Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3139332e3234362e3136352e302f32342d3234203d3e20343031323935.roa
File: 3139332e3234362e3136352e302f32342d3234203d3e20343031323935.roa (raw, json)
Hash identifier: /MCjD1gKf8dM428+AJBa7D2BqNWXl/86u8uSaT3JFm0=
Subject key identifier: F5:DF:A2:52:3E:28:C0:40:BA:7F:A2:F6:7E:93:74:48:D9:0D:7F:C7
Certificate issuer: /CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Certificate serial: 48C404F82AB086970A49619A8395919E6B07E76C
Authority key identifier: 45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3139332e3234362e3136352e302f32342d3234203d3e20343031323935.roa
Signing time: Sat 11 Apr 2026 00:19:11 +0000
ROA not before: Sat 11 Apr 2026 00:14:11 +0000
ROA not after: Sat 10 Apr 2027 00:19:11 +0000
asID: 401295
IP address blocks: 193.246.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 06:38:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:c4:04:f8:2a:b0:86:97:0a:49:61:9a:83:95:91:9e:6b:07:e7:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Validity
Not Before: Apr 11 00:14:11 2026 GMT
Not After : Apr 10 00:19:11 2027 GMT
Subject: CN=F5DFA2523E28C040BA7FA2F67E937448D90D7FC7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:62:3a:78:2e:ad:fb:59:27:ea:bf:a2:4d:35:
62:18:38:32:99:7f:24:56:45:c7:a2:76:1b:86:6e:
e1:93:ee:15:c7:0f:8f:d8:be:1a:e1:6e:2d:51:6f:
9b:be:7a:7b:ae:96:e6:1d:40:fb:f9:44:6d:11:70:
af:96:c0:9f:06:1b:c9:15:70:8b:c2:de:63:f0:00:
6d:08:40:b2:f0:6b:b4:71:bd:e8:11:ee:90:fe:a6:
13:41:27:e6:4a:7a:14:f5:3d:c3:5c:40:13:60:36:
3d:6c:34:f8:df:f5:93:8e:bc:f7:20:67:a5:29:61:
82:ed:50:4d:01:24:b1:ac:ae:04:08:ce:5f:cc:68:
95:5d:71:d0:ab:5a:2d:f4:11:9e:41:6f:d9:bf:e0:
d6:47:23:5a:1b:d2:bc:8f:52:0a:fd:eb:63:7f:97:
83:b9:49:f3:d8:0b:fb:c6:c0:18:f8:1b:71:25:ca:
5e:3b:b6:43:66:73:00:8e:20:29:ec:1c:5f:c5:7f:
ba:94:ad:0f:fa:7c:89:3d:e3:30:93:f7:08:19:b6:
22:37:6e:3f:2c:85:1c:12:ac:fe:16:29:a4:82:a4:
14:8d:01:d6:60:ea:77:eb:88:a8:f7:e7:37:b9:33:
db:54:2f:da:c0:82:b2:36:76:e4:e3:8f:85:e8:6e:
4a:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:DF:A2:52:3E:28:C0:40:BA:7F:A2:F6:7E:93:74:48:D9:0D:7F:C7
X509v3 Authority Key Identifier:
keyid:45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3139332e3234362e3136352e302f32342d3234203d3e20343031323935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.246.165.0/24
Signature Algorithm: sha256WithRSAEncryption
80:78:6b:8a:22:0c:da:82:f6:07:08:37:07:0e:cb:90:f8:61:
48:45:3a:f8:a4:89:16:ee:67:2e:a2:31:0b:14:30:de:33:d8:
5b:d3:8e:f4:ac:69:b1:b1:d4:fc:1a:0c:0b:2c:2e:1c:9a:31:
fd:af:eb:4f:c0:7e:8a:79:3c:e5:b8:12:42:a5:99:9e:8e:80:
0b:af:d8:e4:9f:dc:fd:86:4d:e2:90:b2:f3:51:cd:8d:be:74:
60:4c:66:71:1f:aa:17:5b:93:c1:93:3c:8c:6d:78:70:12:c5:
9e:8f:0f:a3:28:79:28:6c:94:0f:10:41:aa:c7:55:1b:7c:00:
ef:e6:e9:01:13:64:47:9d:e4:1d:41:3f:db:2b:f2:fd:97:ab:
93:63:0a:13:a4:03:ad:b0:60:cf:09:96:43:9f:97:a3:fb:d2:
be:44:e7:b4:10:aa:db:1d:ae:08:ae:7a:a3:4f:b3:58:ec:75:
c0:b5:db:7d:f3:cd:a1:ec:46:ea:38:ff:26:ef:73:59:73:05:
b5:32:5b:78:06:44:69:81:22:bb:ac:43:91:24:38:bb:33:c0:
7e:09:10:02:ac:8c:f5:51:e3:1b:af:71:1b:a4:db:82:71:19:
2b:2f:6a:1c:d5:f4:b9:bd:8c:4f:c5:7f:6e:3a:f5:65:02:0a:
0a:54:6e:4e
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUSMQE+CqwhpcKSWGag5WRnmsH52wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDVlODY0OGU0NDVkY2NkMGQ4ZWU2OTlmNTE0MGJiODE0
ZTQzYWUxYjAeFw0yNjA0MTEwMDE0MTFaFw0yNzA0MTAwMDE5MTFaMDMxMTAvBgNV
BAMTKEY1REZBMjUyM0UyOEMwNDBCQTdGQTJGNjdFOTM3NDQ4RDkwRDdGQzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4Yjp4Lq37WSfqv6JNNWIYODKZ
fyRWRceidhuGbuGT7hXHD4/Yvhrhbi1Rb5u+enuuluYdQPv5RG0RcK+WwJ8GG8kV
cIvC3mPwAG0IQLLwa7RxvegR7pD+phNBJ+ZKehT1PcNcQBNgNj1sNPjf9ZOOvPcg
Z6UpYYLtUE0BJLGsrgQIzl/MaJVdcdCrWi30EZ5Bb9m/4NZHI1ob0ryPUgr962N/
l4O5SfPYC/vGwBj4G3Elyl47tkNmcwCOICnsHF/Ff7qUrQ/6fIk94zCT9wgZtiI3
bj8shRwSrP4WKaSCpBSNAdZg6nfriKj35ze5M9tUL9rAgrI2duTjj4XobkoVAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU9d+iUj4owEC6f6L2fpN0SNkNf8cwHwYDVR0j
BBgwFoAURehkjkRdzNDY7mmfUUC7gU5DrhswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTMzYjJmZDctMzFjMS00NTFjLTgyODgtYzFhYTBhYTEy
NzUwLzAvNDVFODY0OEU0NDVEQ0NEMEQ4RUU2OTlGNTE0MEJCODE0RTQzQUUxQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JlaGtqa1Jkek5EWTdtbWZVVUM3Z1U1
RHJocy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTMzYjJmZDct
MzFjMS00NTFjLTgyODgtYzFhYTBhYTEyNzUwLzAvMzEzOTMzMmUzMjM0MzYyZTMx
MzYzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzAzMTMyMzkzNS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMH2pTANBgkqhkiG9w0BAQsFAAOCAQEAgHhriiIM2oL2Bwg3Bw7LkPhhSEU6
+KSJFu5nLqIxCxQw3jPYW9OO9KxpsbHU/BoMCywuHJox/a/rT8B+ink85bgSQqWZ
no6AC6/Y5J/c/YZN4pCy81HNjb50YExmcR+qF1uTwZM8jG14cBLFno8Poyh5KGyU
DxBBqsdVG3wA7+bpARNkR53kHUE/2yvy/Zerk2MKE6QDrbBgzwmWQ5+Xo/vSvkTn
tBCq2x2uCK56o0+zWOx1wLXbffPNoexG6jj/Ju9zWXMFtTJbeAZEaYEiu6xDkSQ4
uzPAfgkQAqyM9VHjG69xG6TbgnEZKy9qHNX0ub2MT8V/bjr1ZQIKClRuTg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 19:41:48 2026 by rpki-client