Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/3139342e32362e3232332e302f32342d3234203d3e20343030313735.roa
File: 3139342e32362e3232332e302f32342d3234203d3e20343030313735.roa (raw, json)
Hash identifier: NgKAiWi/9kIzuK34CJYJ5NgD13mXufjklhJW/DfhGXg=
Subject key identifier: 52:81:45:89:44:B2:33:7B:31:FF:D8:53:56:FE:C2:33:62:13:86:CF
Certificate issuer: /CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Certificate serial: 03759181C052C5C16ECD46B558E434B531C057ED
Authority key identifier: FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/3139342e32362e3232332e302f32342d3234203d3e20343030313735.roa
Signing time: Mon 09 Feb 2026 18:55:38 +0000
ROA not before: Mon 09 Feb 2026 18:50:38 +0000
ROA not after: Mon 08 Feb 2027 18:55:38 +0000
asID: 400175
IP address blocks: 194.26.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.mft
rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:75:91:81:c0:52:c5:c1:6e:cd:46:b5:58:e4:34:b5:31:c0:57:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Validity
Not Before: Feb 9 18:50:38 2026 GMT
Not After : Feb 8 18:55:38 2027 GMT
Subject: CN=5281458944B2337B31FFD85356FEC233621386CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:83:66:84:ca:6e:db:d4:52:f1:97:99:7f:b2:
15:d0:f4:3e:a4:93:76:f3:e4:4b:b6:d7:f1:e6:a4:
d1:ef:f8:70:fb:9a:71:c5:dd:4e:6a:2d:8a:73:d5:
31:9f:51:b2:00:3a:8f:8d:23:1c:70:bb:43:d8:e5:
ac:88:e0:01:68:6b:d3:3b:a5:8c:79:f8:02:63:20:
f5:f3:82:ea:12:01:06:64:5f:b9:de:57:3f:3c:ce:
7f:ab:f2:f3:b2:69:26:7c:78:8d:f7:96:9f:cb:39:
e2:b4:04:c7:4f:c2:5e:4d:bb:65:f6:8c:a3:35:73:
51:10:68:f0:a5:ab:1c:46:4b:90:68:56:b2:6d:56:
ea:03:4d:39:44:93:fe:6f:fd:56:2d:1c:ca:02:f5:
73:01:57:49:60:00:e9:d7:76:d5:8a:ba:11:54:14:
0e:7e:20:bc:d9:36:54:11:ad:ac:4f:a1:1e:5f:ab:
84:22:06:fe:18:99:04:be:99:f8:f2:34:33:69:a2:
fb:d2:ba:57:20:4b:13:ca:c9:13:67:30:f7:4f:1a:
24:81:1d:a3:dd:af:9a:43:45:a9:4f:02:bc:51:cb:
c5:a4:a6:08:84:be:ce:1a:a7:eb:38:5a:4b:46:95:
15:40:4b:c4:30:d2:03:4e:2c:85:99:59:cb:35:ee:
91:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:81:45:89:44:B2:33:7B:31:FF:D8:53:56:FE:C2:33:62:13:86:CF
X509v3 Authority Key Identifier:
keyid:FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/3139342e32362e3232332e302f32342d3234203d3e20343030313735.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.26.223.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:b7:ba:d5:fb:ba:28:80:2c:94:80:e6:2b:08:e9:be:c8:4a:
61:34:e1:97:56:15:28:ff:83:d3:8a:63:d7:5e:c3:25:b8:42:
2c:37:fc:2a:c9:cf:f4:db:09:2d:a8:70:66:f6:05:72:c9:5c:
b2:83:43:a5:ec:e8:28:24:3f:7e:2f:ab:39:d3:63:e3:39:6c:
a5:2a:eb:0f:a8:4c:9a:2a:b1:c1:65:5b:cf:38:39:b0:42:ae:
4d:ed:c8:ef:3a:f2:ff:dc:b2:0a:c5:8f:eb:ae:81:0d:54:68:
d9:4f:51:c1:24:0c:69:2c:3e:cb:59:4a:c9:08:67:a5:5e:1c:
e9:70:16:b7:3f:44:ff:62:42:21:63:d5:01:8e:99:c7:e5:f9:
89:6a:e4:d5:ef:20:ec:77:57:3d:2b:84:a1:8c:5c:61:e6:71:
be:35:9e:51:eb:b9:f0:c7:27:c7:51:f5:2d:6a:71:e7:6c:2c:
63:d0:8c:12:ba:03:1f:34:08:5b:9e:1a:b3:e6:1c:77:a4:22:
4c:78:76:d9:53:bd:97:ef:be:72:0a:ac:80:c7:40:6a:cd:c3:
b0:5b:17:c1:1a:6d:20:17:c3:71:33:ed:0e:27:35:a2:b2:03:
ea:61:82:46:c1:c4:33:4e:b8:72:45:1d:64:24:94:33:9c:19:
00:94:15:4f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUA3WRgcBSxcFuzUa1WOQ0tTHAV+0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmY0MjZmMTliYTY3YmM4OWRlNWFlNmRmNDg3YzFjOGMx
ZTc1MmUyNzAeFw0yNjAyMDkxODUwMzhaFw0yNzAyMDgxODU1MzhaMDMxMTAvBgNV
BAMTKDUyODE0NTg5NDRCMjMzN0IzMUZGRDg1MzU2RkVDMjMzNjIxMzg2Q0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1g2aEym7b1FLxl5l/shXQ9D6k
k3bz5Eu21/HmpNHv+HD7mnHF3U5qLYpz1TGfUbIAOo+NIxxwu0PY5ayI4AFoa9M7
pYx5+AJjIPXzguoSAQZkX7neVz88zn+r8vOyaSZ8eI33lp/LOeK0BMdPwl5Nu2X2
jKM1c1EQaPClqxxGS5BoVrJtVuoDTTlEk/5v/VYtHMoC9XMBV0lgAOnXdtWKuhFU
FA5+ILzZNlQRraxPoR5fq4QiBv4YmQS+mfjyNDNpovvSulcgSxPKyRNnMPdPGiSB
HaPdr5pDRalPArxRy8WkpgiEvs4ap+s4WktGlRVAS8Qw0gNOLIWZWcs17pFpAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUUoFFiUSyM3sx/9hTVv7CM2IThs8wHwYDVR0j
BBgwFoAU/0JvGbpnvIneWubfSHwcjB51LicwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUtYmE5My00NjVmLTliNmUtN2ZiZDYzYmRm
ZjYzLzAvRkY0MjZGMTlCQTY3QkM4OURFNUFFNkRGNDg3QzFDOEMxRTc1MkUyNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL18wSnZHYnBudkluZVd1YmZTSHdjakI1
MUxpYy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUt
YmE5My00NjVmLTliNmUtN2ZiZDYzYmRmZjYzLzAvMzEzOTM0MmUzMjM2MmUzMjMy
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMwMzAzMTM3MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCGt8wDQYJKoZIhvcNAQELBQADggEBACq3utX7uiiALJSA5isI6b7ISmE04ZdW
FSj/g9OKY9dewyW4Qiw3/CrJz/TbCS2ocGb2BXLJXLKDQ6Xs6CgkP34vqznTY+M5
bKUq6w+oTJoqscFlW884ObBCrk3tyO868v/csgrFj+uugQ1UaNlPUcEkDGksPstZ
SskIZ6VeHOlwFrc/RP9iQiFj1QGOmcfl+Ylq5NXvIOx3Vz0rhKGMXGHmcb41nlHr
ufDHJ8dR9S1qcedsLGPQjBK6Ax80CFueGrPmHHekIkx4dtlTvZfvvnIKrIDHQGrN
w7BbF8EabSAXw3Ez7Q4nNaKyA+phgkbBxDNOuHJFHWQklDOcGQCUFU8=
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:32:07 2026 by rpki-client