Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3134382e302f32342d3234203d3e203633303233.roa
File: 3139352e35382e3134382e302f32342d3234203d3e203633303233.roa (raw, json)
Hash identifier: oBeeeU3GnT2oMITYsHzfevINcnN3rBvPI2W5i1+sVPw=
Subject key identifier: 17:44:22:B8:1A:2E:A0:B7:06:BE:3F:7F:45:42:7C:FB:C5:D8:85:AB
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 67D66D9C79E2F953D0132D5CD11FE29E9626D2A6
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3134382e302f32342d3234203d3e203633303233.roa
Signing time: Fri 27 Feb 2026 06:50:29 +0000
ROA not before: Fri 27 Feb 2026 06:45:29 +0000
ROA not after: Fri 26 Feb 2027 06:50:29 +0000
asID: 63023
IP address blocks: 195.58.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:d6:6d:9c:79:e2:f9:53:d0:13:2d:5c:d1:1f:e2:9e:96:26:d2:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Feb 27 06:45:29 2026 GMT
Not After : Feb 26 06:50:29 2027 GMT
Subject: CN=174422B81A2EA0B706BE3F7F45427CFBC5D885AB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c7:10:e6:75:15:65:ce:e4:aa:b0:8e:f9:fd:
06:a8:f1:1d:af:1c:f2:23:fc:2c:14:d7:bd:f3:38:
03:29:04:54:48:e8:df:f8:2e:75:3c:48:c1:8a:a4:
c7:c8:11:46:cc:15:e9:81:72:a0:33:e6:e1:1e:64:
56:8a:23:5c:14:f8:83:a4:77:7a:67:07:01:31:8e:
6e:2a:e2:1f:5e:80:79:4f:9f:6a:40:35:e8:9d:98:
7b:45:4d:71:a1:e8:5f:65:04:35:62:5e:89:a1:18:
75:1e:a5:9b:c3:10:06:c0:69:4a:bc:9f:c6:bb:4a:
6e:20:51:e9:3b:5e:c6:00:66:57:e3:c9:29:bd:e6:
94:9e:33:d2:3f:2c:b5:5f:39:69:3b:de:a9:3e:f9:
6d:89:73:ba:95:3f:d8:1b:9b:84:24:a6:fc:9a:3b:
64:76:20:3b:75:b2:07:42:e5:02:eb:03:1b:07:74:
75:10:f8:be:33:80:bf:48:44:1b:55:a5:f1:6c:a4:
8e:2c:4c:a3:10:94:dc:d5:b8:8e:3a:f8:9b:bb:aa:
53:3c:a8:9f:9c:d2:f9:89:a3:41:db:37:cb:1f:e3:
a3:0f:2d:a0:42:7e:47:f6:30:8e:50:f7:c1:66:27:
43:87:ee:f1:45:e7:13:ed:b4:fd:39:67:7d:d6:14:
a7:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:44:22:B8:1A:2E:A0:B7:06:BE:3F:7F:45:42:7C:FB:C5:D8:85:AB
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3134382e302f32342d3234203d3e203633303233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.58.148.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:18:8c:15:34:6e:d2:1a:dc:05:aa:c8:6b:2c:ce:07:92:e9:
42:b2:27:d2:b5:bd:9a:b6:ca:9d:22:d2:d4:76:05:a4:05:9e:
c2:2d:6c:20:80:7a:8c:96:86:18:f0:69:d1:e1:d8:c8:35:d9:
50:7b:cb:0f:22:2f:d2:53:7a:da:34:f2:e6:8f:91:14:bb:94:
59:63:22:b8:0e:39:e4:b4:33:b4:a9:66:5a:e7:aa:aa:a1:d9:
7e:c4:a4:31:00:11:2c:5c:1e:a6:37:4b:f7:78:7e:5d:24:60:
ab:81:77:61:ca:66:bb:4a:a9:bd:d2:62:43:c4:6a:00:fe:db:
50:a7:85:df:f8:b5:d2:ad:7a:af:6f:81:cd:66:44:62:b2:94:
74:8a:53:6d:18:c0:e6:0b:03:ce:11:af:6f:ce:69:27:e6:d5:
04:3f:2f:6b:f9:6e:c2:e9:a0:23:ca:a2:31:74:9b:db:66:87:
d5:f7:5d:92:d9:26:05:80:9f:c3:8b:16:92:59:07:02:a0:c8:
1d:1a:05:b0:88:3c:ed:ef:9c:c3:25:92:42:06:50:92:22:50:
cf:cc:80:d5:89:6d:4d:1e:e1:92:43:60:2a:a1:f6:ef:8e:25:
7a:07:f7:37:32:3d:dd:63:7f:90:92:96:69:36:75:3f:99:44:
f7:67:bb:45
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUZ9ZtnHni+VPQEy1c0R/inpYm0qYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjAyMjcwNjQ1MjlaFw0yNzAyMjYwNjUwMjlaMDMxMTAvBgNV
BAMTKDE3NDQyMkI4MUEyRUEwQjcwNkJFM0Y3RjQ1NDI3Q0ZCQzVEODg1QUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCxxDmdRVlzuSqsI75/Qao8R2v
HPIj/CwU173zOAMpBFRI6N/4LnU8SMGKpMfIEUbMFemBcqAz5uEeZFaKI1wU+IOk
d3pnBwExjm4q4h9egHlPn2pANeidmHtFTXGh6F9lBDViXomhGHUepZvDEAbAaUq8
n8a7Sm4gUek7XsYAZlfjySm95pSeM9I/LLVfOWk73qk++W2Jc7qVP9gbm4Qkpvya
O2R2IDt1sgdC5QLrAxsHdHUQ+L4zgL9IRBtVpfFspI4sTKMQlNzVuI46+Ju7qlM8
qJ+c0vmJo0HbN8sf46MPLaBCfkf2MI5Q98FmJ0OH7vFF5xPttP05Z33WFKebAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUF0QiuBouoLcGvj9/RUJ8+8XYhaswHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzOTM1MmUzNTM4MmUzMTM0
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMzMzAzMjMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wzqUMA0GCSqGSIb3DQEBCwUAA4IBAQAuGIwVNG7SGtwFqshrLM4HkulCsifStb2a
tsqdItLUdgWkBZ7CLWwggHqMloYY8GnR4djINdlQe8sPIi/SU3raNPLmj5EUu5RZ
YyK4DjnktDO0qWZa56qqodl+xKQxABEsXB6mN0v3eH5dJGCrgXdhyma7Sqm90mJD
xGoA/ttQp4Xf+LXSrXqvb4HNZkRispR0ilNtGMDmCwPOEa9vzmkn5tUEPy9r+W7C
6aAjyqIxdJvbZofV912S2SYFgJ/DixaSWQcCoMgdGgWwiDzt75zDJZJCBlCSIlDP
zIDViW1NHuGSQ2AqofbvjiV6B/c3Mj3dY3+QkpZpNnU/mUT3Z7tF
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:31:07 2026 by rpki-client