Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3134362e302f32342d3234203d3e20343032313836.roa
File: 3139352e35382e3134362e302f32342d3234203d3e20343032313836.roa (raw, json)
Hash identifier: ORRSzvs2QEdncOPZuD+oGmv+utaq99nlS9NDrNT0GCE=
Subject key identifier: 7A:6A:CF:0C:9E:51:EA:A1:8F:B2:7A:C8:03:EE:54:9B:5A:5F:F7:58
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 68E1FE47FDEE386A5D089269F553BB31FB0018DC
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3134362e302f32342d3234203d3e20343032313836.roa
Signing time: Mon 02 Mar 2026 03:32:03 +0000
ROA not before: Mon 02 Mar 2026 03:27:03 +0000
ROA not after: Mon 01 Mar 2027 03:32:03 +0000
asID: 402186
IP address blocks: 195.58.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:e1:fe:47:fd:ee:38:6a:5d:08:92:69:f5:53:bb:31:fb:00:18:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Mar 2 03:27:03 2026 GMT
Not After : Mar 1 03:32:03 2027 GMT
Subject: CN=7A6ACF0C9E51EAA18FB27AC803EE549B5A5FF758
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:8d:b3:35:4a:e3:58:ef:b3:b6:1e:ab:ec:05:
6e:ce:6f:f3:2c:62:1c:57:43:73:cf:92:f2:54:31:
e6:57:8c:d0:fc:0b:d6:d2:f7:23:dd:80:55:cc:63:
b8:b7:08:cf:00:14:7c:be:11:ad:5b:78:b8:68:77:
a0:2e:2f:22:da:6b:7a:f3:0e:ac:55:1d:da:72:d3:
f9:07:8e:03:b6:72:43:75:58:c9:be:31:a3:62:4a:
50:cf:87:e3:22:4b:17:88:90:5c:46:28:e6:87:8d:
f6:6c:a2:13:36:18:8b:98:7b:89:9c:c3:e8:24:3d:
09:88:07:b6:5e:02:06:bf:79:49:01:33:bd:45:53:
6b:67:13:5f:75:89:2d:1e:be:46:09:8d:c8:f8:75:
a4:db:b4:c7:5f:81:da:2f:f5:cd:ab:b2:e6:65:ae:
22:37:2a:b2:82:e9:76:80:22:a4:c8:bd:37:3c:1f:
33:6f:32:ae:bb:d4:81:d6:6c:03:2e:44:b0:5b:ce:
c3:3d:aa:03:61:e2:6b:48:2f:ab:69:29:b6:db:fd:
4a:87:55:17:85:ff:47:18:4a:1a:46:62:ab:27:4a:
bd:b5:c2:d7:86:3d:7e:83:b4:5c:6f:81:8a:1c:8f:
30:46:a5:ae:90:eb:d3:59:03:11:71:f5:c6:c8:c5:
bc:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:6A:CF:0C:9E:51:EA:A1:8F:B2:7A:C8:03:EE:54:9B:5A:5F:F7:58
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3134362e302f32342d3234203d3e20343032313836.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.58.146.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:63:fe:dc:fa:09:5e:08:a3:21:fa:ce:9b:b0:21:39:c8:38:
3c:ac:78:65:d5:9f:61:74:96:13:24:a8:fc:d9:1d:cb:70:e9:
16:65:e9:c4:be:c0:11:7b:ee:52:f6:33:d1:56:bc:7d:e2:74:
5f:c4:1a:84:b7:ae:5c:44:c6:5e:e5:f9:bb:ed:57:1c:3e:8a:
85:79:b1:6c:86:1d:c0:00:6f:11:31:f2:0a:21:55:28:3c:62:
e9:ad:cd:84:30:36:a9:62:8a:38:a4:cc:6b:a4:e2:0a:2d:78:
b0:c3:79:e9:e9:a5:2a:f5:03:d1:ad:04:49:3a:ec:d3:ec:31:
15:52:62:18:ae:b6:2b:12:ca:58:da:4b:33:9e:60:05:05:19:
ec:a3:c0:38:e1:72:28:89:8c:c6:2b:07:be:7a:84:72:4c:d2:
37:10:05:67:27:ff:98:14:59:b2:eb:a2:54:ab:19:00:03:5b:
c2:9d:c5:93:4f:f3:65:01:6f:45:32:b9:9f:be:e9:a0:86:d4:
60:ac:e5:fa:dc:6e:d8:d4:96:b7:b3:f8:b5:fa:12:21:ae:1c:
86:bd:c0:4e:2f:54:d9:9c:93:bd:3c:a6:e2:6a:d4:61:fa:64:
30:59:fe:e9:e8:5d:9a:e2:02:97:7f:89:ef:52:91:df:ca:bb:
c1:57:3a:02
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUaOH+R/3uOGpdCJJp9VO7MfsAGNwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjAzMDIwMzI3MDNaFw0yNzAzMDEwMzMyMDNaMDMxMTAvBgNV
BAMTKDdBNkFDRjBDOUU1MUVBQTE4RkIyN0FDODAzRUU1NDlCNUE1RkY3NTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPjbM1SuNY77O2HqvsBW7Ob/Ms
YhxXQ3PPkvJUMeZXjND8C9bS9yPdgFXMY7i3CM8AFHy+Ea1beLhod6AuLyLaa3rz
DqxVHdpy0/kHjgO2ckN1WMm+MaNiSlDPh+MiSxeIkFxGKOaHjfZsohM2GIuYe4mc
w+gkPQmIB7ZeAga/eUkBM71FU2tnE191iS0evkYJjcj4daTbtMdfgdov9c2rsuZl
riI3KrKC6XaAIqTIvTc8HzNvMq671IHWbAMuRLBbzsM9qgNh4mtIL6tpKbbb/UqH
VReF/0cYShpGYqsnSr21wteGPX6DtFxvgYocjzBGpa6Q69NZAxFx9cbIxbydAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUemrPDJ5R6qGPsnrIA+5Um1pf91gwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzOTM1MmUzNTM4MmUzMTM0
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMwMzIzMTM4MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADDOpIwDQYJKoZIhvcNAQELBQADggEBAKJj/tz6CV4IoyH6zpuwITnIODyseGXV
n2F0lhMkqPzZHctw6RZl6cS+wBF77lL2M9FWvH3idF/EGoS3rlxExl7l+bvtVxw+
ioV5sWyGHcAAbxEx8gohVSg8YumtzYQwNqliijikzGuk4goteLDDeenppSr1A9Gt
BEk67NPsMRVSYhiutisSyljaSzOeYAUFGeyjwDjhciiJjMYrB756hHJM0jcQBWcn
/5gUWbLrolSrGQADW8KdxZNP82UBb0UyuZ++6aCG1GCs5frcbtjUlrez+LX6EiGu
HIa9wE4vVNmck708puJq1GH6ZDBZ/unoXZriApd/ie9Skd/Ku8FXOgI=
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:27:51 2026 by rpki-client