Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3134382e302f32342d3234203d3e20323035383430.roa
File: 3139352e35382e3134382e302f32342d3234203d3e20323035383430.roa (raw, json)
Hash identifier: btToNdo4McV+mxna60YYwQUoRVqTrFqeFHcrOLZhmu4=
Subject key identifier: 18:86:E8:08:F9:13:AF:AD:B9:49:7F:51:C2:55:C6:22:A9:47:B5:B1
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 362582BA76CF85091899CBEAD5AD097A77A4518D
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3134382e302f32342d3234203d3e20323035383430.roa
Signing time: Fri 27 Feb 2026 06:50:29 +0000
ROA not before: Fri 27 Feb 2026 06:45:29 +0000
ROA not after: Fri 26 Feb 2027 06:50:29 +0000
asID: 205840
IP address blocks: 195.58.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 11:39:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:25:82:ba:76:cf:85:09:18:99:cb:ea:d5:ad:09:7a:77:a4:51:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Feb 27 06:45:29 2026 GMT
Not After : Feb 26 06:50:29 2027 GMT
Subject: CN=1886E808F913AFADB9497F51C255C622A947B5B1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e5:1f:23:de:44:d7:9d:b1:2e:90:ba:2a:37:
5f:89:0f:08:09:3b:fe:37:fe:99:f0:0d:c0:35:8f:
d0:62:70:e6:43:5b:b3:3e:43:e3:93:54:92:0f:74:
33:a7:6e:e8:bc:c1:7f:df:1b:d5:60:03:88:d4:64:
fb:07:c2:3b:0f:3e:d5:3e:b6:64:7e:7f:63:f2:0b:
09:65:95:76:c2:af:8c:8d:8f:c2:30:a8:ed:d7:91:
7c:6b:be:8c:2f:ac:71:f6:48:c4:fc:50:a9:ac:97:
33:cf:92:9d:cf:10:fb:4b:af:e2:43:f4:ce:0b:4c:
1a:38:7b:40:ff:2a:15:2d:ee:83:b3:8b:9e:39:1a:
05:da:8c:0b:df:84:37:83:f3:43:3f:1a:ba:64:55:
12:4f:06:32:f8:5d:41:56:ca:2a:eb:c8:bc:8f:22:
d9:d5:f0:55:32:6a:82:ed:0e:fd:8e:5d:2f:3a:1e:
08:b4:a3:19:51:60:bd:f5:08:7a:e6:46:b3:fa:b0:
73:01:16:32:cd:89:55:b6:5f:c9:e5:23:70:c4:9b:
fb:a2:7e:b6:f2:95:d6:da:86:d3:dc:9a:93:69:da:
68:37:a3:f0:c8:a1:e6:30:42:ad:72:a7:6a:93:30:
7f:fa:79:2f:0b:83:7c:b0:43:94:c9:9b:de:57:fc:
c7:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:86:E8:08:F9:13:AF:AD:B9:49:7F:51:C2:55:C6:22:A9:47:B5:B1
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3134382e302f32342d3234203d3e20323035383430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.58.148.0/24
Signature Algorithm: sha256WithRSAEncryption
96:85:e7:60:c0:fd:bd:c7:fa:d8:7d:95:66:cb:44:42:ca:73:
ad:a6:73:a3:bb:1d:43:57:06:e5:ec:01:47:c9:90:35:93:f3:
2d:89:5d:b2:7a:9e:89:07:f2:07:49:0d:6f:94:45:4a:04:45:
c4:17:38:42:2e:8f:a7:dc:8c:9f:7c:d0:d7:0f:8b:0a:cd:82:
e8:0a:ed:c2:8d:42:6b:2f:ad:64:25:47:b6:c0:8a:be:da:68:
c1:13:e5:9a:be:20:48:2e:c8:0d:dc:70:92:99:f3:d4:ff:25:
07:9d:cc:63:4a:c2:38:33:fe:70:68:c2:f2:69:b3:b7:aa:92:
74:10:7d:a9:a5:46:41:35:c9:f2:54:e3:cf:9b:69:74:9c:28:
9b:08:81:37:f2:a0:ff:e0:b7:2b:13:93:37:7b:24:0e:16:c1:
ea:43:35:a7:d2:a2:c4:d1:86:28:47:09:f2:34:72:07:a3:2d:
3e:1e:5e:0c:8a:00:10:3e:9d:e9:20:d3:61:a8:18:55:f7:1a:
c2:72:e0:2c:14:78:2d:c4:86:e9:42:87:d8:71:2a:f8:7d:bf:
f1:b7:e5:13:cb:fb:32:d3:a7:8a:bc:14:b8:da:67:83:90:62:
25:66:f4:80:fa:28:63:b6:8d:00:5b:15:8c:4c:d6:b1:b9:24:
7f:ad:ca:dc
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUNiWCunbPhQkYmcvq1a0JenekUY0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjAyMjcwNjQ1MjlaFw0yNzAyMjYwNjUwMjlaMDMxMTAvBgNV
BAMTKDE4ODZFODA4RjkxM0FGQURCOTQ5N0Y1MUMyNTVDNjIyQTk0N0I1QjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC65R8j3kTXnbEukLoqN1+JDwgJ
O/43/pnwDcA1j9BicOZDW7M+Q+OTVJIPdDOnbui8wX/fG9VgA4jUZPsHwjsPPtU+
tmR+f2PyCwlllXbCr4yNj8IwqO3XkXxrvowvrHH2SMT8UKmslzPPkp3PEPtLr+JD
9M4LTBo4e0D/KhUt7oOzi545GgXajAvfhDeD80M/GrpkVRJPBjL4XUFWyirryLyP
ItnV8FUyaoLtDv2OXS86Hgi0oxlRYL31CHrmRrP6sHMBFjLNiVW2X8nlI3DEm/ui
frbyldbahtPcmpNp2mg3o/DIoeYwQq1yp2qTMH/6eS8Lg3ywQ5TJm95X/MdBAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUGIboCPkTr625SX9RwlXGIqlHtbEwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzOTM1MmUzNTM4MmUzMTM0
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzUzODM0MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADDOpQwDQYJKoZIhvcNAQELBQADggEBAJaF52DA/b3H+th9lWbLRELKc62mc6O7
HUNXBuXsAUfJkDWT8y2JXbJ6nokH8gdJDW+URUoERcQXOEIuj6fcjJ980NcPiwrN
gugK7cKNQmsvrWQlR7bAir7aaMET5Zq+IEguyA3ccJKZ89T/JQedzGNKwjgz/nBo
wvJps7eqknQQfamlRkE1yfJU48+baXScKJsIgTfyoP/gtysTkzd7JA4WwepDNafS
osTRhihHCfI0cgejLT4eXgyKABA+nekg02GoGFX3GsJy4CwUeC3EhulCh9hxKvh9
v/G35RPL+zLTp4q8FLjaZ4OQYiVm9ID6KGO2jQBbFYxM1rG5JH+tytw=
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:26:24 2026 by rpki-client