Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3133322e302f32342d3234203d3e20323135323837.roa
File: 3139352e35382e3133322e302f32342d3234203d3e20323135323837.roa (raw, json)
Hash identifier: xpZ6fK4aYJSAOZk2JgJm2HiUa/sElglyzirwzx5ZXtA=
Subject key identifier: 5A:8D:CD:05:6E:EB:88:E0:76:96:78:67:A2:E3:3E:2D:81:C7:91:C7
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 427F2D150A066897879808CBC812588D2A9AE6E6
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3133322e302f32342d3234203d3e20323135323837.roa
Signing time: Sun 29 Mar 2026 20:08:49 +0000
ROA not before: Sun 29 Mar 2026 20:03:49 +0000
ROA not after: Sun 28 Mar 2027 20:08:49 +0000
asID: 215287
IP address blocks: 195.58.132.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:7f:2d:15:0a:06:68:97:87:98:08:cb:c8:12:58:8d:2a:9a:e6:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Mar 29 20:03:49 2026 GMT
Not After : Mar 28 20:08:49 2027 GMT
Subject: CN=5A8DCD056EEB88E076967867A2E33E2D81C791C7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:db:f0:cb:f4:fb:7c:6c:0d:7c:01:a5:de:16:
22:ef:d3:f4:ab:c8:47:0b:97:1a:73:08:f7:da:b7:
62:f1:9a:f5:5a:36:9c:ca:05:80:ac:b9:02:51:ac:
92:6a:3a:1d:01:30:e2:a7:b5:08:36:83:85:6f:c4:
60:45:46:c6:cc:38:04:36:0e:ef:c5:4f:9f:84:c4:
f9:21:45:74:4a:49:ba:44:9e:5d:a6:19:9a:2d:8d:
b6:fe:e4:d7:05:8a:a3:91:96:64:14:e9:b8:74:bd:
24:ff:31:ae:ca:80:9b:9f:86:76:86:03:85:be:5d:
e1:2a:90:70:30:1a:24:66:03:a0:12:f3:a4:90:d8:
18:70:62:e4:82:27:a0:9f:10:97:c9:42:60:a3:c0:
bd:43:1c:a1:c1:2c:4c:85:72:d4:63:a7:42:56:8b:
2c:1f:c3:ac:6a:c0:4f:26:63:7c:a6:52:b8:5f:cb:
f8:57:71:3f:29:2f:60:e8:f1:e8:12:d2:2b:23:df:
ec:1e:49:aa:fc:09:b7:f4:9b:5d:8f:6f:92:e7:1d:
fd:bb:ce:da:ea:cc:ce:be:ea:4d:47:4e:ba:91:8a:
ce:77:38:be:8b:cb:ed:fc:60:11:56:dd:a9:79:9e:
13:67:5c:c6:39:ce:a7:78:ee:ef:06:af:96:98:83:
bf:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:8D:CD:05:6E:EB:88:E0:76:96:78:67:A2:E3:3E:2D:81:C7:91:C7
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3133322e302f32342d3234203d3e20323135323837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.58.132.0/24
Signature Algorithm: sha256WithRSAEncryption
16:3c:46:98:92:43:df:e8:de:df:43:a1:de:27:da:ee:89:14:
c0:e5:ff:a7:5d:e4:e4:a0:1e:3b:bd:a9:ac:22:9a:fe:6d:ac:
e2:f1:17:49:87:dd:92:e6:c8:70:66:2d:a2:a0:66:0a:c5:73:
6c:a3:76:16:cf:4a:18:00:84:46:5f:5f:b0:03:f3:85:f0:ae:
22:7d:1a:cb:04:60:f6:55:cb:f0:12:5e:a7:1e:f8:2c:62:13:
e1:43:51:48:49:3f:6a:0e:90:ff:3d:ce:43:e6:1f:b1:06:c2:
30:b1:f9:ae:c5:71:af:02:49:ee:ce:97:40:ff:f1:a2:d6:73:
90:b7:4f:d4:63:0d:2b:5b:22:e4:57:e8:69:e2:7d:f0:9b:ff:
64:eb:09:2e:a8:b6:f8:27:61:d0:17:65:d6:c6:6d:e8:3a:94:
a5:0d:1b:be:98:29:ea:78:fc:cf:81:95:02:35:07:7b:61:15:
87:25:95:33:7b:a5:39:6b:4f:31:3f:8b:f0:61:08:74:6a:c7:
c6:8d:9e:3d:84:da:10:c4:5a:9c:3a:e4:88:64:13:45:1c:30:
a1:79:5d:44:ac:54:45:bc:95:3b:6b:b2:76:ad:0a:0d:8b:78:
50:6e:fe:b3:52:6f:6f:7b:34:69:89:b9:2c:69:0a:01:0a:21:
b1:eb:51:95
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQn8tFQoGaJeHmAjLyBJYjSqa5uYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjAzMjkyMDAzNDlaFw0yNzAzMjgyMDA4NDlaMDMxMTAvBgNV
BAMTKDVBOERDRDA1NkVFQjg4RTA3Njk2Nzg2N0EyRTMzRTJEODFDNzkxQzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDV2/DL9Pt8bA18AaXeFiLv0/Sr
yEcLlxpzCPfat2LxmvVaNpzKBYCsuQJRrJJqOh0BMOKntQg2g4VvxGBFRsbMOAQ2
Du/FT5+ExPkhRXRKSbpEnl2mGZotjbb+5NcFiqORlmQU6bh0vST/Ma7KgJufhnaG
A4W+XeEqkHAwGiRmA6AS86SQ2BhwYuSCJ6CfEJfJQmCjwL1DHKHBLEyFctRjp0JW
iywfw6xqwE8mY3ymUrhfy/hXcT8pL2Do8egS0isj3+weSar8Cbf0m12Pb5LnHf27
ztrqzM6+6k1HTrqRis53OL6Ly+38YBFW3al5nhNnXMY5zqd47u8Gr5aYg78dAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUWo3NBW7riOB2lnhnouM+LYHHkccwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzOTM1MmUzNTM4MmUzMTMz
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzUzMjM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADDOoQwDQYJKoZIhvcNAQELBQADggEBABY8RpiSQ9/o3t9Dod4n2u6JFMDl/6dd
5OSgHju9qawimv5trOLxF0mH3ZLmyHBmLaKgZgrFc2yjdhbPShgAhEZfX7AD84Xw
riJ9GssEYPZVy/ASXqce+CxiE+FDUUhJP2oOkP89zkPmH7EGwjCx+a7Fca8CSe7O
l0D/8aLWc5C3T9RjDStbIuRX6GniffCb/2TrCS6otvgnYdAXZdbGbeg6lKUNG76Y
Kep4/M+BlQI1B3thFYcllTN7pTlrTzE/i/BhCHRqx8aNnj2E2hDEWpw65IhkE0Uc
MKF5XUSsVEW8lTtrsnatCg2LeFBu/rNSb297NGmJuSxpCgEKIbHrUZU=
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:20:48 2026 by rpki-client