Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/3139332e33362e3136322e302f32342d3234203d3e2039333034.roa
File: 3139332e33362e3136322e302f32342d3234203d3e2039333034.roa (raw, json)
Hash identifier: 25EF/GJDq3buh5spDzIhn+MJ8lig4+8iufaU9mbQnRI=
Subject key identifier: F9:2A:69:BC:7B:86:4D:45:5E:83:40:04:96:A2:3B:45:EE:DA:23:E9
Certificate issuer: /CN=7fea37fdfe29b34173e97f1b637a44ec41acebb8
Certificate serial: 4B3E24EB5782E95B7B66CBE7AE9E91F60C8D3D03
Authority key identifier: 7F:EA:37:FD:FE:29:B3:41:73:E9:7F:1B:63:7A:44:EC:41:AC:EB:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/3139332e33362e3136322e302f32342d3234203d3e2039333034.roa
Signing time: Fri 05 Jun 2026 06:29:08 +0000
ROA not before: Fri 05 Jun 2026 06:24:08 +0000
ROA not after: Fri 04 Jun 2027 06:29:08 +0000
asID: 9304
IP address blocks: 193.36.162.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.crl
rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.mft
rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 14:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:3e:24:eb:57:82:e9:5b:7b:66:cb:e7:ae:9e:91:f6:0c:8d:3d:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fea37fdfe29b34173e97f1b637a44ec41acebb8
Validity
Not Before: Jun 5 06:24:08 2026 GMT
Not After : Jun 4 06:29:08 2027 GMT
Subject: CN=F92A69BC7B864D455E83400496A23B45EEDA23E9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:68:60:9d:34:71:fe:84:7a:7c:d9:18:65:97:
a3:04:fa:12:ee:73:7b:ca:91:d8:fd:6f:4a:fc:17:
8d:3d:eb:d3:99:88:07:50:c9:7e:21:36:a7:cd:57:
b2:68:9d:4b:a1:9b:96:98:17:90:e1:84:34:6b:58:
86:b8:52:73:2c:8e:03:61:7a:e1:61:8c:bb:bb:4f:
a0:06:35:fb:71:db:ed:f6:6f:d8:11:4f:b3:be:9e:
67:f1:a1:fa:7b:3a:de:07:01:ba:9b:9e:55:cf:61:
92:56:ae:95:37:81:a5:a1:b8:48:a1:99:d7:e1:ba:
9a:38:3c:02:c4:d2:c6:dc:48:87:be:56:ea:0f:b5:
fb:56:39:06:28:64:3e:b6:34:d1:fb:f4:39:76:d1:
aa:2a:01:0a:d8:bf:86:4e:09:d3:e5:7e:bc:5d:29:
00:3e:d7:5c:48:76:2c:a6:17:6f:40:23:74:4c:7c:
fc:c3:79:d4:fb:58:50:aa:77:a9:06:5f:b5:5f:41:
56:75:b7:bc:09:03:22:aa:8e:4a:cc:d3:5f:a0:02:
fd:62:b1:4b:3f:06:73:c0:92:3e:58:a9:e6:f4:c8:
25:5f:4b:20:85:84:e8:f0:f7:78:08:8d:80:b4:bf:
c5:b9:ee:ab:8a:e3:b9:23:a2:4e:c5:9b:7d:a6:2a:
d6:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:2A:69:BC:7B:86:4D:45:5E:83:40:04:96:A2:3B:45:EE:DA:23:E9
X509v3 Authority Key Identifier:
keyid:7F:EA:37:FD:FE:29:B3:41:73:E9:7F:1B:63:7A:44:EC:41:AC:EB:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/3139332e33362e3136322e302f32342d3234203d3e2039333034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.36.162.0/24
Signature Algorithm: sha256WithRSAEncryption
60:fe:1b:2f:fd:c2:3b:d4:01:89:6a:62:da:e5:b6:19:55:16:
40:a2:b5:8a:19:10:ab:c5:e2:03:de:9e:c2:58:f1:63:56:cb:
87:1e:df:4a:8b:7a:00:d8:0b:d9:d0:d4:52:bc:8a:fe:1f:dd:
6e:1e:01:cc:52:7a:ff:31:cc:a8:33:f7:89:75:75:68:ae:96:
57:e1:e2:53:27:1a:c4:2b:6a:91:e6:d5:1d:2c:68:c2:f3:e5:
ce:b1:a8:f2:ca:de:4f:fe:87:88:a1:de:5e:88:64:21:21:c7:
8d:29:36:31:26:4c:20:c8:a5:aa:b6:0b:d2:92:12:10:04:c9:
c5:ba:60:e5:f3:24:3b:71:be:d3:be:b8:8f:0c:f7:fb:37:4f:
54:c5:11:0f:31:55:b0:c7:85:a8:52:a0:6b:df:bf:6a:22:26:
43:23:b8:66:86:93:92:c0:13:2f:f6:30:ca:a4:40:46:f9:74:
28:15:08:b1:82:eb:02:22:53:76:bc:75:2d:f1:9b:7b:fd:39:
ee:6b:d8:66:14:90:e6:3b:3f:41:ae:89:15:4b:2a:9a:ba:a5:
f4:7c:dd:cc:26:09:10:11:a8:b4:23:52:7b:24:51:9c:e5:a9:
9d:38:6f:ee:31:e6:6b:61:0d:b9:6f:50:a7:63:62:22:6f:fb:
35:3c:75:4f
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUSz4k61eC6Vt7Zsvnrp6R9gyNPQMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2ZlYTM3ZmRmZTI5YjM0MTczZTk3ZjFiNjM3YTQ0ZWM0
MWFjZWJiODAeFw0yNjA2MDUwNjI0MDhaFw0yNzA2MDQwNjI5MDhaMDMxMTAvBgNV
BAMTKEY5MkE2OUJDN0I4NjRENDU1RTgzNDAwNDk2QTIzQjQ1RUVEQTIzRTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPaGCdNHH+hHp82Rhll6ME+hLu
c3vKkdj9b0r8F40969OZiAdQyX4hNqfNV7JonUuhm5aYF5DhhDRrWIa4UnMsjgNh
euFhjLu7T6AGNftx2+32b9gRT7O+nmfxofp7Ot4HAbqbnlXPYZJWrpU3gaWhuEih
mdfhupo4PALE0sbcSIe+VuoPtftWOQYoZD62NNH79Dl20aoqAQrYv4ZOCdPlfrxd
KQA+11xIdiymF29AI3RMfPzDedT7WFCqd6kGX7VfQVZ1t7wJAyKqjkrM01+gAv1i
sUs/BnPAkj5Yqeb0yCVfSyCFhOjw93gIjYC0v8W57quK47kjok7Fm32mKtavAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU+SppvHuGTUVeg0AElqI7Re7aI+kwHwYDVR0j
BBgwFoAUf+o3/f4ps0Fz6X8bY3pE7EGs67gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDNkZDQ4ZWItZDEzNi00ZjBlLWFmOGEtNTdhNmJkZDkz
YTlkLzAvN0ZFQTM3RkRGRTI5QjM0MTczRTk3RjFCNjM3QTQ0RUM0MUFDRUJCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2YtbzNfZjRwczBGejZYOGJZM3BFN0VH
czY3Zy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDNkZDQ4ZWIt
ZDEzNi00ZjBlLWFmOGEtNTdhNmJkZDkzYTlkLzAvMzEzOTMzMmUzMzM2MmUzMTM2
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzOTMzMzAzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEk
ojANBgkqhkiG9w0BAQsFAAOCAQEAYP4bL/3CO9QBiWpi2uW2GVUWQKK1ihkQq8Xi
A96ewljxY1bLhx7fSot6ANgL2dDUUryK/h/dbh4BzFJ6/zHMqDP3iXV1aK6WV+Hi
UycaxCtqkebVHSxowvPlzrGo8sreT/6HiKHeXohkISHHjSk2MSZMIMilqrYL0pIS
EATJxbpg5fMkO3G+0764jwz3+zdPVMURDzFVsMeFqFKga9+/aiImQyO4ZoaTksAT
L/YwyqRARvl0KBUIsYLrAiJTdrx1LfGbe/057mvYZhSQ5js/Qa6JFUsqmrql9Hzd
zCYJEBGotCNSeyRRnOWpnThv7jHma2ENuW9Qp2NiIm/7NTx1Tw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:40:02 2026 by rpki-client