Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3134362e31392e3136372e302f32342d3234203d3e20313432313131.roa
File: 3134362e31392e3136372e302f32342d3234203d3e20313432313131.roa (raw, json)
Hash identifier: X70d0T4GWN6rC/5/Z7B3IR7A4QtMvYWM6LmuwXwdnH0=
Subject key identifier: CF:B5:31:07:87:EE:69:2B:A2:B6:C2:C3:5F:71:B4:08:84:ED:BC:76
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 034F81E3EA49D07AA8FB215D5025C5B987B965C1
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3134362e31392e3136372e302f32342d3234203d3e20313432313131.roa
Signing time: Mon 01 Jun 2026 21:47:23 +0000
ROA not before: Mon 01 Jun 2026 21:42:23 +0000
ROA not after: Mon 31 May 2027 21:47:23 +0000
asID: 142111
IP address blocks: 146.19.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 15:22:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:4f:81:e3:ea:49:d0:7a:a8:fb:21:5d:50:25:c5:b9:87:b9:65:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Jun 1 21:42:23 2026 GMT
Not After : May 31 21:47:23 2027 GMT
Subject: CN=CFB5310787EE692BA2B6C2C35F71B40884EDBC76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:42:4e:5d:23:ab:ad:41:3e:c8:44:a5:ed:d2:
7e:8a:ad:73:fd:be:7d:2b:35:10:58:5b:73:fa:d2:
37:f1:6c:a5:d8:a4:1b:b3:c2:17:f2:12:27:ee:fc:
53:1b:8b:44:6b:b3:3d:73:ec:2e:19:25:db:25:41:
5e:3f:aa:39:e6:8c:2a:9e:b0:78:ad:70:6f:13:88:
75:c8:57:6b:e0:a2:e5:5c:b6:0e:cb:b3:ac:6e:87:
a8:07:f3:cd:13:18:e0:10:bc:2f:af:c3:e1:9a:8a:
53:6a:4b:3a:af:9f:14:d4:ba:56:39:71:f4:08:41:
db:41:37:fc:a3:ff:3d:34:44:63:96:26:36:68:20:
6b:3a:7f:e1:36:8a:18:ce:26:47:95:df:34:7b:17:
de:5c:71:7b:d5:50:98:4f:5b:f5:84:4a:43:1a:46:
a8:87:76:37:bc:20:da:4e:17:67:9a:12:ad:14:c5:
c6:f5:f3:86:e6:cb:6b:f1:59:df:02:7e:3b:9e:67:
33:a1:09:5a:fb:93:68:a6:68:da:3a:30:7e:78:81:
fb:4d:db:0a:4d:79:42:eb:cf:6c:05:b3:49:f7:e6:
f6:73:f6:fa:5c:ee:ff:f3:d7:56:a6:72:c0:97:cc:
d0:55:1a:5e:3a:f9:2e:32:94:3e:a2:d1:46:fb:e8:
62:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:B5:31:07:87:EE:69:2B:A2:B6:C2:C3:5F:71:B4:08:84:ED:BC:76
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3134362e31392e3136372e302f32342d3234203d3e20313432313131.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.167.0/24
Signature Algorithm: sha256WithRSAEncryption
80:1e:75:b0:67:a7:2e:e3:b9:37:9f:0a:02:8f:45:bd:b4:5c:
ee:d6:89:5f:fc:ad:2e:12:0d:40:d1:64:a7:5e:cf:12:07:d1:
e0:df:5d:35:95:15:98:18:dd:c1:16:71:a0:84:99:da:30:9c:
46:44:57:ee:4a:ed:26:71:d3:a4:d1:7e:f3:b0:19:9e:6e:cc:
86:e6:84:46:53:f4:d7:cc:90:dc:c8:6e:5a:d9:71:e1:71:97:
49:b3:e9:e8:31:7a:fa:5d:35:3b:73:f9:44:40:71:d6:5b:3f:
64:37:1d:36:77:16:b9:c6:e4:fe:39:cd:9d:f0:f7:3e:1a:00:
a8:6d:5c:fb:f0:a9:3e:02:44:ce:4a:11:6c:71:48:61:b7:50:
85:9e:29:7d:f6:4d:c6:6d:da:16:4e:2a:8e:46:e0:7b:c3:a5:
b3:73:b5:a0:fc:ae:c2:7b:b7:12:73:8d:13:a3:cd:4c:1b:91:
5c:df:44:40:98:bb:55:bb:9d:ae:bd:89:8c:3b:90:0e:9e:51:
b6:11:5e:5a:71:5b:37:8f:7a:0f:75:2e:77:6e:39:48:9d:eb:
07:a6:ed:a0:04:2f:ad:bf:6c:c1:66:36:19:b1:34:e2:68:ae:
7a:d8:cc:fb:40:1e:89:c4:57:79:14:15:c9:64:39:23:99:33:
22:5d:d7:88
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUA0+B4+pJ0Hqo+yFdUCXFuYe5ZcEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNjA2MDEyMTQyMjNaFw0yNzA1MzEyMTQ3MjNaMDMxMTAvBgNV
BAMTKENGQjUzMTA3ODdFRTY5MkJBMkI2QzJDMzVGNzFCNDA4ODRFREJDNzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkQk5dI6utQT7IRKXt0n6KrXP9
vn0rNRBYW3P60jfxbKXYpBuzwhfyEifu/FMbi0Rrsz1z7C4ZJdslQV4/qjnmjCqe
sHitcG8TiHXIV2vgouVctg7Ls6xuh6gH880TGOAQvC+vw+GailNqSzqvnxTUulY5
cfQIQdtBN/yj/z00RGOWJjZoIGs6f+E2ihjOJkeV3zR7F95ccXvVUJhPW/WESkMa
RqiHdje8INpOF2eaEq0Uxcb184bmy2vxWd8CfjueZzOhCVr7k2imaNo6MH54gftN
2wpNeULrz2wFs0n35vZz9vpc7v/z11amcsCXzNBVGl46+S4ylD6i0Ub76GLtAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUz7UxB4fuaSuitsLDX3G0CITtvHYwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzEzNDM2MmUzMTM5MmUzMTM2
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM0MzIzMTMxMzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACSE6cwDQYJKoZIhvcNAQELBQADggEBAIAedbBnpy7juTefCgKPRb20XO7WiV/8
rS4SDUDRZKdezxIH0eDfXTWVFZgY3cEWcaCEmdownEZEV+5K7SZx06TRfvOwGZ5u
zIbmhEZT9NfMkNzIblrZceFxl0mz6egxevpdNTtz+URAcdZbP2Q3HTZ3FrnG5P45
zZ3w9z4aAKhtXPvwqT4CRM5KEWxxSGG3UIWeKX32TcZt2hZOKo5G4HvDpbNztaD8
rsJ7txJzjROjzUwbkVzfRECYu1W7na69iYw7kA6eUbYRXlpxWzePeg91LnduOUid
6wem7aAEL62/bMFmNhmxNOJornrYzPtAHonEV3kUFclkOSOZMyJd14g=
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:59:08 2026 by rpki-client