Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/3139332e33362e3136332e302f32342d3234203d3e2039333034.roa
File: 3139332e33362e3136332e302f32342d3234203d3e2039333034.roa (raw, json)
Hash identifier: LO8nA8SBn1qFU3vM66QkqOJoRTWokPzzsrb1pq4hGB0=
Subject key identifier: 08:5F:0E:43:3C:9F:31:93:8A:EA:25:CF:90:72:E9:11:02:7A:58:8D
Certificate issuer: /CN=7fea37fdfe29b34173e97f1b637a44ec41acebb8
Certificate serial: 16D207DE1E7C2F9EA04215DBBC7DE6A4DA5746E1
Authority key identifier: 7F:EA:37:FD:FE:29:B3:41:73:E9:7F:1B:63:7A:44:EC:41:AC:EB:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/3139332e33362e3136332e302f32342d3234203d3e2039333034.roa
Signing time: Fri 05 Jun 2026 06:29:10 +0000
ROA not before: Fri 05 Jun 2026 06:24:10 +0000
ROA not after: Fri 04 Jun 2027 06:29:10 +0000
asID: 9304
IP address blocks: 193.36.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.crl
rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.mft
rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 14:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:d2:07:de:1e:7c:2f:9e:a0:42:15:db:bc:7d:e6:a4:da:57:46:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fea37fdfe29b34173e97f1b637a44ec41acebb8
Validity
Not Before: Jun 5 06:24:10 2026 GMT
Not After : Jun 4 06:29:10 2027 GMT
Subject: CN=085F0E433C9F31938AEA25CF9072E911027A588D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:a6:62:8d:06:f2:03:85:20:fb:33:d6:38:64:
d6:06:cc:b7:59:98:a6:d1:16:42:d5:cd:3c:93:f4:
62:c5:ba:f3:20:3d:69:e1:46:21:6c:1c:77:28:cd:
6d:b9:04:61:c6:a8:16:3a:63:37:69:c3:20:f6:d9:
2b:a5:da:99:e0:b7:9c:f5:76:0a:25:b9:a8:26:20:
0b:a5:6a:7a:84:9a:0f:f6:7f:31:1e:94:ed:6e:31:
08:28:bc:d6:16:b9:d2:eb:4c:0e:60:f3:85:3e:4f:
76:7e:ef:a8:53:b8:d3:10:88:d7:9a:2a:fc:4e:5c:
4a:da:dd:0c:dc:d8:e9:af:0c:56:06:64:0c:76:6c:
b5:a4:65:eb:7b:33:b8:d2:14:14:47:9e:02:5a:31:
15:57:ab:fc:0a:e3:fc:20:62:03:46:de:a9:1e:be:
d6:87:0a:15:94:dc:14:6d:b5:e8:8a:fa:1e:42:2d:
5e:cc:40:76:b5:b2:80:07:b5:cb:45:7a:2e:f7:de:
25:57:ef:d8:c6:ad:63:ea:95:29:dd:21:23:fd:80:
f0:0f:16:ec:66:0d:7a:2e:1d:e3:e6:53:fb:89:5a:
27:21:ae:0a:3f:97:dc:dd:6a:3b:15:68:68:6a:d9:
75:92:ab:81:3b:81:b9:b4:5c:c0:79:b4:2a:ac:c6:
84:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:5F:0E:43:3C:9F:31:93:8A:EA:25:CF:90:72:E9:11:02:7A:58:8D
X509v3 Authority Key Identifier:
keyid:7F:EA:37:FD:FE:29:B3:41:73:E9:7F:1B:63:7A:44:EC:41:AC:EB:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/3139332e33362e3136332e302f32342d3234203d3e2039333034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.36.163.0/24
Signature Algorithm: sha256WithRSAEncryption
63:b5:62:be:b5:0a:ba:87:93:2c:db:7e:cd:4d:f2:e6:eb:c1:
72:48:1c:13:e0:70:f7:ae:31:5c:c1:dd:e1:c1:85:cf:4c:a9:
68:ce:38:c1:41:91:1a:e4:41:e3:ad:3f:da:06:0e:14:e1:cd:
65:95:dd:3e:60:d9:9a:e5:f6:60:05:9a:28:df:5b:9b:53:c2:
02:b7:85:1c:35:59:c1:6f:a8:ee:56:77:9e:16:02:2e:3e:7f:
e5:a7:6d:5b:9b:e8:e2:3f:05:b9:fe:8c:7d:cb:7d:90:ee:d6:
0c:9f:a0:5f:7b:6a:fe:b1:fc:7a:3b:64:3c:d6:41:1c:3e:98:
5c:b0:1a:48:2c:d4:80:40:f9:ce:f1:37:68:af:ab:d7:b9:fe:
33:9f:3d:44:46:fd:73:b5:18:41:e3:1e:71:3c:31:d1:98:ea:
92:25:f2:8d:e5:1d:fa:ec:de:bb:0a:cf:7c:0d:a6:9f:12:72:
44:d5:fb:f1:ea:4e:72:9a:a6:a3:06:b2:3a:4a:9d:07:53:23:
25:bf:03:5c:56:4a:f0:c1:a4:27:74:77:a1:c4:a9:48:b6:b9:
13:e7:02:a2:0b:25:b0:ca:eb:a3:97:fe:d1:2b:cb:dd:e0:d8:
1a:c1:95:db:40:3f:86:1c:94:c5:fd:d7:21:2b:f3:ef:38:2a:
ff:fc:af:db
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUFtIH3h58L56gQhXbvH3mpNpXRuEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2ZlYTM3ZmRmZTI5YjM0MTczZTk3ZjFiNjM3YTQ0ZWM0
MWFjZWJiODAeFw0yNjA2MDUwNjI0MTBaFw0yNzA2MDQwNjI5MTBaMDMxMTAvBgNV
BAMTKDA4NUYwRTQzM0M5RjMxOTM4QUVBMjVDRjkwNzJFOTExMDI3QTU4OEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDopmKNBvIDhSD7M9Y4ZNYGzLdZ
mKbRFkLVzTyT9GLFuvMgPWnhRiFsHHcozW25BGHGqBY6YzdpwyD22Sul2pngt5z1
dgoluagmIAulanqEmg/2fzEelO1uMQgovNYWudLrTA5g84U+T3Z+76hTuNMQiNea
KvxOXEra3Qzc2OmvDFYGZAx2bLWkZet7M7jSFBRHngJaMRVXq/wK4/wgYgNG3qke
vtaHChWU3BRtteiK+h5CLV7MQHa1soAHtctFei733iVX79jGrWPqlSndISP9gPAP
FuxmDXouHePmU/uJWichrgo/l9zdajsVaGhq2XWSq4E7gbm0XMB5tCqsxoSlAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUCF8OQzyfMZOK6iXPkHLpEQJ6WI0wHwYDVR0j
BBgwFoAUf+o3/f4ps0Fz6X8bY3pE7EGs67gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDNkZDQ4ZWItZDEzNi00ZjBlLWFmOGEtNTdhNmJkZDkz
YTlkLzAvN0ZFQTM3RkRGRTI5QjM0MTczRTk3RjFCNjM3QTQ0RUM0MUFDRUJCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2YtbzNfZjRwczBGejZYOGJZM3BFN0VH
czY3Zy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDNkZDQ4ZWIt
ZDEzNi00ZjBlLWFmOGEtNTdhNmJkZDkzYTlkLzAvMzEzOTMzMmUzMzM2MmUzMTM2
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzOTMzMzAzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEk
ozANBgkqhkiG9w0BAQsFAAOCAQEAY7VivrUKuoeTLNt+zU3y5uvBckgcE+Bw964x
XMHd4cGFz0ypaM44wUGRGuRB460/2gYOFOHNZZXdPmDZmuX2YAWaKN9bm1PCAreF
HDVZwW+o7lZ3nhYCLj5/5adtW5vo4j8Fuf6Mfct9kO7WDJ+gX3tq/rH8ejtkPNZB
HD6YXLAaSCzUgED5zvE3aK+r17n+M589REb9c7UYQeMecTwx0ZjqkiXyjeUd+uze
uwrPfA2mnxJyRNX78epOcpqmowayOkqdB1MjJb8DXFZK8MGkJ3R3ocSpSLa5E+cC
ogslsMrro5f+0SvL3eDYGsGV20A/hhyUxf3XISvz7zgq//yv2w==
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:39:53 2026 by rpki-client