Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/61708a6b-6c3a-40a0-a302-595ecc17848c/4/3139332e3130362e36372e302f32342d3234203d3e203630383630.roa
File: 3139332e3130362e36372e302f32342d3234203d3e203630383630.roa (raw, json)
Hash identifier: AR/qw0HziLw8HHdQriZPc+gMCtTCe+FKN/BuvJjupJg=
Subject key identifier: D4:B1:05:59:8B:73:66:C2:AD:7B:53:9A:04:98:8B:05:5B:CC:05:50
Certificate issuer: /CN=d18f31b98ed35ec23be81c3fffefd1a354dad96a
Certificate serial: 14AB23B6BC91249EE2A3FB7EB753CBC08FCDCC70
Authority key identifier: D1:8F:31:B9:8E:D3:5E:C2:3B:E8:1C:3F:FF:EF:D1:A3:54:DA:D9:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Y8xuY7TXsI76Bw__-_Ro1Ta2Wo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/61708a6b-6c3a-40a0-a302-595ecc17848c/4/3139332e3130362e36372e302f32342d3234203d3e203630383630.roa
Signing time: Thu 12 Feb 2026 19:49:22 +0000
ROA not before: Thu 12 Feb 2026 19:44:22 +0000
ROA not after: Thu 11 Feb 2027 19:49:22 +0000
asID: 60860
IP address blocks: 193.106.67.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/61708a6b-6c3a-40a0-a302-595ecc17848c/4/D18F31B98ED35EC23BE81C3FFFEFD1A354DAD96A.crl
rsync://rsync.paas.rpki.ripe.net/repository/61708a6b-6c3a-40a0-a302-595ecc17848c/4/D18F31B98ED35EC23BE81C3FFFEFD1A354DAD96A.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Y8xuY7TXsI76Bw__-_Ro1Ta2Wo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:ab:23:b6:bc:91:24:9e:e2:a3:fb:7e:b7:53:cb:c0:8f:cd:cc:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d18f31b98ed35ec23be81c3fffefd1a354dad96a
Validity
Not Before: Feb 12 19:44:22 2026 GMT
Not After : Feb 11 19:49:22 2027 GMT
Subject: CN=D4B105598B7366C2AD7B539A04988B055BCC0550
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:30:78:ba:e5:ec:e2:5f:23:aa:c8:4e:a4:28:
ee:13:2c:74:a0:cc:b6:bd:dc:43:d2:3a:85:08:03:
95:1a:33:13:ac:48:ea:27:dd:98:8c:c3:12:c1:73:
11:76:f1:e8:07:0a:ff:77:11:ac:86:07:3e:22:7e:
09:1e:92:de:0b:07:3a:bc:7c:e7:d8:10:ed:79:2f:
43:b9:7f:8f:68:0c:c1:96:b3:5f:53:67:ce:3a:f3:
e9:e9:f8:9b:f4:7c:72:cd:1d:8f:20:5c:10:b8:7f:
cc:61:b1:82:b5:06:2b:5b:a2:ff:60:86:00:5d:07:
7d:da:2f:ba:32:07:41:73:35:c6:aa:33:28:2e:70:
40:bc:1c:71:39:71:6f:ea:8f:64:a6:16:bc:d7:76:
ca:4b:b1:fc:ab:da:3b:f6:81:04:88:d0:4a:e6:48:
86:4e:27:5f:24:6d:f2:51:20:08:f3:e4:fb:0a:d2:
0e:e9:a4:c2:9c:13:cb:7b:bf:6c:6b:c9:7d:b9:71:
79:3f:a8:86:3c:c4:b1:70:2a:5f:76:55:9e:6a:4f:
35:ef:2f:df:e7:71:66:56:8b:4a:df:03:a8:35:75:
11:bf:f3:02:49:73:5d:9f:e3:89:62:84:c8:2b:d1:
47:38:67:13:5c:5e:b6:2c:76:92:e4:b1:84:8a:e3:
92:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:B1:05:59:8B:73:66:C2:AD:7B:53:9A:04:98:8B:05:5B:CC:05:50
X509v3 Authority Key Identifier:
keyid:D1:8F:31:B9:8E:D3:5E:C2:3B:E8:1C:3F:FF:EF:D1:A3:54:DA:D9:6A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/61708a6b-6c3a-40a0-a302-595ecc17848c/4/D18F31B98ED35EC23BE81C3FFFEFD1A354DAD96A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Y8xuY7TXsI76Bw__-_Ro1Ta2Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/61708a6b-6c3a-40a0-a302-595ecc17848c/4/3139332e3130362e36372e302f32342d3234203d3e203630383630.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.106.67.0/24
Signature Algorithm: sha256WithRSAEncryption
36:02:d9:66:f2:23:dc:0b:9d:ec:0f:b5:36:de:3c:aa:8d:34:
01:cd:29:66:74:64:5d:78:78:36:12:0b:a9:3d:57:c1:e1:07:
61:28:4a:ae:9e:a1:7d:6f:79:29:56:57:b6:81:d9:8c:56:71:
75:3d:3b:b5:68:48:34:8b:17:51:0c:97:14:e2:14:3d:1e:41:
d5:4c:9d:2e:c2:09:5f:ab:a9:b8:15:31:94:99:f6:a9:fe:fc:
f0:53:b5:b1:9a:ef:ad:76:e6:6a:35:fd:f3:f1:7b:55:f1:62:
8a:dd:99:ff:9a:1f:02:2a:ea:29:a1:da:20:d5:32:32:6d:ab:
a5:b6:e4:3f:f3:3d:e2:a6:62:3a:94:a7:74:c6:95:45:30:bd:
f4:3b:2e:fe:6b:64:d6:86:10:84:61:89:56:ed:50:11:16:d8:
34:69:c8:c0:95:00:5f:cd:66:b6:73:ec:97:37:4d:fc:c1:b6:
07:da:87:3a:a1:b5:ea:ae:d7:d1:6b:42:49:02:96:27:bb:4c:
dd:fb:aa:c1:98:31:9d:a2:30:1d:e1:74:e1:da:17:d9:fd:56:
e1:6a:21:2a:ca:3f:d8:76:a6:d2:75:a3:72:28:81:d1:3a:2b:
3c:d0:b0:1b:26:1a:4c:d9:c4:c4:cc:7c:aa:75:35:0a:d6:b3:
a7:18:a8:6c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUFKsjtryRJJ7io/t+t1PLwI/NzHAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE4ZjMxYjk4ZWQzNWVjMjNiZTgxYzNmZmZlZmQxYTM1
NGRhZDk2YTAeFw0yNjAyMTIxOTQ0MjJaFw0yNzAyMTExOTQ5MjJaMDMxMTAvBgNV
BAMTKEQ0QjEwNTU5OEI3MzY2QzJBRDdCNTM5QTA0OTg4QjA1NUJDQzA1NTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMMHi65eziXyOqyE6kKO4TLHSg
zLa93EPSOoUIA5UaMxOsSOon3ZiMwxLBcxF28egHCv93EayGBz4ifgkekt4LBzq8
fOfYEO15L0O5f49oDMGWs19TZ8468+np+Jv0fHLNHY8gXBC4f8xhsYK1Bitbov9g
hgBdB33aL7oyB0FzNcaqMygucEC8HHE5cW/qj2SmFrzXdspLsfyr2jv2gQSI0Erm
SIZOJ18kbfJRIAjz5PsK0g7ppMKcE8t7v2xryX25cXk/qIY8xLFwKl92VZ5qTzXv
L9/ncWZWi0rfA6g1dRG/8wJJc12f44lihMgr0Uc4ZxNcXrYsdpLksYSK45LVAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU1LEFWYtzZsKte1OaBJiLBVvMBVAwHwYDVR0j
BBgwFoAU0Y8xuY7TXsI76Bw//+/Ro1Ta2WowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNjE3MDhhNmItNmMzYS00MGEwLWEzMDItNTk1ZWNjMTc4
NDhjLzQvRDE4RjMxQjk4RUQzNUVDMjNCRTgxQzNGRkZFRkQxQTM1NERBRDk2QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBZOHh1WTdUWHNJNzZCd19fLV9SbzFU
YTJXby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNjE3MDhhNmIt
NmMzYS00MGEwLWEzMDItNTk1ZWNjMTc4NDhjLzQvMzEzOTMzMmUzMTMwMzYyZTM2
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMwMzgzNjMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wWpDMA0GCSqGSIb3DQEBCwUAA4IBAQA2Atlm8iPcC53sD7U23jyqjTQBzSlmdGRd
eHg2EgupPVfB4QdhKEqunqF9b3kpVle2gdmMVnF1PTu1aEg0ixdRDJcU4hQ9HkHV
TJ0uwglfq6m4FTGUmfap/vzwU7Wxmu+tduZqNf3z8XtV8WKK3Zn/mh8CKuopodog
1TIybaultuQ/8z3ipmI6lKd0xpVFML30Oy7+a2TWhhCEYYlW7VARFtg0acjAlQBf
zWa2c+yXN038wbYH2oc6obXqrtfRa0JJApYnu0zd+6rBmDGdojAd4XTh2hfZ/Vbh
aiEqyj/YdqbSdaNyKIHROis80LAbJhpM2cTEzHyqdTUK1rOnGKhs
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:30:13 2026 by rpki-client