
23:2f:5d:05:0f:3e:69:4c:d4:e3:5e:64:00:b2:9f:
4c:f0:5a:49:00:e1:a0:b4:c2:24:b4:ab:ee:a6:50:
6c:b0:69:46:63:18:91:81:fa:09:de:e5:45:97:a4:
48:16:8f:5b:58:7c:ca:9f:9a:b7:5b:79:df:11:99:
57:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:04:31:EE:17:CD:EF:7E:E5:A9:21:78:8D:E0:3B:B3:7A:11:5A:B4
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3130392e3130362e31342e302f32342d3234203d3e203633313939.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.106.14.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:f1:4a:02:c5:5e:ba:7d:bc:16:74:2d:90:8b:33:ee:c1:4b:
62:ee:5c:39:34:f4:c5:ef:49:5c:5e:ba:c3:4d:ae:d6:e4:dd:
53:de:52:79:4e:2b:70:71:0b:92:eb:fc:02:1c:78:fc:c3:f1:
8a:13:a8:fe:b9:6e:17:2c:42:e7:31:40:d7:a6:6c:93:6d:ac:
6d:f2:df:c7:87:2b:f6:1b:9f:53:a5:d7:06:98:f1:c7:1f:f6:
c9:96:67:91:89:58:2b:dd:ee:94:92:6b:ed:1e:bc:0d:56:9b:
9d:99:fa:94:14:29:bf:89:da:ab:09:e0:c2:c3:db:e6:47:1d:
05:67:f1:12:f6:3c:61:52:59:18:93:61:10:19:1a:1b:e6:a4:
31:3c:d6:0c:5c:9c:e2:c5:5a:81:73:d6:c9:96:ee:8b:d3:fd:
72:7c:34:66:fe:d9:35:03:ec:2f:65:03:50:c7:eb:54:be:91:
f7:9f:2a:c6:25:d5:a8:c1:ec:bc:2d:8d:f0:e3:ee:f3:f4:e1:
85:5e:c7:c5:f6:de:14:09:bd:aa:a0:a9:1e:8d:c0:99:98:ea:
80:0e:40:d2:00:a7:ce:cf:4d:05:13:76:6d:a9:11:d2:97:6a:
7e:87:ee:be:48:d0:20:2d:26:ec:56:8b:2c:0d:05:65:35:2b:
df:10:2e:bd
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUNxWOLzYuhF54XtCSidUTKOUs0DYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNjAzMDIxMTM3MjZaFw0yNzAzMDExMTQyMjZaMDMxMTAvBgNV
BAMTKEExMDQzMUVFMTdDREVGN0VFNUE5MjE3ODhERTAzQkIzN0ExMTVBQjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD65pTI4Ih8LgmfZwEIVwK8t6b
ZSlegrneUvj77YnlJ8+ZAQYYWDx/fIVS1KVBvIhPRi9THQy8czrD4dqoNtqof0CC
tWbzt9YQN82HtfyQBFkFaDBW6+tjEWotEYoF/l973EyeJc6jmbPN2LA6sXktnekz
z372zrrxUw9G732ImT7FYKEaDA/r40RyEiMSPQwle98pueNsuXWKje4SIybGujQc
VWZMPQgh81nGnxDq/cRbvKw9V8OP32GlJRgCQgasfiMvXQUPPmlM1ONeZACyn0zw
WkkA4aC0wiS0q+6mUGywaUZjGJGB+gne5UWXpEgWj1tYfMqfmrdbed8RmVd9AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUoQQx7hfN737lqSF4jeA7s3oRWrQwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzMDM5MmUzMTMwMzYyZTMx
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMzMzEzOTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
bWoOMA0GCSqGSIb3DQEBCwUAA4IBAQB98UoCxV66fbwWdC2QizPuwUti7lw5NPTF
70lcXrrDTa7W5N1T3lJ5TitwcQuS6/wCHHj8w/GKE6j+uW4XLELnMUDXpmyTbaxt
8t/Hhyv2G59TpdcGmPHHH/bJlmeRiVgr3e6UkmvtHrwNVpudmfqUFCm/idqrCeDC
w9vmRx0FZ/ES9jxhUlkYk2EQGRob5qQxPNYMXJzixVqBc9bJlu6L0/1yfDRm/tk1
A+wvZQNQx+tUvpH3nyrGJdWowey8LY3w4+7z9OGFXsfF9t4UCb2qoKkejcCZmOqA
DkDSAKfOz00FE3ZtqRHSl2p+h+6+SNAgLSbsVossDQVlNSvfEC69
-----END CERTIFICATE-----
Generated at Thu Mar 5 20:42:36 2026 by rpki-client