Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3133312e302f32342d3234203d3e20313939343233.roa
File: 3139352e35382e3133312e302f32342d3234203d3e20313939343233.roa (raw, json)
Hash identifier: S5v7wMzaS/2PJOI+MPHcglquqzX4dyj4jouiNoRRJok=
Subject key identifier: 5D:D6:E2:81:A5:3C:67:A8:02:4D:98:2B:EC:1F:72:B9:88:75:2D:8A
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 5EAE6A8D50D9234C70B7B78C381CF1C1989CC803
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3133312e302f32342d3234203d3e20313939343233.roa
Signing time: Mon 06 Apr 2026 16:44:29 +0000
ROA not before: Mon 06 Apr 2026 16:39:29 +0000
ROA not after: Mon 05 Apr 2027 16:44:29 +0000
asID: 199423
IP address blocks: 195.58.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:ae:6a:8d:50:d9:23:4c:70:b7:b7:8c:38:1c:f1:c1:98:9c:c8:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Apr 6 16:39:29 2026 GMT
Not After : Apr 5 16:44:29 2027 GMT
Subject: CN=5DD6E281A53C67A8024D982BEC1F72B988752D8A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b2:d4:22:66:76:12:85:a5:09:12:4c:4d:f9:
da:88:c3:34:a5:9c:02:8a:31:81:b8:ee:62:ac:cb:
2f:45:0c:89:b2:b4:82:06:6c:9c:08:97:48:9a:1f:
4f:33:f6:76:70:35:ed:72:4c:62:6d:1d:61:16:9b:
86:dd:75:f1:e2:05:cf:3d:61:1a:98:f8:88:d3:20:
03:b1:bc:df:fb:13:a6:35:ed:8e:58:01:b2:fc:61:
0a:da:47:58:a2:15:13:a0:4e:db:db:12:a7:8d:2b:
8a:02:4e:17:42:71:cd:e9:eb:a5:09:8d:11:83:29:
f8:a7:63:47:78:9d:d2:8a:8f:04:57:10:08:cd:50:
59:7a:40:f8:e0:32:ba:23:4a:92:3a:3c:c5:5c:73:
09:0f:ab:5b:aa:2e:b8:ab:bc:20:c1:3e:24:40:4a:
ee:b5:9f:84:34:4e:11:94:8c:b3:ae:33:b8:02:d5:
d2:9c:f6:0b:e2:bf:d2:e0:3e:5d:6a:68:5e:12:90:
c2:27:83:54:e8:29:8e:a6:cf:dd:49:84:13:c7:a7:
89:78:95:f8:8b:80:f8:10:ea:6f:a3:bb:55:0e:c6:
89:e0:5f:a9:96:8e:56:a1:8a:c0:6b:9b:05:e8:da:
5d:7f:ab:e9:15:f0:72:06:89:71:ae:fe:4a:5b:81:
be:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:D6:E2:81:A5:3C:67:A8:02:4D:98:2B:EC:1F:72:B9:88:75:2D:8A
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3133312e302f32342d3234203d3e20313939343233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.58.131.0/24
Signature Algorithm: sha256WithRSAEncryption
95:92:c3:38:a8:2d:f1:58:0b:1d:10:5f:12:7d:eb:98:cc:73:
a1:f9:8c:9a:40:bd:39:26:af:03:e7:c8:eb:47:f6:86:a1:73:
0b:6d:67:9f:30:a0:e8:11:3c:ae:10:62:c1:ff:b9:b2:ae:82:
0b:81:27:b5:4e:20:07:60:f7:54:06:08:ce:5f:0f:2c:60:41:
65:9d:cf:a0:02:6a:2f:d3:88:59:f5:d5:cf:ea:72:5b:d5:a7:
de:0c:e2:bb:34:81:d3:74:b6:ad:20:81:40:60:9b:dd:44:9d:
6c:ad:e3:cd:ab:d9:89:09:8d:19:df:fe:77:cd:07:a3:84:b8:
51:c9:39:8c:2d:08:b1:ad:8c:9a:27:48:a3:77:93:3b:30:76:
3c:f0:a8:2c:64:54:8e:c9:d6:29:1f:7e:0d:90:a8:37:26:f7:
42:a5:56:7d:4b:a1:c2:9d:a7:69:99:b9:dc:c0:89:9f:74:61:
20:af:4a:4f:ab:e1:07:bb:85:66:e3:a5:d6:58:9f:62:2a:e9:
4d:56:5c:b6:1d:e8:f2:58:a1:63:c9:ff:1e:23:af:c8:15:b7:
2f:08:71:6c:6d:43:24:00:0e:0c:0b:63:b4:92:b3:d9:16:55:
70:c9:bf:a6:e8:a9:2d:19:e3:df:5d:44:3b:0a:d2:26:fa:c7:
7a:3b:fc:3d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUXq5qjVDZI0xwt7eMOBzxwZicyAMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjA0MDYxNjM5MjlaFw0yNzA0MDUxNjQ0MjlaMDMxMTAvBgNV
BAMTKDVERDZFMjgxQTUzQzY3QTgwMjREOTgyQkVDMUY3MkI5ODg3NTJEOEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCustQiZnYShaUJEkxN+dqIwzSl
nAKKMYG47mKsyy9FDImytIIGbJwIl0iaH08z9nZwNe1yTGJtHWEWm4bddfHiBc89
YRqY+IjTIAOxvN/7E6Y17Y5YAbL8YQraR1iiFROgTtvbEqeNK4oCThdCcc3p66UJ
jRGDKfinY0d4ndKKjwRXEAjNUFl6QPjgMrojSpI6PMVccwkPq1uqLrirvCDBPiRA
Su61n4Q0ThGUjLOuM7gC1dKc9gviv9LgPl1qaF4SkMIng1ToKY6mz91JhBPHp4l4
lfiLgPgQ6m+ju1UOxongX6mWjlahisBrmwXo2l1/q+kV8HIGiXGu/kpbgb5NAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUXdbigaU8Z6gCTZgr7B9yuYh1LYowHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzOTM1MmUzNTM4MmUzMTMz
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM5MzkzNDMyMzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADDOoMwDQYJKoZIhvcNAQELBQADggEBAJWSwzioLfFYCx0QXxJ965jMc6H5jJpA
vTkmrwPnyOtH9oahcwttZ58woOgRPK4QYsH/ubKugguBJ7VOIAdg91QGCM5fDyxg
QWWdz6ACai/TiFn11c/qclvVp94M4rs0gdN0tq0ggUBgm91EnWyt482r2YkJjRnf
/nfNB6OEuFHJOYwtCLGtjJonSKN3kzswdjzwqCxkVI7J1ikffg2QqDcm90KlVn1L
ocKdp2mZudzAiZ90YSCvSk+r4Qe7hWbjpdZYn2Iq6U1WXLYd6PJYoWPJ/x4jr8gV
ty8IcWxtQyQADgwLY7SSs9kWVXDJv6boqS0Z499dRDsK0ib6x3o7/D0=
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:11:01 2026 by rpki-client