Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139352e302f32342d3234203d3e20323133363638.roa
File: 3139342e33312e3139352e302f32342d3234203d3e20323133363638.roa (raw, json)
Hash identifier: pCuQNjK5vxSYZwtC7uzq87OexUIwDcw+LKWQti/Nk9E=
Subject key identifier: BA:45:6C:A2:97:09:4A:93:ED:A0:DD:92:03:51:12:AA:D1:77:94:64
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 1D18F6B80DE609FD4C96B8E59E5086A5583E1E66
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139352e302f32342d3234203d3e20323133363638.roa
Signing time: Fri 27 Mar 2026 08:46:56 +0000
ROA not before: Fri 27 Mar 2026 08:41:56 +0000
ROA not after: Fri 26 Mar 2027 08:46:56 +0000
asID: 213668
IP address blocks: 194.31.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 04:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:18:f6:b8:0d:e6:09:fd:4c:96:b8:e5:9e:50:86:a5:58:3e:1e:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Mar 27 08:41:56 2026 GMT
Not After : Mar 26 08:46:56 2027 GMT
Subject: CN=BA456CA297094A93EDA0DD92035112AAD1779464
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:73:aa:f9:bf:48:5b:82:5a:51:c8:10:f2:43:
ec:ea:62:1b:03:38:95:75:c4:1c:2d:79:c7:9c:ab:
0e:61:7f:1e:01:1c:bb:a0:51:51:9e:d1:4b:09:20:
02:db:6a:ed:91:c2:7f:8f:5b:2d:74:73:0f:f7:54:
14:4c:2c:e7:af:e7:6f:f5:f2:40:42:c8:42:82:83:
c0:4f:68:f6:a9:32:d8:26:2a:1c:d0:00:e4:eb:33:
2a:2f:57:5d:f1:b6:52:e5:84:55:f0:df:1f:ad:29:
6b:a0:3e:b4:10:d5:ca:8c:53:de:95:0a:b0:e7:70:
90:85:08:dd:62:b5:2f:44:90:04:69:09:5f:91:cb:
92:db:bd:34:5e:d1:2d:fe:83:18:8f:03:6d:cd:e4:
7f:bd:38:e1:b5:a0:ad:c9:9a:a3:28:ca:a3:ed:e3:
5e:ae:fa:7a:36:6e:9c:15:86:87:22:31:68:45:40:
7f:f4:0b:d9:eb:8d:09:cf:c3:26:bf:20:50:4c:54:
50:7c:df:f7:fd:35:10:f6:c2:b5:3b:47:72:8e:c6:
a1:6c:68:7b:31:b5:3e:14:91:50:a3:79:4e:f3:8c:
58:d5:45:68:3d:14:73:fb:b3:44:a9:f9:44:6e:f6:
f0:9d:45:23:09:49:e5:8a:99:f6:9e:67:31:6a:dc:
40:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:45:6C:A2:97:09:4A:93:ED:A0:DD:92:03:51:12:AA:D1:77:94:64
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139352e302f32342d3234203d3e20323133363638.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.195.0/24
Signature Algorithm: sha256WithRSAEncryption
05:c6:15:6d:cf:8d:71:e7:63:69:df:6b:91:77:ac:92:1a:10:
86:89:a7:2f:7f:a0:3e:8e:85:11:47:11:eb:d5:bf:c9:88:d7:
06:3c:d2:3d:d3:3e:dc:5e:20:32:9d:3a:ac:d0:14:c4:b0:3b:
41:ab:4b:eb:d4:01:43:52:e6:fd:be:03:84:ab:c5:34:06:e5:
e9:9a:7b:0f:cb:e9:e5:0a:0d:b4:de:4f:ed:a2:d5:d7:dd:fd:
78:b2:62:c8:2f:55:5f:22:2f:0a:c2:f2:d5:2d:1d:f7:e0:48:
ee:24:42:01:13:99:59:d9:b2:9a:76:d6:ee:2b:63:ed:98:4d:
ca:69:8a:40:78:11:98:90:65:86:81:86:aa:a2:53:2f:38:75:
1f:88:37:25:a1:3a:3a:ba:05:c6:8c:ba:40:10:af:33:f0:5f:
78:0f:a4:3f:65:72:86:00:5c:47:4b:61:67:44:5c:2d:8b:52:
b9:16:69:38:01:68:57:a5:3a:4c:e4:c8:cc:1e:36:26:ad:8b:
bc:c8:ef:f6:fd:e1:bf:52:0e:a2:56:3e:f4:4a:07:4d:ee:64:
a6:f8:5b:4a:45:5d:51:20:e6:5e:be:36:8a:10:30:89:69:fb:
2c:f3:d8:82:85:69:51:62:fc:cb:91:1e:6f:14:be:fb:ff:fc:
b4:af:1c:4c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUHRj2uA3mCf1MlrjlnlCGpVg+HmYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNjAzMjcwODQxNTZaFw0yNzAzMjYwODQ2NTZaMDMxMTAvBgNV
BAMTKEJBNDU2Q0EyOTcwOTRBOTNFREEwREQ5MjAzNTExMkFBRDE3Nzk0NjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCc6r5v0hbglpRyBDyQ+zqYhsD
OJV1xBwtececqw5hfx4BHLugUVGe0UsJIALbau2Rwn+PWy10cw/3VBRMLOev52/1
8kBCyEKCg8BPaPapMtgmKhzQAOTrMyovV13xtlLlhFXw3x+tKWugPrQQ1cqMU96V
CrDncJCFCN1itS9EkARpCV+Ry5LbvTRe0S3+gxiPA23N5H+9OOG1oK3JmqMoyqPt
416u+no2bpwVhociMWhFQH/0C9nrjQnPwya/IFBMVFB83/f9NRD2wrU7R3KOxqFs
aHsxtT4UkVCjeU7zjFjVRWg9FHP7s0Sp+URu9vCdRSMJSeWKmfaeZzFq3EARAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUukVsopcJSpPtoN2SA1ESqtF3lGQwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzEzOTM0MmUzMzMxMmUzMTM5
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzMzNjM2Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCH8MwDQYJKoZIhvcNAQELBQADggEBAAXGFW3PjXHnY2nfa5F3rJIaEIaJpy9/
oD6OhRFHEevVv8mI1wY80j3TPtxeIDKdOqzQFMSwO0GrS+vUAUNS5v2+A4SrxTQG
5emaew/L6eUKDbTeT+2i1dfd/XiyYsgvVV8iLwrC8tUtHffgSO4kQgETmVnZspp2
1u4rY+2YTcppikB4EZiQZYaBhqqiUy84dR+INyWhOjq6BcaMukAQrzPwX3gPpD9l
coYAXEdLYWdEXC2LUrkWaTgBaFelOkzkyMweNiati7zI7/b94b9SDqJWPvRKB03u
ZKb4W0pFXVEg5l6+NooQMIlp+yzz2IKFaVFi/MuRHm8Uvvv//LSvHEw=
-----END CERTIFICATE-----
Generated at Sun Apr 19 14:07:40 2026 by rpki-client