Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/3132382e302e35382e302f32342d3234203d3e20343031383536.roa
File: 3132382e302e35382e302f32342d3234203d3e20343031383536.roa (raw, json)
Hash identifier: 920y3gkXMGN+TE6qMX89oNqcHKZjCsEGgyr5XefX+1M=
Subject key identifier: 8F:39:1A:06:6D:37:5D:8A:9B:72:9B:2A:68:C9:6C:EC:2F:DC:3C:D2
Certificate issuer: /CN=7fea37fdfe29b34173e97f1b637a44ec41acebb8
Certificate serial: 44941E996A00829E101F8FB4C7C159312F4D164E
Authority key identifier: 7F:EA:37:FD:FE:29:B3:41:73:E9:7F:1B:63:7A:44:EC:41:AC:EB:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/3132382e302e35382e302f32342d3234203d3e20343031383536.roa
Signing time: Fri 10 Apr 2026 13:23:29 +0000
ROA not before: Fri 10 Apr 2026 13:18:29 +0000
ROA not after: Fri 09 Apr 2027 13:23:29 +0000
asID: 401856
IP address blocks: 128.0.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.crl
rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.mft
rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 16:02:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:94:1e:99:6a:00:82:9e:10:1f:8f:b4:c7:c1:59:31:2f:4d:16:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fea37fdfe29b34173e97f1b637a44ec41acebb8
Validity
Not Before: Apr 10 13:18:29 2026 GMT
Not After : Apr 9 13:23:29 2027 GMT
Subject: CN=8F391A066D375D8A9B729B2A68C96CEC2FDC3CD2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c2:aa:12:8e:b3:d5:b1:07:8d:00:52:00:21:
f2:9a:15:ac:4c:56:db:79:cc:01:cc:40:6d:f5:b8:
d7:03:93:f5:b8:92:3d:00:d2:75:0c:55:97:c0:05:
91:e3:1e:90:1a:91:6c:b1:b7:85:50:7d:5b:2d:a7:
73:c3:4e:93:4d:c6:e3:bc:2d:fa:2c:1f:f9:bf:d1:
68:22:28:06:89:ab:5a:8e:69:34:4d:fa:01:9e:b7:
d7:06:65:ff:14:48:4d:00:8c:79:fa:b7:41:af:45:
c6:f3:53:bf:9e:81:9f:c4:65:39:04:59:7f:8c:51:
c3:cf:7b:c0:5c:fd:f1:e3:84:f8:11:66:a2:fa:7b:
05:c7:25:ac:d8:68:c6:63:b0:77:ed:3c:7e:7b:3e:
18:e9:ec:84:af:36:13:8a:19:be:92:ae:dc:ea:7c:
ad:ea:41:40:e7:0b:49:77:7e:84:6b:1e:f9:5f:6f:
5d:82:a5:4d:cf:ae:e3:2d:d6:42:2f:18:a4:b9:f2:
5b:b6:fb:58:52:58:78:8c:09:16:8d:0e:01:c8:79:
8d:cb:46:93:64:aa:36:91:60:9d:08:d6:5e:02:db:
f3:41:b9:9b:99:48:fb:d2:f2:6f:22:16:52:6a:8e:
51:7f:c8:f4:e0:a7:b0:93:d4:e2:8a:fa:69:47:e5:
f8:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:39:1A:06:6D:37:5D:8A:9B:72:9B:2A:68:C9:6C:EC:2F:DC:3C:D2
X509v3 Authority Key Identifier:
keyid:7F:EA:37:FD:FE:29:B3:41:73:E9:7F:1B:63:7A:44:EC:41:AC:EB:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/3132382e302e35382e302f32342d3234203d3e20343031383536.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.0.58.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:0a:d1:7b:30:0a:5c:cf:12:ca:78:54:77:e1:d3:d0:48:19:
d6:b3:3c:33:52:51:27:68:13:0e:4e:95:a6:65:0a:dc:34:14:
40:17:62:72:0a:1b:cb:98:f7:0a:70:e8:85:b1:98:ad:63:e3:
c3:03:fe:4f:d4:8e:06:56:e6:b0:bb:a0:83:6a:69:35:df:57:
31:d8:57:32:75:af:e5:67:d4:90:b1:3a:aa:a2:76:37:27:29:
8c:66:88:8c:73:17:c2:dd:00:3a:55:bb:00:5d:2e:b1:ac:ad:
75:19:e2:24:94:13:98:ff:90:d2:3c:ab:bd:0f:11:c1:0b:5c:
57:ba:6b:f9:56:af:cb:d6:7b:48:b6:e2:e9:27:cd:c0:24:c0:
e7:dc:4e:46:ca:6f:f2:75:26:2b:c3:b2:d6:53:78:58:dd:98:
24:b8:0d:62:f1:43:12:10:55:eb:ef:d2:16:5c:c2:35:69:b1:
4f:ea:30:4e:f3:a9:1a:90:19:0c:7c:44:1b:15:9a:7b:25:77:
f5:85:75:38:0b:64:44:73:21:41:ea:78:e6:44:27:24:8f:41:
88:3a:4e:30:32:b7:cc:65:86:69:69:d6:3c:a5:1d:64:a8:29:
f7:37:40:b8:be:4a:31:69:5a:60:c7:39:26:50:6d:72:5d:8a:
d3:37:03:ba
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIURJQemWoAgp4QH4+0x8FZMS9NFk4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2ZlYTM3ZmRmZTI5YjM0MTczZTk3ZjFiNjM3YTQ0ZWM0
MWFjZWJiODAeFw0yNjA0MTAxMzE4MjlaFw0yNzA0MDkxMzIzMjlaMDMxMTAvBgNV
BAMTKDhGMzkxQTA2NkQzNzVEOEE5QjcyOUIyQTY4Qzk2Q0VDMkZEQzNDRDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpwqoSjrPVsQeNAFIAIfKaFaxM
Vtt5zAHMQG31uNcDk/W4kj0A0nUMVZfABZHjHpAakWyxt4VQfVstp3PDTpNNxuO8
LfosH/m/0WgiKAaJq1qOaTRN+gGet9cGZf8USE0AjHn6t0GvRcbzU7+egZ/EZTkE
WX+MUcPPe8Bc/fHjhPgRZqL6ewXHJazYaMZjsHftPH57Phjp7ISvNhOKGb6Srtzq
fK3qQUDnC0l3foRrHvlfb12CpU3PruMt1kIvGKS58lu2+1hSWHiMCRaNDgHIeY3L
RpNkqjaRYJ0I1l4C2/NBuZuZSPvS8m8iFlJqjlF/yPTgp7CT1OKK+mlH5fgnAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUjzkaBm03XYqbcpsqaMls7C/cPNIwHwYDVR0j
BBgwFoAUf+o3/f4ps0Fz6X8bY3pE7EGs67gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDNkZDQ4ZWItZDEzNi00ZjBlLWFmOGEtNTdhNmJkZDkz
YTlkLzAvN0ZFQTM3RkRGRTI5QjM0MTczRTk3RjFCNjM3QTQ0RUM0MUFDRUJCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2YtbzNfZjRwczBGejZYOGJZM3BFN0VH
czY3Zy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDNkZDQ4ZWIt
ZDEzNi00ZjBlLWFmOGEtNTdhNmJkZDkzYTlkLzAvMzEzMjM4MmUzMDJlMzUzODJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzAzMTM4MzUzNi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAIAA
OjANBgkqhkiG9w0BAQsFAAOCAQEALArRezAKXM8SynhUd+HT0EgZ1rM8M1JRJ2gT
Dk6VpmUK3DQUQBdicgoby5j3CnDohbGYrWPjwwP+T9SOBlbmsLugg2ppNd9XMdhX
MnWv5WfUkLE6qqJ2NycpjGaIjHMXwt0AOlW7AF0usaytdRniJJQTmP+Q0jyrvQ8R
wQtcV7pr+Vavy9Z7SLbi6SfNwCTA59xORspv8nUmK8Oy1lN4WN2YJLgNYvFDEhBV
6+/SFlzCNWmxT+owTvOpGpAZDHxEGxWaeyV39YV1OAtkRHMhQep45kQnJI9BiDpO
MDK3zGWGaWnWPKUdZKgp9zdAuL5KMWlaYMc5JlBtcl2K0zcDug==
-----END CERTIFICATE-----
Generated at Fri Apr 17 07:12:39 2026 by rpki-client