Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3134342e302f32342d3234203d3e20323135383835.roa
File: 3139352e35382e3134342e302f32342d3234203d3e20323135383835.roa (raw, json)
Hash identifier: 1G+IIhvRZQTbPBEhWzqB7uY1cQBNqsyaA/ZuiNzrlZc=
Subject key identifier: D0:D4:A1:98:4F:1E:A2:F7:DD:E9:6D:2E:CD:61:20:15:32:58:D9:2B
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 2F7C9EE40B83D543E64072DE8E9EF2AD2308F442
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3134342e302f32342d3234203d3e20323135383835.roa
Signing time: Tue 07 Apr 2026 16:38:49 +0000
ROA not before: Tue 07 Apr 2026 16:33:49 +0000
ROA not after: Tue 06 Apr 2027 16:38:49 +0000
asID: 215885
IP address blocks: 195.58.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:7c:9e:e4:0b:83:d5:43:e6:40:72:de:8e:9e:f2:ad:23:08:f4:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Apr 7 16:33:49 2026 GMT
Not After : Apr 6 16:38:49 2027 GMT
Subject: CN=D0D4A1984F1EA2F7DDE96D2ECD6120153258D92B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:d8:36:07:3e:87:02:8a:a7:07:80:2a:da:30:
ef:35:00:22:21:a8:51:5a:69:43:28:93:94:3c:77:
cc:03:08:b1:63:18:7b:38:f5:64:90:f8:c2:95:69:
80:44:aa:45:b3:10:a8:e7:54:1e:45:68:29:00:56:
72:2c:32:23:ec:03:ce:f2:ce:32:9b:b4:e8:5a:3a:
8b:80:d3:bd:91:0e:45:c5:f6:f0:6e:0e:07:11:42:
23:67:eb:30:78:87:8c:a6:f8:df:02:f3:ce:d8:a4:
63:27:e9:15:67:af:40:93:41:90:01:a5:11:47:bd:
c6:cf:66:4f:a9:40:fe:d4:9f:98:9b:5f:32:85:a9:
64:3b:ff:2e:09:06:7c:95:82:c2:95:17:31:81:62:
79:16:07:ad:58:88:fe:74:8c:06:37:6d:21:0a:6a:
b8:2d:06:a3:92:7b:52:7b:93:7c:de:68:bd:17:e6:
5c:2f:73:2e:15:25:d6:a2:30:40:a3:e1:2b:88:99:
f9:92:29:d1:43:f2:39:9a:ec:6b:18:8e:c0:b0:88:
33:19:e6:d6:c1:60:7e:be:c4:2e:78:34:3b:0e:96:
0b:aa:33:00:36:06:b8:4d:95:70:bf:c9:84:0b:32:
67:57:6e:e4:0b:ce:4c:19:ad:66:25:d6:bb:24:d4:
6a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:D4:A1:98:4F:1E:A2:F7:DD:E9:6D:2E:CD:61:20:15:32:58:D9:2B
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3134342e302f32342d3234203d3e20323135383835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.58.144.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:38:df:ba:77:dc:de:44:00:90:8c:12:f7:56:4f:66:bc:d1:
82:92:aa:fd:97:fd:20:47:99:74:fd:3c:0c:14:8a:6a:5b:6e:
f5:4e:6f:39:a7:70:53:fa:39:4d:c3:9f:27:fc:4c:1a:25:50:
ac:cd:2e:77:1e:23:a2:8a:38:30:30:00:3c:9a:71:b9:04:f6:
5f:e8:c6:76:6e:ba:bc:4f:a0:ea:b5:cf:27:65:ed:5e:12:10:
8c:47:42:02:67:77:df:ac:a5:08:57:f9:b3:1d:a2:cd:09:3d:
34:e1:14:36:e6:0b:a9:16:5f:bb:67:e9:34:46:6f:5f:2e:e2:
f6:54:27:f7:d9:0c:a5:03:8f:0e:c9:4b:da:2e:ef:95:c2:1a:
c5:df:d4:1b:9c:be:c8:2a:ed:88:d5:8e:ba:fa:ff:e7:a0:6e:
f7:fc:89:aa:87:8b:71:27:7e:bc:d5:22:34:d6:40:8b:1c:8c:
c1:43:67:bd:f5:29:8c:78:b4:80:ed:bb:64:72:cf:0c:0f:cc:
80:ac:0c:ae:d6:5d:ad:8a:52:c5:fe:b6:29:3a:89:b9:e6:fa:
44:94:ae:1b:53:b0:fd:03:a6:f3:7f:e0:2b:ec:cb:6b:3c:d1:
0c:87:ad:b7:8f:48:fa:ec:88:33:54:96:39:b8:c6:39:fd:91:
6d:69:be:68
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUL3ye5AuD1UPmQHLejp7yrSMI9EIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjA0MDcxNjMzNDlaFw0yNzA0MDYxNjM4NDlaMDMxMTAvBgNV
BAMTKEQwRDRBMTk4NEYxRUEyRjdEREU5NkQyRUNENjEyMDE1MzI1OEQ5MkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ2DYHPocCiqcHgCraMO81ACIh
qFFaaUMok5Q8d8wDCLFjGHs49WSQ+MKVaYBEqkWzEKjnVB5FaCkAVnIsMiPsA87y
zjKbtOhaOouA072RDkXF9vBuDgcRQiNn6zB4h4ym+N8C887YpGMn6RVnr0CTQZAB
pRFHvcbPZk+pQP7Un5ibXzKFqWQ7/y4JBnyVgsKVFzGBYnkWB61YiP50jAY3bSEK
argtBqOSe1J7k3zeaL0X5lwvcy4VJdaiMECj4SuImfmSKdFD8jma7GsYjsCwiDMZ
5tbBYH6+xC54NDsOlguqMwA2BrhNlXC/yYQLMmdXbuQLzkwZrWYl1rsk1GqJAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU0NShmE8eovfd6W0uzWEgFTJY2SswHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzOTM1MmUzNTM4MmUzMTM0
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzUzODM4MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADDOpAwDQYJKoZIhvcNAQELBQADggEBAF4437p33N5EAJCMEvdWT2a80YKSqv2X
/SBHmXT9PAwUimpbbvVObzmncFP6OU3Dnyf8TBolUKzNLnceI6KKODAwADyacbkE
9l/oxnZuurxPoOq1zydl7V4SEIxHQgJnd9+spQhX+bMdos0JPTThFDbmC6kWX7tn
6TRGb18u4vZUJ/fZDKUDjw7JS9ou75XCGsXf1Bucvsgq7YjVjrr6/+egbvf8iaqH
i3EnfrzVIjTWQIscjMFDZ731KYx4tIDtu2RyzwwPzICsDK7WXa2KUsX+tik6ibnm
+kSUrhtTsP0DpvN/4Cvsy2s80QyHrbePSPrsiDNUljm4xjn9kW1pvmg=
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:38:30 2026 by rpki-client