Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3133332e302f32342d3234203d3e203633313939.roa
File: 3139352e35382e3133332e302f32342d3234203d3e203633313939.roa (raw, json)
Hash identifier: 5noFDIEnAdeG18LR9IsYvqtNKW3temWwogR5eHF0tvI=
Subject key identifier: 77:36:F2:C8:CB:00:93:D5:A6:F2:09:78:AD:F4:BE:1D:21:2F:48:15
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 34891B2852BE72520073B6870D2504F62AAC3A6C
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3133332e302f32342d3234203d3e203633313939.roa
Signing time: Mon 30 Mar 2026 08:52:49 +0000
ROA not before: Mon 30 Mar 2026 08:47:49 +0000
ROA not after: Mon 29 Mar 2027 08:52:49 +0000
asID: 63199
IP address blocks: 195.58.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 12:45:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:89:1b:28:52:be:72:52:00:73:b6:87:0d:25:04:f6:2a:ac:3a:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Mar 30 08:47:49 2026 GMT
Not After : Mar 29 08:52:49 2027 GMT
Subject: CN=7736F2C8CB0093D5A6F20978ADF4BE1D212F4815
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:84:90:6a:c4:cc:55:98:07:1b:b8:5a:af:a4:
36:b4:ee:ef:4b:b6:1c:5e:55:cd:fd:30:4f:24:6f:
2b:8d:4d:32:28:0b:95:24:a1:e0:1e:16:27:42:a8:
38:c4:06:e1:6d:33:9f:c4:39:86:b7:dd:d6:c6:ba:
1f:eb:96:8a:86:a0:14:58:ca:66:5a:16:0c:d2:df:
d7:e2:23:2e:fe:b9:27:fd:2a:8e:07:5a:96:bf:54:
54:ef:d4:c2:c2:9d:3a:e3:07:92:de:9f:94:62:b9:
21:0b:c6:38:66:e8:ef:94:4e:c5:0a:5a:3a:90:69:
39:f8:ee:ec:a5:95:83:a0:bb:58:99:44:38:77:cb:
41:3f:e9:40:bb:99:32:65:48:f0:53:46:43:03:ad:
f5:a3:36:30:04:23:41:ed:73:f6:73:ca:05:c4:13:
8c:14:1d:cb:1e:e7:06:6d:95:18:b7:c5:47:d7:a3:
b8:20:b9:1f:96:6c:4b:59:9a:d5:4e:da:34:cf:0d:
98:43:82:db:a5:cf:32:f0:70:1c:fc:f1:5a:bb:a8:
fb:c7:80:a5:cd:e6:e6:c8:68:7f:13:e8:e5:8f:2a:
de:15:3d:27:91:71:3c:8a:e8:ec:8f:c5:e5:3b:3e:
4d:58:90:29:67:8c:52:1c:a4:92:e3:f8:fc:11:30:
10:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:36:F2:C8:CB:00:93:D5:A6:F2:09:78:AD:F4:BE:1D:21:2F:48:15
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3133332e302f32342d3234203d3e203633313939.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.58.133.0/24
Signature Algorithm: sha256WithRSAEncryption
87:45:2b:7b:8f:96:6d:c7:da:db:01:ba:cb:d5:78:d3:98:7b:
f9:1e:e8:01:ff:8e:3d:2f:82:bf:fd:31:48:31:14:93:3e:18:
a1:92:3a:ae:c9:5b:4a:f3:32:d7:09:ba:ab:51:d5:db:e9:64:
fd:63:1f:0e:52:07:ce:1f:a7:cc:cf:d6:8a:cc:81:99:9f:35:
d6:d4:92:61:9b:e5:57:d2:22:ce:ec:e2:39:8d:db:55:2d:73:
76:9c:49:39:a9:55:1d:96:d4:f3:ca:f9:83:9a:f7:6b:dc:bb:
20:e1:0c:18:a0:36:4c:34:c8:56:5e:61:e9:b0:2e:5a:c7:2b:
49:b8:d0:b9:25:dd:1a:61:a4:9e:f6:cd:41:12:ff:c3:80:aa:
7e:8a:1b:49:38:b7:af:75:cc:dc:1a:4e:dc:0f:ab:9d:7f:c0:
df:86:a4:46:ea:73:b8:7e:fa:0a:10:86:b7:c3:f5:13:3d:87:
bb:5a:b4:55:6f:29:7f:c0:1e:4e:2e:68:7d:02:0a:6a:6a:03:
2d:82:88:dc:4a:e9:e8:62:f0:65:8e:30:a4:e2:96:4d:c0:b3:
5e:1c:8b:e7:7e:11:d3:aa:f2:73:b5:ef:5a:93:ff:9a:7a:e6:
88:0a:10:a5:47:47:ea:2b:6c:bc:a0:43:32:6f:87:50:8b:a4:
ce:f1:47:ce
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUNIkbKFK+clIAc7aHDSUE9iqsOmwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjAzMzAwODQ3NDlaFw0yNzAzMjkwODUyNDlaMDMxMTAvBgNV
BAMTKDc3MzZGMkM4Q0IwMDkzRDVBNkYyMDk3OEFERjRCRTFEMjEyRjQ4MTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDhJBqxMxVmAcbuFqvpDa07u9L
thxeVc39ME8kbyuNTTIoC5UkoeAeFidCqDjEBuFtM5/EOYa33dbGuh/rloqGoBRY
ymZaFgzS39fiIy7+uSf9Ko4HWpa/VFTv1MLCnTrjB5Len5RiuSELxjhm6O+UTsUK
WjqQaTn47uyllYOgu1iZRDh3y0E/6UC7mTJlSPBTRkMDrfWjNjAEI0Htc/ZzygXE
E4wUHcse5wZtlRi3xUfXo7gguR+WbEtZmtVO2jTPDZhDgtulzzLwcBz88Vq7qPvH
gKXN5ubIaH8T6OWPKt4VPSeRcTyK6OyPxeU7Pk1YkClnjFIcpJLj+PwRMBAJAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUdzbyyMsAk9Wm8gl4rfS+HSEvSBUwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzOTM1MmUzNTM4MmUzMTMz
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMzMzEzOTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wzqFMA0GCSqGSIb3DQEBCwUAA4IBAQCHRSt7j5Ztx9rbAbrL1XjTmHv5HugB/449
L4K//TFIMRSTPhihkjquyVtK8zLXCbqrUdXb6WT9Yx8OUgfOH6fMz9aKzIGZnzXW
1JJhm+VX0iLO7OI5jdtVLXN2nEk5qVUdltTzyvmDmvdr3Lsg4QwYoDZMNMhWXmHp
sC5axytJuNC5Jd0aYaSe9s1BEv/DgKp+ihtJOLevdczcGk7cD6udf8DfhqRG6nO4
fvoKEIa3w/UTPYe7WrRVbyl/wB5OLmh9AgpqagMtgojcSunoYvBljjCk4pZNwLNe
HIvnfhHTqvJzte9ak/+aeuaIChClR0fqK2y8oEMyb4dQi6TO8UfO
-----END CERTIFICATE-----
Generated at Fri Apr 17 21:00:49 2026 by rpki-client