Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3134392e302f32342d3234203d3e203633313939.roa
File: 3139352e35382e3134392e302f32342d3234203d3e203633313939.roa (raw, json)
Hash identifier: 9jUqhgLq8QIEEJxJiMALs0wsvhfDs1EJyMuRSJoW+38=
Subject key identifier: 7A:3B:FF:EE:A9:E2:6D:7D:1B:A6:B6:C7:85:8E:77:B9:66:F6:A9:30
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 4CF8FD51E4786F2B1399DF055C1497484BA747F8
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3134392e302f32342d3234203d3e203633313939.roa
Signing time: Fri 27 Feb 2026 09:17:51 +0000
ROA not before: Fri 27 Feb 2026 09:12:51 +0000
ROA not after: Fri 26 Feb 2027 09:17:51 +0000
asID: 63199
IP address blocks: 195.58.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:f8:fd:51:e4:78:6f:2b:13:99:df:05:5c:14:97:48:4b:a7:47:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Feb 27 09:12:51 2026 GMT
Not After : Feb 26 09:17:51 2027 GMT
Subject: CN=7A3BFFEEA9E26D7D1BA6B6C7858E77B966F6A930
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d4:ee:c1:29:07:4f:c8:c8:a6:85:5f:52:b6:
82:a7:77:33:c6:67:ee:b3:1e:fe:f4:5e:9f:be:ee:
f3:7f:f4:26:90:6d:30:c2:16:c2:df:ec:d1:39:f6:
3a:a9:b1:57:55:ce:ad:18:c8:9e:bc:b7:7a:f9:be:
cb:d6:a2:df:f1:6b:3f:38:fa:64:21:8c:9e:da:8f:
c3:06:30:f3:97:9e:3c:19:67:d0:cc:25:25:0c:b7:
42:43:54:9b:ef:34:e1:48:53:89:00:89:06:fe:e9:
24:ef:04:d9:c8:e6:61:1e:0e:17:2a:b0:02:b3:b7:
8e:5a:d6:f0:04:0a:d0:e3:24:68:06:4a:49:4e:f7:
fc:8b:16:20:2f:bf:e9:ab:96:4a:2c:f8:f1:13:1d:
cd:32:33:8e:00:17:24:ce:24:d4:5e:30:87:c4:66:
d8:d8:c2:8b:d9:39:7f:61:4b:9f:5d:95:f6:4c:54:
fe:bb:7e:c4:88:f1:b8:0f:f3:cd:f8:b2:4f:b9:48:
9c:3e:5a:64:93:a6:6e:de:2e:01:13:8c:3c:fe:d4:
19:a9:ae:d2:09:d9:eb:58:48:3b:4c:a4:4e:c7:43:
d3:03:68:d3:ac:a5:d7:0a:a2:85:bd:fe:6a:c9:50:
9e:2b:3c:97:ca:d4:bf:72:1f:0a:6b:1d:b8:65:5a:
f4:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:3B:FF:EE:A9:E2:6D:7D:1B:A6:B6:C7:85:8E:77:B9:66:F6:A9:30
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3134392e302f32342d3234203d3e203633313939.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.58.149.0/24
Signature Algorithm: sha256WithRSAEncryption
58:c7:f2:e7:a8:03:6c:13:23:71:67:97:cc:b9:1a:a7:97:7a:
65:e9:bd:44:6f:49:27:ba:8f:f9:6f:47:8c:1f:85:6b:f3:56:
19:0e:19:21:f7:79:ba:f5:58:e1:ec:64:f4:cd:cd:eb:66:56:
5d:bc:f1:72:b0:14:2c:30:dd:ba:7a:9b:d2:37:b1:b3:bf:31:
8e:fc:71:10:28:3f:f6:6e:2d:9d:32:12:e7:c1:02:46:e7:4b:
4b:d2:62:47:45:76:c8:16:70:04:3c:45:0b:26:b6:c5:48:aa:
08:05:44:ba:cf:99:a6:d9:ec:23:8d:93:53:ee:56:ca:27:90:
ed:e5:96:d2:45:3a:33:6a:28:d6:13:7a:42:b7:34:28:0f:ee:
ca:ec:66:af:58:e3:4d:18:66:95:a6:44:83:a2:c8:4c:e4:da:
79:13:3f:40:15:a3:3a:24:af:ea:80:57:a6:66:74:41:2f:0c:
12:92:f6:60:84:25:83:b8:3a:8c:c9:cc:d6:32:ce:09:a6:74:
60:a7:e9:2a:bf:0e:c1:c6:99:31:06:fc:8d:ad:90:12:d6:a3:
d3:15:b6:10:5a:4e:26:6f:00:e8:61:48:09:94:ea:95:a9:66:
2e:e8:5d:fd:f3:5b:3c:f0:17:ab:ed:1e:11:a6:46:51:8b:c4:
20:12:55:65
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUTPj9UeR4bysTmd8FXBSXSEunR/gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjAyMjcwOTEyNTFaFw0yNzAyMjYwOTE3NTFaMDMxMTAvBgNV
BAMTKDdBM0JGRkVFQTlFMjZEN0QxQkE2QjZDNzg1OEU3N0I5NjZGNkE5MzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+1O7BKQdPyMimhV9StoKndzPG
Z+6zHv70Xp++7vN/9CaQbTDCFsLf7NE59jqpsVdVzq0YyJ68t3r5vsvWot/xaz84
+mQhjJ7aj8MGMPOXnjwZZ9DMJSUMt0JDVJvvNOFIU4kAiQb+6STvBNnI5mEeDhcq
sAKzt45a1vAECtDjJGgGSklO9/yLFiAvv+mrlkos+PETHc0yM44AFyTOJNReMIfE
ZtjYwovZOX9hS59dlfZMVP67fsSI8bgP8834sk+5SJw+WmSTpm7eLgETjDz+1Bmp
rtIJ2etYSDtMpE7HQ9MDaNOspdcKooW9/mrJUJ4rPJfK1L9yHwprHbhlWvRdAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUejv/7qnibX0bprbHhY53uWb2qTAwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzOTM1MmUzNTM4MmUzMTM0
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMzMzEzOTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wzqVMA0GCSqGSIb3DQEBCwUAA4IBAQBYx/LnqANsEyNxZ5fMuRqnl3pl6b1Eb0kn
uo/5b0eMH4Vr81YZDhkh93m69Vjh7GT0zc3rZlZdvPFysBQsMN26epvSN7GzvzGO
/HEQKD/2bi2dMhLnwQJG50tL0mJHRXbIFnAEPEULJrbFSKoIBUS6z5mm2ewjjZNT
7lbKJ5Dt5ZbSRTozaijWE3pCtzQoD+7K7GavWONNGGaVpkSDoshM5Np5Ez9AFaM6
JK/qgFemZnRBLwwSkvZghCWDuDqMyczWMs4JpnRgp+kqvw7BxpkxBvyNrZAS1qPT
FbYQWk4mbwDoYUgJlOqVqWYu6F3981s88Ber7R4RpkZRi8QgElVl
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:26:52 2026 by rpki-client