Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3133352e302f32342d3234203d3e20323135323837.roa
File: 3139352e35382e3133352e302f32342d3234203d3e20323135323837.roa (raw, json)
Hash identifier: WEIw8tEqPeSIv4ys/kfoII72m1dxMCVCudvn4Qp96qU=
Subject key identifier: 5F:96:B8:27:26:66:BB:30:0C:87:34:DA:55:B4:D8:8D:DE:CF:6F:BF
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 3D1749B493E87F800C80040612AD66FFC5951E9C
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3133352e302f32342d3234203d3e20323135323837.roa
Signing time: Sun 29 Mar 2026 20:08:07 +0000
ROA not before: Sun 29 Mar 2026 20:03:07 +0000
ROA not after: Sun 28 Mar 2027 20:08:07 +0000
asID: 215287
IP address blocks: 195.58.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:17:49:b4:93:e8:7f:80:0c:80:04:06:12:ad:66:ff:c5:95:1e:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Mar 29 20:03:07 2026 GMT
Not After : Mar 28 20:08:07 2027 GMT
Subject: CN=5F96B8272666BB300C8734DA55B4D88DDECF6FBF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:07:8b:bb:52:db:0d:87:07:15:ec:ba:f6:cc:
39:2d:01:56:67:d6:6e:1c:89:f4:29:e8:5d:44:74:
54:c0:87:f8:b0:e3:0d:71:68:05:29:61:fb:4c:26:
08:f2:05:53:a7:96:32:16:a0:74:63:cb:00:a9:d9:
39:b2:9f:06:b3:a2:36:7f:26:74:50:8e:e1:07:b4:
65:05:1b:f7:83:31:72:63:ca:27:6a:5a:10:b6:84:
06:9c:8d:03:47:e2:92:e0:71:df:f3:89:c8:2c:18:
6d:37:94:8a:35:ca:4d:08:51:53:e8:5d:fc:51:05:
e4:7d:44:f6:7b:3b:5b:a4:16:5f:da:92:30:d2:9f:
87:7d:a7:46:83:27:91:ef:49:db:42:39:5b:5c:0d:
71:dd:d2:5c:8a:0f:a4:cb:91:86:93:88:cd:fb:5a:
9a:94:aa:49:14:e9:b0:10:62:e9:df:3b:45:3d:79:
e7:4e:e8:53:f2:b7:af:e9:d5:b9:52:2d:0c:c5:32:
5c:a5:e5:06:c4:2c:a6:7b:77:a4:24:26:87:ae:f4:
5a:49:fa:e6:2a:56:a4:60:0b:6d:dc:25:b3:0e:4e:
e5:eb:30:29:84:66:ce:a1:c8:8c:24:ee:65:06:4d:
f0:79:4a:e4:32:34:d3:f0:86:fc:f3:ac:23:ad:56:
02:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:96:B8:27:26:66:BB:30:0C:87:34:DA:55:B4:D8:8D:DE:CF:6F:BF
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3133352e302f32342d3234203d3e20323135323837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.58.135.0/24
Signature Algorithm: sha256WithRSAEncryption
62:6c:ba:84:f3:b6:14:28:2c:20:04:59:2f:13:4f:8a:c0:17:
be:e0:de:ba:8c:ff:ec:b2:7b:fd:3b:5d:e9:f6:b0:ba:f1:82:
64:05:f6:26:24:3c:f7:ee:61:3a:e4:9b:f3:da:fb:6d:e3:73:
e0:af:7d:e0:ec:53:46:a5:de:b8:18:74:01:a9:14:49:dc:74:
05:16:d0:68:06:72:ad:97:35:73:28:aa:fb:40:5d:91:ad:48:
72:ee:e4:d3:e6:b8:3d:40:39:b8:54:13:f0:91:ec:be:2f:4e:
79:f8:79:68:44:ba:a7:70:76:84:85:57:4d:8c:85:ad:23:16:
3b:4e:35:1a:53:d8:6d:b9:98:13:ec:0c:a1:da:11:1a:6d:d9:
31:33:80:ec:41:12:eb:3d:47:bc:a3:1c:91:48:3a:88:c0:a4:
6b:3d:44:de:3b:f9:b0:4f:c6:17:58:af:5f:d9:3d:cd:cd:fb:
fd:b5:5e:85:37:06:e9:bc:6f:ad:6d:a2:2c:61:26:e6:cd:6e:
7e:63:a4:d2:ce:72:13:28:d1:7e:95:c9:11:34:2d:7f:4b:46:
67:6c:0d:54:96:9a:00:a0:29:65:d8:99:ee:85:c7:f7:12:6a:
30:a8:a8:86:9a:2c:e1:13:15:6c:9d:18:ad:6a:33:70:2e:02:
5c:de:07:dc
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUPRdJtJPof4AMgAQGEq1m/8WVHpwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjAzMjkyMDAzMDdaFw0yNzAzMjgyMDA4MDdaMDMxMTAvBgNV
BAMTKDVGOTZCODI3MjY2NkJCMzAwQzg3MzREQTU1QjREODhEREVDRjZGQkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUB4u7UtsNhwcV7Lr2zDktAVZn
1m4cifQp6F1EdFTAh/iw4w1xaAUpYftMJgjyBVOnljIWoHRjywCp2TmynwazojZ/
JnRQjuEHtGUFG/eDMXJjyidqWhC2hAacjQNH4pLgcd/zicgsGG03lIo1yk0IUVPo
XfxRBeR9RPZ7O1ukFl/akjDSn4d9p0aDJ5HvSdtCOVtcDXHd0lyKD6TLkYaTiM37
WpqUqkkU6bAQYunfO0U9eedO6FPyt6/p1blSLQzFMlyl5QbELKZ7d6QkJoeu9FpJ
+uYqVqRgC23cJbMOTuXrMCmEZs6hyIwk7mUGTfB5SuQyNNPwhvzzrCOtVgILAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUX5a4JyZmuzAMhzTaVbTYjd7Pb78wHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzOTM1MmUzNTM4MmUzMTMz
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzUzMjM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADDOocwDQYJKoZIhvcNAQELBQADggEBAGJsuoTzthQoLCAEWS8TT4rAF77g3rqM
/+yye/07Xen2sLrxgmQF9iYkPPfuYTrkm/Pa+23jc+CvfeDsU0al3rgYdAGpFEnc
dAUW0GgGcq2XNXMoqvtAXZGtSHLu5NPmuD1AObhUE/CR7L4vTnn4eWhEuqdwdoSF
V02Mha0jFjtONRpT2G25mBPsDKHaERpt2TEzgOxBEus9R7yjHJFIOojApGs9RN47
+bBPxhdYr1/ZPc3N+/21XoU3Bum8b61toixhJubNbn5jpNLOchMo0X6VyRE0LX9L
RmdsDVSWmgCgKWXYme6Fx/cSajCoqIaaLOETFWydGK1qM3AuAlzeB9w=
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:18:14 2026 by rpki-client