Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/83e4757f-d37f-4fd6-a69b-d74bdd6b87dc/0/3139322e3130392e31312e302f32342d3234203d3e203136323736.roa
File: 3139322e3130392e31312e302f32342d3234203d3e203136323736.roa (raw, json)
Hash identifier: nLtvC8u+G2wQDXhAgNrW8KG32IP0qBYrlPwszbjCA50=
Subject key identifier: FB:F9:64:68:4B:54:FC:C2:5D:0E:65:73:88:E4:70:34:35:BF:CA:F9
Certificate issuer: /CN=5e5179bb1757068d7028510feeb1177aa7cc8818
Certificate serial: 5C6DDC0388C489DCA3701A11C316EEA01BAA79E2
Authority key identifier: 5E:51:79:BB:17:57:06:8D:70:28:51:0F:EE:B1:17:7A:A7:CC:88:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XlF5uxdXBo1wKFEP7rEXeqfMiBg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/83e4757f-d37f-4fd6-a69b-d74bdd6b87dc/0/3139322e3130392e31312e302f32342d3234203d3e203136323736.roa
Signing time: Tue 10 Feb 2026 12:55:38 +0000
ROA not before: Tue 10 Feb 2026 12:50:38 +0000
ROA not after: Tue 09 Feb 2027 12:55:38 +0000
asID: 16276
IP address blocks: 192.109.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/83e4757f-d37f-4fd6-a69b-d74bdd6b87dc/0/5E5179BB1757068D7028510FEEB1177AA7CC8818.crl
rsync://rsync.paas.rpki.ripe.net/repository/83e4757f-d37f-4fd6-a69b-d74bdd6b87dc/0/5E5179BB1757068D7028510FEEB1177AA7CC8818.mft
rsync://rpki.ripe.net/repository/DEFAULT/XlF5uxdXBo1wKFEP7rEXeqfMiBg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:6d:dc:03:88:c4:89:dc:a3:70:1a:11:c3:16:ee:a0:1b:aa:79:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e5179bb1757068d7028510feeb1177aa7cc8818
Validity
Not Before: Feb 10 12:50:38 2026 GMT
Not After : Feb 9 12:55:38 2027 GMT
Subject: CN=FBF964684B54FCC25D0E657388E4703435BFCAF9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ea:ec:a4:b3:3a:cd:84:95:31:1c:93:eb:fe:
2f:a6:3c:c2:0f:39:da:7e:ec:f6:0d:3b:d2:42:a5:
8a:0f:bf:ca:e3:df:82:f2:10:ac:51:da:80:67:7c:
b7:69:ce:dd:f0:c3:bf:a7:31:2f:a1:e0:f0:79:06:
ea:41:fd:85:6a:9d:a0:5b:28:49:8d:c7:7e:fc:3d:
2d:41:c4:26:39:46:5e:0d:76:2f:ae:50:72:e8:44:
b6:a5:9f:9f:8d:c9:5b:39:bc:b1:80:62:d5:1c:fa:
87:0d:07:c7:fc:fa:e9:3a:a0:51:6c:9d:ce:c4:a7:
5e:49:11:27:08:d1:ea:de:66:3f:2a:c8:4f:71:31:
5a:58:9e:94:1b:c5:67:6a:e9:ea:bd:a5:2e:b5:ae:
16:93:a2:0f:7c:73:b3:9d:6b:a7:8a:1e:0f:5f:37:
67:df:0e:e3:fc:ef:f8:42:1c:65:63:f2:f4:ec:38:
03:ef:9a:39:d2:ef:4e:ba:84:59:ef:8a:82:2e:14:
1a:7e:85:47:45:88:c3:82:35:93:19:cd:42:45:e8:
65:85:5a:51:b9:77:a0:b0:f1:87:53:8d:c8:10:53:
26:47:46:2d:c1:9d:89:6d:03:8a:69:9d:4d:3d:12:
2f:72:5b:b8:b0:1b:3a:e7:43:55:26:2a:79:3e:81:
04:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:F9:64:68:4B:54:FC:C2:5D:0E:65:73:88:E4:70:34:35:BF:CA:F9
X509v3 Authority Key Identifier:
keyid:5E:51:79:BB:17:57:06:8D:70:28:51:0F:EE:B1:17:7A:A7:CC:88:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/83e4757f-d37f-4fd6-a69b-d74bdd6b87dc/0/5E5179BB1757068D7028510FEEB1177AA7CC8818.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XlF5uxdXBo1wKFEP7rEXeqfMiBg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/83e4757f-d37f-4fd6-a69b-d74bdd6b87dc/0/3139322e3130392e31312e302f32342d3234203d3e203136323736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.11.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:41:31:7b:3b:a3:4b:af:ed:a5:4f:d0:28:a4:e3:9e:24:82:
22:48:fa:45:d5:60:e7:39:4f:04:78:91:99:cc:01:25:2e:4f:
84:88:9f:31:54:ca:f7:35:db:9c:d9:0c:cf:ec:8c:ff:1f:4f:
5c:fc:ce:37:b1:8d:e7:59:84:07:ff:a7:81:ab:c4:fe:96:5e:
84:69:ec:ab:99:84:9b:7f:12:4a:da:4d:b6:17:65:c2:c7:b7:
df:80:07:51:d0:88:bf:79:c5:57:8f:05:ba:3e:ca:31:1f:bf:
b3:d0:ad:93:f6:f4:c8:11:f0:d8:bf:18:94:bc:11:70:4e:c3:
b5:7e:89:d6:ea:8b:10:75:67:1b:47:f9:c7:24:da:13:a7:13:
5f:c4:1b:2f:82:f7:d6:e9:94:f1:2b:ec:12:eb:ab:1f:1a:26:
a7:f9:83:73:39:51:12:bf:b5:0c:73:ef:2e:e1:3e:8e:4e:19:
38:5d:4a:61:84:50:19:aa:1c:cf:41:84:e4:bb:3a:35:d7:ca:
a4:f3:ac:95:46:ab:4b:fa:63:a6:b3:9f:a7:3a:15:e4:be:0e:
3d:9a:8c:43:0c:56:85:c3:92:c7:d9:94:b1:c9:a4:b8:94:35:
8a:0f:43:51:47:87:92:48:4b:30:4e:05:47:7a:67:bd:bd:66:
f3:24:c2:13
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUXG3cA4jEidyjcBoRwxbuoBuqeeIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWU1MTc5YmIxNzU3MDY4ZDcwMjg1MTBmZWViMTE3N2Fh
N2NjODgxODAeFw0yNjAyMTAxMjUwMzhaFw0yNzAyMDkxMjU1MzhaMDMxMTAvBgNV
BAMTKEZCRjk2NDY4NEI1NEZDQzI1RDBFNjU3Mzg4RTQ3MDM0MzVCRkNBRjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDa6uykszrNhJUxHJPr/i+mPMIP
Odp+7PYNO9JCpYoPv8rj34LyEKxR2oBnfLdpzt3ww7+nMS+h4PB5BupB/YVqnaBb
KEmNx378PS1BxCY5Rl4Ndi+uUHLoRLaln5+NyVs5vLGAYtUc+ocNB8f8+uk6oFFs
nc7Ep15JEScI0ereZj8qyE9xMVpYnpQbxWdq6eq9pS61rhaTog98c7Oda6eKHg9f
N2ffDuP87/hCHGVj8vTsOAPvmjnS7066hFnvioIuFBp+hUdFiMOCNZMZzUJF6GWF
WlG5d6Cw8YdTjcgQUyZHRi3BnYltA4ppnU09Ei9yW7iwGzrnQ1UmKnk+gQRrAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU+/lkaEtU/MJdDmVziORwNDW/yvkwHwYDVR0j
BBgwFoAUXlF5uxdXBo1wKFEP7rEXeqfMiBgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODNlNDc1N2YtZDM3Zi00ZmQ2LWE2OWItZDc0YmRkNmI4
N2RjLzAvNUU1MTc5QkIxNzU3MDY4RDcwMjg1MTBGRUVCMTE3N0FBN0NDODgxOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hsRjV1eGRYQm8xd0tGRVA3ckVYZXFm
TWlCZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODNlNDc1N2Yt
ZDM3Zi00ZmQ2LWE2OWItZDc0YmRkNmI4N2RjLzAvMzEzOTMyMmUzMTMwMzkyZTMx
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM2MzIzNzM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wG0LMA0GCSqGSIb3DQEBCwUAA4IBAQB6QTF7O6NLr+2lT9AopOOeJIIiSPpF1WDn
OU8EeJGZzAElLk+EiJ8xVMr3Nduc2QzP7Iz/H09c/M43sY3nWYQH/6eBq8T+ll6E
aeyrmYSbfxJK2k22F2XCx7ffgAdR0Ii/ecVXjwW6PsoxH7+z0K2T9vTIEfDYvxiU
vBFwTsO1fonW6osQdWcbR/nHJNoTpxNfxBsvgvfW6ZTxK+wS66sfGian+YNzOVES
v7UMc+8u4T6OThk4XUphhFAZqhzPQYTkuzo118qk86yVRqtL+mOms5+nOhXkvg49
moxDDFaFw5LH2ZSxyaS4lDWKD0NRR4eSSEswTgVHeme9vWbzJMIT
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:38:20 2026 by rpki-client