Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3133352e302f32342d3234203d3e20313334393236.roa
File: 3139352e35382e3133352e302f32342d3234203d3e20313334393236.roa (raw, json)
Hash identifier: 7goRpuqfu77cYrWjR7VxdAHyz8oxgrqdPC/Ge3V0y+I=
Subject key identifier: 2F:90:80:4C:D1:13:55:09:5D:F3:B7:BA:14:B0:7C:28:D5:66:81:11
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 7F7F9A2FFD5CDA8717173353BAFC56D97FA771AA
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3133352e302f32342d3234203d3e20313334393236.roa
Signing time: Mon 01 Jun 2026 13:04:37 +0000
ROA not before: Mon 01 Jun 2026 12:59:37 +0000
ROA not after: Mon 31 May 2027 13:04:37 +0000
asID: 134926
IP address blocks: 195.58.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 16:37:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:7f:9a:2f:fd:5c:da:87:17:17:33:53:ba:fc:56:d9:7f:a7:71:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Jun 1 12:59:37 2026 GMT
Not After : May 31 13:04:37 2027 GMT
Subject: CN=2F90804CD11355095DF3B7BA14B07C28D5668111
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:7f:30:0a:96:cd:6e:fc:5a:37:f0:8b:b9:0a:
06:cf:20:b9:78:66:d3:64:c0:50:4a:9e:a5:22:17:
56:e7:ac:28:b6:ab:45:6e:a0:7a:37:45:80:e8:dd:
b9:08:52:18:16:f8:56:df:03:20:ce:95:03:9b:aa:
fa:b8:85:c0:7f:24:f7:dd:14:6f:ce:5e:01:4a:51:
30:d9:23:6a:f4:3c:51:0f:6f:70:e1:9a:4b:45:91:
15:55:ff:f1:00:b9:9a:7b:2b:02:3d:ae:70:63:37:
dc:19:0e:59:4b:00:ca:bf:f4:5b:ce:71:37:7f:5e:
94:26:91:74:78:5a:a3:61:66:49:d2:42:b4:c9:05:
84:e5:b9:27:ad:f0:11:5d:6f:0b:dd:80:67:db:cc:
18:fd:d3:28:d7:bd:45:bb:1f:97:6b:5d:df:17:02:
1e:7d:2a:5f:ee:a7:7c:6a:3f:69:8a:65:4f:fb:73:
3c:c4:a6:b2:6a:b2:65:df:19:ae:85:da:a3:5d:3a:
6e:89:78:e0:56:64:e9:4c:49:82:28:e3:59:bc:7a:
08:17:40:62:3e:e6:a2:cf:14:6d:96:10:dc:79:f8:
e0:63:71:e9:4b:4a:d3:2c:76:83:11:54:ce:1d:46:
c6:94:16:2f:21:18:4c:aa:e5:82:f0:79:10:67:db:
fc:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:90:80:4C:D1:13:55:09:5D:F3:B7:BA:14:B0:7C:28:D5:66:81:11
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3133352e302f32342d3234203d3e20313334393236.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.58.135.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:9d:cc:ed:a8:3f:6e:3f:6c:e1:4b:a2:e6:ae:2b:0e:57:95:
26:60:1a:d8:cb:53:20:4b:9c:d5:23:cb:85:08:0e:5d:95:a3:
97:f0:c7:0b:2f:73:ce:4b:4c:59:77:fe:1f:30:e7:1f:dc:76:
c2:bd:bc:70:6a:40:10:53:ae:94:35:51:86:5c:aa:b0:8e:b5:
e2:35:53:43:ac:48:90:59:21:e7:93:89:e9:b6:39:9e:07:1e:
c7:17:45:09:bd:64:4a:31:c6:b1:32:40:12:83:bf:bb:17:b5:
6d:8f:31:4a:dd:cc:be:79:62:6c:12:57:91:a2:f0:3f:a8:65:
fc:c1:a7:bc:77:fc:03:41:9a:45:5b:43:df:b3:f3:dc:db:18:
63:ec:33:53:8d:1c:1c:f5:6f:03:e8:d2:df:b4:7d:c8:b7:59:
29:92:6e:ae:56:3b:38:30:0a:40:91:24:df:c9:f3:2f:19:e6:
5d:47:1c:f3:db:5b:0c:b3:21:ad:af:fc:70:85:5b:6f:27:39:
ed:aa:f4:6e:7c:c3:d8:11:b1:ca:97:c1:03:96:d0:68:33:06:
8d:c0:b9:5c:b4:30:68:c3:2b:52:9f:9f:99:f4:f7:d6:70:83:
08:2f:d1:91:b2:68:65:51:00:08:11:f4:60:30:7a:7b:c3:16:
d7:57:f0:2a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUf3+aL/1c2ocXFzNTuvxW2X+ncaowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjA2MDExMjU5MzdaFw0yNzA1MzExMzA0MzdaMDMxMTAvBgNV
BAMTKDJGOTA4MDRDRDExMzU1MDk1REYzQjdCQTE0QjA3QzI4RDU2NjgxMTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1fzAKls1u/Fo38Iu5CgbPILl4
ZtNkwFBKnqUiF1bnrCi2q0VuoHo3RYDo3bkIUhgW+FbfAyDOlQObqvq4hcB/JPfd
FG/OXgFKUTDZI2r0PFEPb3DhmktFkRVV//EAuZp7KwI9rnBjN9wZDllLAMq/9FvO
cTd/XpQmkXR4WqNhZknSQrTJBYTluSet8BFdbwvdgGfbzBj90yjXvUW7H5drXd8X
Ah59Kl/up3xqP2mKZU/7czzEprJqsmXfGa6F2qNdOm6JeOBWZOlMSYIo41m8eggX
QGI+5qLPFG2WENx5+OBjcelLStMsdoMRVM4dRsaUFi8hGEyq5YLweRBn2/wFAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUL5CATNETVQld87e6FLB8KNVmgREwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzOTM1MmUzNTM4MmUzMTMz
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzQzOTMyMzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADDOocwDQYJKoZIhvcNAQELBQADggEBAAudzO2oP24/bOFLouauKw5XlSZgGtjL
UyBLnNUjy4UIDl2Vo5fwxwsvc85LTFl3/h8w5x/cdsK9vHBqQBBTrpQ1UYZcqrCO
teI1U0OsSJBZIeeTiem2OZ4HHscXRQm9ZEoxxrEyQBKDv7sXtW2PMUrdzL55YmwS
V5Gi8D+oZfzBp7x3/ANBmkVbQ9+z89zbGGPsM1ONHBz1bwPo0t+0fci3WSmSbq5W
OzgwCkCRJN/J8y8Z5l1HHPPbWwyzIa2v/HCFW28nOe2q9G58w9gRscqXwQOW0Ggz
Bo3AuVy0MGjDK1Kfn5n099Zwgwgv0ZGyaGVRAAgR9GAwenvDFtdX8Co=
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:53:59 2026 by rpki-client