Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3133342e302f32342d3234203d3e20323033373538.roa
File: 3139352e35382e3133342e302f32342d3234203d3e20323033373538.roa (raw, json)
Hash identifier: cF8g+YnTuUZTSmpqY8eYqJJ8ewBqfSd6TlufY6uCyow=
Subject key identifier: 49:06:3E:6A:DC:E6:69:E7:EA:03:AA:5F:4A:68:C8:C2:35:5C:D1:0F
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 0A578CBA45F8C7E78B8A4A37F80FF0BD268E478A
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3133342e302f32342d3234203d3e20323033373538.roa
Signing time: Sat 28 Mar 2026 15:34:03 +0000
ROA not before: Sat 28 Mar 2026 15:29:03 +0000
ROA not after: Sat 27 Mar 2027 15:34:03 +0000
asID: 203758
IP address blocks: 195.58.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:57:8c:ba:45:f8:c7:e7:8b:8a:4a:37:f8:0f:f0:bd:26:8e:47:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Mar 28 15:29:03 2026 GMT
Not After : Mar 27 15:34:03 2027 GMT
Subject: CN=49063E6ADCE669E7EA03AA5F4A68C8C2355CD10F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:0f:e3:c6:47:10:f3:be:39:54:6f:10:fd:4b:
81:1f:a5:79:d0:bb:28:77:16:3b:ac:75:04:c7:7d:
5a:16:f9:e5:6b:f1:61:78:c0:28:90:7e:08:bd:0a:
c4:13:be:3b:2b:bc:a8:80:83:ca:12:e6:79:b3:cc:
9b:5b:16:92:13:ef:07:b8:7a:8d:a8:60:46:3a:2e:
04:68:e6:08:3a:fc:e3:4f:9f:ff:5c:87:91:a0:c4:
03:14:ac:85:1f:b9:47:c4:f0:00:43:50:1b:20:b5:
22:ca:7b:33:4f:f8:3b:c4:7b:c3:c7:55:10:31:53:
b6:a0:fb:26:8e:39:83:c0:cc:1d:8d:18:6d:e5:04:
7f:95:cf:f6:6a:8f:24:37:b3:7e:59:b5:c9:ab:76:
d0:8e:de:35:16:6d:4d:37:4a:b0:cc:70:61:f9:ca:
79:de:42:20:38:a6:40:43:21:a7:55:e2:b2:56:14:
f7:9b:93:50:5f:a6:8f:ba:09:f8:ce:1a:8c:c4:25:
6c:67:6c:c8:45:09:d1:c3:6b:11:a6:de:44:0e:c2:
6e:88:65:94:51:13:d6:e8:45:ca:bb:dd:98:e9:3d:
e3:39:d8:38:04:aa:44:55:91:2b:b2:97:6c:1b:66:
18:4a:e6:56:e5:70:c9:46:e5:f2:c0:b9:7b:2d:2a:
fe:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:06:3E:6A:DC:E6:69:E7:EA:03:AA:5F:4A:68:C8:C2:35:5C:D1:0F
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3133342e302f32342d3234203d3e20323033373538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.58.134.0/24
Signature Algorithm: sha256WithRSAEncryption
44:34:7d:60:de:82:d0:ef:a9:67:2c:ed:5a:96:28:62:84:20:
be:71:d1:7c:77:53:5e:a4:dc:41:ed:47:72:40:e1:c5:7b:ba:
40:e9:ec:f7:ac:d3:45:90:3c:0e:88:3d:f3:64:67:3b:bc:45:
29:3a:90:ad:b0:44:56:f4:57:26:09:24:51:2b:f5:48:44:03:
ca:a6:f0:f6:ea:a1:4b:e4:33:59:cb:0b:1c:ce:9f:6f:06:c2:
74:0f:24:ca:5f:e2:54:ad:16:8d:6c:06:61:da:b5:1c:7a:17:
f7:62:6e:b3:0e:c7:f6:5d:eb:73:6d:45:8a:22:c0:d7:6f:3b:
6d:47:cc:a1:94:98:15:2b:e2:2f:c7:a2:66:6e:1f:3e:4c:a3:
19:d1:2f:62:21:7c:88:b5:6b:de:00:95:3e:35:8a:ce:a8:c4:
29:88:33:f9:f6:f1:3a:0f:4c:46:e1:18:d6:b2:84:10:5d:7d:
ed:aa:c1:db:05:e3:bc:48:d8:17:cd:23:4b:61:0c:45:d0:86:
af:a7:94:56:9d:46:41:ec:ba:15:e4:76:e7:0b:cd:e7:fc:2d:
20:53:07:7c:c7:41:42:af:a4:de:a1:75:b3:ae:80:9b:a1:17:
bb:5a:ab:b8:3d:c4:af:8e:e1:ac:b9:21:80:ae:90:dc:9c:fe:
14:55:27:69
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUCleMukX4x+eLiko3+A/wvSaOR4owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjAzMjgxNTI5MDNaFw0yNzAzMjcxNTM0MDNaMDMxMTAvBgNV
BAMTKDQ5MDYzRTZBRENFNjY5RTdFQTAzQUE1RjRBNjhDOEMyMzU1Q0QxMEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvD+PGRxDzvjlUbxD9S4EfpXnQ
uyh3FjusdQTHfVoW+eVr8WF4wCiQfgi9CsQTvjsrvKiAg8oS5nmzzJtbFpIT7we4
eo2oYEY6LgRo5gg6/ONPn/9ch5GgxAMUrIUfuUfE8ABDUBsgtSLKezNP+DvEe8PH
VRAxU7ag+yaOOYPAzB2NGG3lBH+Vz/ZqjyQ3s35ZtcmrdtCO3jUWbU03SrDMcGH5
ynneQiA4pkBDIadV4rJWFPebk1Bfpo+6CfjOGozEJWxnbMhFCdHDaxGm3kQOwm6I
ZZRRE9boRcq73ZjpPeM52DgEqkRVkSuyl2wbZhhK5lblcMlG5fLAuXstKv4rAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUSQY+atzmaefqA6pfSmjIwjVc0Q8wHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzOTM1MmUzNTM4MmUzMTMz
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzMzNzM1Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADDOoYwDQYJKoZIhvcNAQELBQADggEBAEQ0fWDegtDvqWcs7VqWKGKEIL5x0Xx3
U16k3EHtR3JA4cV7ukDp7Pes00WQPA6IPfNkZzu8RSk6kK2wRFb0VyYJJFEr9UhE
A8qm8PbqoUvkM1nLCxzOn28GwnQPJMpf4lStFo1sBmHatRx6F/dibrMOx/Zd63Nt
RYoiwNdvO21HzKGUmBUr4i/HomZuHz5MoxnRL2IhfIi1a94AlT41is6oxCmIM/n2
8ToPTEbhGNayhBBdfe2qwdsF47xI2BfNI0thDEXQhq+nlFadRkHsuhXkducLzef8
LSBTB3zHQUKvpN6hdbOugJuhF7taq7g9xK+O4ay5IYCukNyc/hRVJ2k=
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:28:33 2026 by rpki-client