Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3133332e302f32342d3234203d3e20323134303833.roa
File: 3139352e35382e3133332e302f32342d3234203d3e20323134303833.roa (raw, json)
Hash identifier: nqclwP/GocppbLWyUcK+vNP09UGhIbB3v7ZBYl0q7zE=
Subject key identifier: 8E:14:B2:A2:54:AF:4B:99:ED:CF:18:B9:EA:53:A9:AB:FD:AA:15:6F
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 7C4402F14007C726ECB9D602C42C290BEF63D318
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3133332e302f32342d3234203d3e20323134303833.roa
Signing time: Sun 31 May 2026 13:00:07 +0000
ROA not before: Sun 31 May 2026 12:55:07 +0000
ROA not after: Sun 30 May 2027 13:00:07 +0000
asID: 214083
IP address blocks: 195.58.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 12:33:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:44:02:f1:40:07:c7:26:ec:b9:d6:02:c4:2c:29:0b:ef:63:d3:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: May 31 12:55:07 2026 GMT
Not After : May 30 13:00:07 2027 GMT
Subject: CN=8E14B2A254AF4B99EDCF18B9EA53A9ABFDAA156F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:69:73:e8:a0:95:47:5b:4f:ea:8f:cd:56:62:
e4:c9:57:e6:1b:d8:f3:17:0b:f4:de:b6:a1:d7:45:
8e:2e:6d:6e:4f:c2:69:25:bb:f0:85:d3:37:5a:8e:
d8:c2:b5:0d:0f:ee:3b:16:3a:57:e6:31:30:c0:a4:
4f:c2:6c:1d:81:b4:bb:da:0a:3b:7f:10:8d:5c:22:
9b:e9:9d:51:79:9f:4a:43:46:9e:a3:fa:c3:e9:bf:
37:0e:32:2c:1c:e3:dc:92:ac:cc:ed:71:6b:92:18:
8d:d0:fc:01:89:c3:6a:a5:56:52:b0:d0:ab:0d:56:
43:d7:8e:64:62:80:30:cb:e7:ad:e0:70:11:ec:4e:
79:42:ad:77:35:34:e7:c8:2f:f6:40:fa:47:f9:3b:
75:80:f2:3f:3b:f6:fc:3a:17:ff:94:fc:29:fe:94:
a5:7b:f5:73:09:0e:60:95:da:b1:ca:70:4d:0d:44:
f1:06:0e:37:07:f0:3c:e5:1d:98:a1:9d:12:d9:c2:
d9:9e:cb:55:79:5c:a2:6b:43:12:5b:9f:7a:9c:78:
1b:c6:81:92:06:ee:f5:43:f5:e8:4c:36:20:f7:64:
86:a9:6f:bb:00:d7:fe:3e:57:81:32:9f:cf:86:95:
85:c6:e5:4a:ec:62:f6:87:10:e1:1b:07:32:e2:75:
b7:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:14:B2:A2:54:AF:4B:99:ED:CF:18:B9:EA:53:A9:AB:FD:AA:15:6F
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3133332e302f32342d3234203d3e20323134303833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.58.133.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:c3:50:ed:2f:7b:5b:7d:30:a8:03:a5:2a:39:88:b3:43:71:
4f:c0:82:eb:a2:f3:f7:57:2c:e1:6c:da:c8:6b:2d:af:0b:d0:
a4:1a:8a:11:86:a9:f1:64:51:3a:31:a1:c1:a2:8f:d0:c5:e2:
b5:7d:80:41:29:9a:b7:31:9c:54:42:12:0f:8e:43:81:ce:ca:
e9:fe:42:e3:62:39:73:a5:86:ae:69:c3:25:ce:dc:6d:b2:57:
22:78:d4:f7:60:0c:ce:fc:25:2a:4f:60:f3:1d:b7:0c:82:11:
4d:8e:6a:c2:73:3c:81:55:5b:70:21:98:f8:73:84:2e:7a:d9:
af:f7:70:36:d9:15:43:ce:0e:7f:63:89:92:fc:42:06:26:a6:
93:38:30:0d:64:9e:48:09:1e:26:e0:20:ba:12:93:78:61:08:
ea:5b:5a:64:c1:4d:ed:97:7d:cb:c6:2f:4c:2e:79:8e:20:a2:
d6:4c:58:ff:28:23:37:d1:d8:22:e7:52:64:07:e4:aa:3c:15:
05:53:2e:e7:1b:13:c4:0b:e2:41:d1:82:0b:2c:60:f4:ef:9b:
1d:26:e5:61:07:4e:9a:66:37:a9:77:12:f8:f9:9f:2f:45:f2:
41:df:66:af:d2:04:e8:65:88:84:4f:8d:c6:c1:c1:96:ec:85:
7c:49:ac:ca
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUfEQC8UAHxybsudYCxCwpC+9j0xgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjA1MzExMjU1MDdaFw0yNzA1MzAxMzAwMDdaMDMxMTAvBgNV
BAMTKDhFMTRCMkEyNTRBRjRCOTlFRENGMThCOUVBNTNBOUFCRkRBQTE1NkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9aXPooJVHW0/qj81WYuTJV+Yb
2PMXC/TetqHXRY4ubW5Pwmklu/CF0zdajtjCtQ0P7jsWOlfmMTDApE/CbB2BtLva
Cjt/EI1cIpvpnVF5n0pDRp6j+sPpvzcOMiwc49ySrMztcWuSGI3Q/AGJw2qlVlKw
0KsNVkPXjmRigDDL563gcBHsTnlCrXc1NOfIL/ZA+kf5O3WA8j879vw6F/+U/Cn+
lKV79XMJDmCV2rHKcE0NRPEGDjcH8DzlHZihnRLZwtmey1V5XKJrQxJbn3qceBvG
gZIG7vVD9ehMNiD3ZIapb7sA1/4+V4Eyn8+GlYXG5UrsYvaHEOEbBzLidbfJAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUjhSyolSvS5ntzxi56lOpq/2qFW8wHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzOTM1MmUzNTM4MmUzMTMz
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzQzMDM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADDOoUwDQYJKoZIhvcNAQELBQADggEBAKDDUO0ve1t9MKgDpSo5iLNDcU/Aguui
8/dXLOFs2shrLa8L0KQaihGGqfFkUToxocGij9DF4rV9gEEpmrcxnFRCEg+OQ4HO
yun+QuNiOXOlhq5pwyXO3G2yVyJ41PdgDM78JSpPYPMdtwyCEU2OasJzPIFVW3Ah
mPhzhC562a/3cDbZFUPODn9jiZL8QgYmppM4MA1knkgJHibgILoSk3hhCOpbWmTB
Te2XfcvGL0wueY4gotZMWP8oIzfR2CLnUmQH5Ko8FQVTLucbE8QL4kHRggssYPTv
mx0m5WEHTppmN6l3Evj5ny9F8kHfZq/SBOhliIRPjcbBwZbshXxJrMo=
-----END CERTIFICATE-----
Generated at Sat Jun 13 21:33:21 2026 by rpki-client