Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3135302e302f32342d3234203d3e20323135333533.roa
File: 3139352e35382e3135302e302f32342d3234203d3e20323135333533.roa (raw, json)
Hash identifier: 26P6qmF1qO5EzcVJRtFpyvK2Pg0XJgNsh+hTSCj6XOs=
Subject key identifier: 82:98:99:17:36:66:D8:9F:84:4F:53:8F:E4:36:5B:81:45:AE:2E:76
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 34A9D7AE1CD6F1F1DCF254D8D40AFC43DB3003B6
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3135302e302f32342d3234203d3e20323135333533.roa
Signing time: Sat 28 Feb 2026 19:16:50 +0000
ROA not before: Sat 28 Feb 2026 19:11:50 +0000
ROA not after: Sat 27 Feb 2027 19:16:50 +0000
asID: 215353
IP address blocks: 195.58.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:a9:d7:ae:1c:d6:f1:f1:dc:f2:54:d8:d4:0a:fc:43:db:30:03:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Feb 28 19:11:50 2026 GMT
Not After : Feb 27 19:16:50 2027 GMT
Subject: CN=829899173666D89F844F538FE4365B8145AE2E76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:0b:4a:a6:93:52:36:f9:2b:30:b2:0c:df:6c:
c4:18:cb:8e:90:ca:e2:80:34:f8:16:a2:9d:09:3d:
3f:d9:07:db:54:49:33:c3:b2:d2:c7:93:97:fd:31:
8b:9c:35:91:ab:8e:ce:68:af:a0:f1:68:27:e0:a5:
fe:04:fb:a6:f6:51:b6:50:87:7f:36:8d:d3:90:6c:
8b:42:6c:81:8d:6e:8e:26:a0:65:6f:85:84:6d:d1:
13:3e:ad:04:c4:19:f7:aa:ce:91:66:28:df:22:c7:
e7:0e:a6:5d:c8:a7:d7:d0:bf:2c:4c:d4:67:1b:d1:
5d:82:ce:bb:12:6c:95:c6:f6:d2:b1:64:f3:b2:c8:
66:5e:3b:43:0a:5d:84:f1:e8:96:ac:16:4a:ba:f2:
0d:43:79:0b:f2:68:95:fd:22:3d:4c:13:20:6d:e0:
28:44:24:19:cf:66:ee:26:57:09:7b:9d:2c:a1:d0:
b4:ce:83:57:89:6b:36:8c:6a:c6:7d:d7:a5:37:fb:
b8:f4:a8:c0:54:33:6e:c0:55:39:bb:f9:07:da:9a:
09:64:65:ce:17:63:f3:b2:39:c6:ab:b7:16:cd:64:
82:1f:e8:6d:5b:42:05:2c:b1:1d:fd:ad:8c:0e:bc:
93:b8:a0:63:57:a0:40:c4:32:93:d9:c5:26:4c:a0:
f8:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:98:99:17:36:66:D8:9F:84:4F:53:8F:E4:36:5B:81:45:AE:2E:76
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3135302e302f32342d3234203d3e20323135333533.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.58.150.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:02:1b:c8:bf:fb:ea:68:75:f0:00:8a:69:d2:c0:50:84:51:
7c:4d:17:79:c0:41:f7:cc:67:34:f4:22:c3:90:9a:43:d9:3a:
4b:c0:32:6f:65:8a:b1:10:27:56:1a:a9:95:05:84:98:42:27:
7f:b7:7d:03:d2:03:37:c3:c4:ce:90:fc:a6:31:d6:7b:b9:89:
8b:14:00:08:3b:45:70:16:0c:2c:2c:46:51:de:14:da:2f:82:
05:65:dd:ed:f2:b6:b8:df:9b:75:91:b4:62:3a:dc:3a:c8:d6:
46:f5:fc:e8:8b:66:38:fd:6c:70:db:99:25:86:56:37:c1:a8:
42:aa:e9:85:99:17:a0:61:62:e6:99:47:c7:bf:0a:72:e1:02:
f2:de:4e:0f:13:68:26:b8:9d:98:74:1a:7b:da:18:42:62:0d:
29:cf:5a:d9:11:17:d3:32:be:35:ec:29:aa:fb:39:97:65:ac:
1d:60:bb:f2:14:96:19:e4:fc:90:5d:02:31:d3:d4:c0:1b:a4:
cf:27:f9:43:82:26:e9:64:99:26:5d:c5:8e:bb:78:ed:c3:92:
ea:87:68:bd:76:1a:dd:35:93:51:34:aa:6b:f9:3d:2c:fb:15:
20:1e:d2:63:80:26:46:4e:4f:33:1b:14:98:94:4f:4e:aa:a5:
41:e9:d5:d5
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUNKnXrhzW8fHc8lTY1Ar8Q9swA7YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjAyMjgxOTExNTBaFw0yNzAyMjcxOTE2NTBaMDMxMTAvBgNV
BAMTKDgyOTg5OTE3MzY2NkQ4OUY4NDRGNTM4RkU0MzY1QjgxNDVBRTJFNzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDuC0qmk1I2+SswsgzfbMQYy46Q
yuKANPgWop0JPT/ZB9tUSTPDstLHk5f9MYucNZGrjs5or6DxaCfgpf4E+6b2UbZQ
h382jdOQbItCbIGNbo4moGVvhYRt0RM+rQTEGfeqzpFmKN8ix+cOpl3Ip9fQvyxM
1Gcb0V2CzrsSbJXG9tKxZPOyyGZeO0MKXYTx6JasFkq68g1DeQvyaJX9Ij1MEyBt
4ChEJBnPZu4mVwl7nSyh0LTOg1eJazaMasZ916U3+7j0qMBUM27AVTm7+Qfamglk
Zc4XY/OyOcartxbNZIIf6G1bQgUssR39rYwOvJO4oGNXoEDEMpPZxSZMoPjdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUgpiZFzZm2J+ET1OP5DZbgUWuLnYwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzOTM1MmUzNTM4MmUzMTM1
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzUzMzM1MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADDOpYwDQYJKoZIhvcNAQELBQADggEBAJsCG8i/++podfAAimnSwFCEUXxNF3nA
QffMZzT0IsOQmkPZOkvAMm9lirEQJ1YaqZUFhJhCJ3+3fQPSAzfDxM6Q/KYx1nu5
iYsUAAg7RXAWDCwsRlHeFNovggVl3e3ytrjfm3WRtGI63DrI1kb1/OiLZjj9bHDb
mSWGVjfBqEKq6YWZF6BhYuaZR8e/CnLhAvLeTg8TaCa4nZh0GnvaGEJiDSnPWtkR
F9MyvjXsKar7OZdlrB1gu/IUlhnk/JBdAjHT1MAbpM8n+UOCJulkmSZdxY67eO3D
kuqHaL12Gt01k1E0qmv5PSz7FSAe0mOAJkZOTzMbFJiUT06qpUHp1dU=
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:25:56 2026 by rpki-client