Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3134392e302f32342d3234203d3e20383334.roa
File: 3139352e35382e3134392e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: qCWycbQVx/jK5mBrjj3kwCObJZ5oDGAXY9R8G4vR8dM=
Subject key identifier: 09:86:56:8A:F6:C8:17:7D:8D:F0:F2:CB:52:D5:39:EA:8F:5E:C6:57
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 4CCF40F69A4ABAA138E8A173B55D2816D19B168E
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3134392e302f32342d3234203d3e20383334.roa
Signing time: Wed 27 May 2026 17:21:14 +0000
ROA not before: Wed 27 May 2026 17:16:14 +0000
ROA not after: Wed 26 May 2027 17:21:14 +0000
asID: 834
IP address blocks: 195.58.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 16:37:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:cf:40:f6:9a:4a:ba:a1:38:e8:a1:73:b5:5d:28:16:d1:9b:16:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: May 27 17:16:14 2026 GMT
Not After : May 26 17:21:14 2027 GMT
Subject: CN=0986568AF6C8177D8DF0F2CB52D539EA8F5EC657
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:6c:ee:74:ea:a6:c7:66:0d:de:64:d7:3f:62:
f2:f9:33:a1:7b:a8:0e:6c:33:1a:33:0f:a9:9a:50:
e2:57:b5:a3:4f:72:ef:4c:1b:df:fd:01:48:24:4a:
cf:40:7b:3a:b5:fd:02:a8:54:0d:e0:ac:c2:14:0d:
bd:44:23:0e:a8:79:d9:17:59:01:0c:98:55:76:22:
97:56:b7:bf:21:6d:20:a0:ad:d2:ae:29:c6:d9:04:
75:40:8a:f6:de:65:dd:f8:2d:39:57:46:4e:01:db:
fb:89:4c:bb:0c:6e:b0:a0:c1:7e:77:96:be:b4:78:
af:9d:59:47:f3:94:3a:d2:71:38:70:2d:80:80:7a:
f6:f4:98:39:3f:e4:7a:52:44:77:d8:cf:a4:72:c0:
29:8f:46:ef:bc:36:5b:1a:81:80:b0:4d:0d:ec:91:
d6:18:c5:00:1a:0c:89:da:ca:22:47:c8:3c:84:da:
a6:aa:f3:cc:48:a1:66:5b:50:f2:fe:80:f4:30:7a:
1c:b7:5f:25:df:f8:a8:87:50:87:e1:e1:12:f6:67:
00:cc:f3:a8:2d:be:f4:ec:85:8b:0f:41:4a:51:21:
82:47:37:7f:16:95:8b:87:84:51:d6:4c:44:19:c8:
88:4a:a3:db:d1:44:42:af:bf:68:b5:a1:c9:e1:5e:
8e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:86:56:8A:F6:C8:17:7D:8D:F0:F2:CB:52:D5:39:EA:8F:5E:C6:57
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3134392e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.58.149.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:1a:45:47:12:7e:eb:68:4c:59:db:03:df:be:85:bd:82:f3:
64:86:04:a3:d4:a7:3f:92:cb:dc:11:c5:f3:fa:f0:c4:07:f8:
92:17:fc:00:ae:8c:dc:8f:fe:5c:ca:3e:e4:3d:84:a4:7a:0e:
16:a7:58:13:5b:a5:0d:d9:f5:3e:43:b4:1f:34:91:6b:ff:86:
53:44:18:29:a3:ea:8c:66:90:fc:69:89:f7:98:39:6e:bf:47:
9d:0c:0d:6b:85:8f:f1:d2:c5:96:07:96:c5:70:dd:7b:da:59:
42:e5:c7:23:81:bc:06:48:28:fe:ef:ec:1f:42:65:dd:fd:f6:
2c:7c:b7:c0:36:73:ca:aa:39:75:a4:99:84:16:b1:b7:6f:42:
38:79:08:98:e7:da:db:a2:2d:11:2d:03:1c:ed:4b:a5:98:79:
be:d1:b8:85:89:a6:9f:70:db:d1:89:d4:8b:a5:f1:0c:e0:3a:
e4:31:a3:b9:7f:61:9c:0f:b1:a2:0b:1b:4a:9a:9a:2e:12:9b:
3d:6d:51:ab:ac:5c:35:e3:95:74:cd:7f:f5:e5:3d:c6:2d:88:
7a:b6:67:09:59:fb:d5:5d:32:e5:f3:7d:aa:0b:4b:a6:88:db:
fa:a1:c2:16:5d:74:29:c7:5e:49:5c:5b:7f:39:64:e2:6d:b5:
0a:f5:93:85
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUTM9A9ppKuqE46KFztV0oFtGbFo4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjA1MjcxNzE2MTRaFw0yNzA1MjYxNzIxMTRaMDMxMTAvBgNV
BAMTKDA5ODY1NjhBRjZDODE3N0Q4REYwRjJDQjUyRDUzOUVBOEY1RUM2NTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/bO506qbHZg3eZNc/YvL5M6F7
qA5sMxozD6maUOJXtaNPcu9MG9/9AUgkSs9Aezq1/QKoVA3grMIUDb1EIw6oedkX
WQEMmFV2IpdWt78hbSCgrdKuKcbZBHVAivbeZd34LTlXRk4B2/uJTLsMbrCgwX53
lr60eK+dWUfzlDrScThwLYCAevb0mDk/5HpSRHfYz6RywCmPRu+8NlsagYCwTQ3s
kdYYxQAaDInayiJHyDyE2qaq88xIoWZbUPL+gPQwehy3XyXf+KiHUIfh4RL2ZwDM
86gtvvTshYsPQUpRIYJHN38WlYuHhFHWTEQZyIhKo9vRREKvv2i1ocnhXo6fAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUCYZWivbIF32N8PLLUtU56o9exlcwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzOTM1MmUzNTM4MmUzMTM0
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADDOpUw
DQYJKoZIhvcNAQELBQADggEBAIsaRUcSfutoTFnbA9++hb2C82SGBKPUpz+Sy9wR
xfP68MQH+JIX/ACujNyP/lzKPuQ9hKR6DhanWBNbpQ3Z9T5DtB80kWv/hlNEGCmj
6oxmkPxpifeYOW6/R50MDWuFj/HSxZYHlsVw3XvaWULlxyOBvAZIKP7v7B9CZd39
9ix8t8A2c8qqOXWkmYQWsbdvQjh5CJjn2tuiLREtAxztS6WYeb7RuIWJpp9w29GJ
1Iul8QzgOuQxo7l/YZwPsaILG0qami4Smz1tUausXDXjlXTNf/XlPcYtiHq2ZwlZ
+9VdMuXzfaoLS6aI2/qhwhZddCnHXklcW385ZOJttQr1k4U=
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:52:04 2026 by rpki-client