Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/3133392e32382e32342e302f32342d3234203d3e20323132363039.roa
File: 3133392e32382e32342e302f32342d3234203d3e20323132363039.roa (raw, json)
Hash identifier: Fol0sGIzThvrZaKMHBeLXFldT8huOSBy9x77N8VFj2U=
Subject key identifier: A8:F3:46:93:DB:55:79:E5:C9:79:0F:3C:DF:F6:54:29:73:94:D7:5F
Certificate issuer: /CN=637fd1ba3fed44454d6d7030247709d28db3491a
Certificate serial: 52873579A4726155F231C4D56FA1796283590300
Authority key identifier: 63:7F:D1:BA:3F:ED:44:45:4D:6D:70:30:24:77:09:D2:8D:B3:49:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y3_Ruj_tREVNbXAwJHcJ0o2zSRo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/3133392e32382e32342e302f32342d3234203d3e20323132363039.roa
Signing time: Tue 07 Apr 2026 08:47:03 +0000
ROA not before: Tue 07 Apr 2026 08:42:03 +0000
ROA not after: Tue 06 Apr 2027 08:47:03 +0000
asID: 212609
IP address blocks: 139.28.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/637FD1BA3FED44454D6D7030247709D28DB3491A.crl
rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/637FD1BA3FED44454D6D7030247709D28DB3491A.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y3_Ruj_tREVNbXAwJHcJ0o2zSRo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 02:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:87:35:79:a4:72:61:55:f2:31:c4:d5:6f:a1:79:62:83:59:03:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=637fd1ba3fed44454d6d7030247709d28db3491a
Validity
Not Before: Apr 7 08:42:03 2026 GMT
Not After : Apr 6 08:47:03 2027 GMT
Subject: CN=A8F34693DB5579E5C9790F3CDFF654297394D75F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:be:e7:08:50:20:73:98:d0:de:07:c4:3c:c4:
cc:eb:54:87:6f:b1:38:d2:09:34:1c:dc:5c:80:96:
3d:12:dd:0f:66:92:9b:6e:82:e8:0f:01:2a:00:62:
6f:38:a0:3d:31:f4:46:50:8b:cb:19:7e:55:0f:bd:
5e:c0:15:9a:2b:8c:0a:b0:98:ee:e0:e0:3b:e9:d1:
e9:ad:e3:7c:ab:93:56:7e:fe:dd:95:b6:dc:c8:0e:
d9:8c:7a:12:7f:6e:b6:aa:92:d5:4b:89:15:3f:e8:
cd:d0:2b:0b:b7:f6:94:f7:17:aa:97:cf:b9:0a:03:
94:2c:31:13:b7:b9:05:b8:03:33:b4:ea:f5:0e:c8:
99:1f:d3:8f:52:bb:fc:f3:6d:14:3e:3d:e0:69:c9:
e1:ea:23:85:ab:e5:fd:fe:a9:5d:fc:96:cf:18:7f:
6a:75:01:1f:d7:2d:d3:03:ce:46:05:c2:62:c9:93:
07:31:51:79:cb:a8:4c:ee:aa:49:be:c2:7a:60:35:
97:85:91:62:90:49:44:e6:28:c9:90:e1:e3:07:b9:
c6:f1:34:f6:57:af:0d:4d:e0:69:d7:1c:33:20:d3:
70:c6:c3:dd:a0:2a:da:14:b9:d5:57:c9:3a:90:fc:
94:30:ac:ad:b1:18:af:e2:c0:cf:a1:60:da:71:0b:
d9:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:F3:46:93:DB:55:79:E5:C9:79:0F:3C:DF:F6:54:29:73:94:D7:5F
X509v3 Authority Key Identifier:
keyid:63:7F:D1:BA:3F:ED:44:45:4D:6D:70:30:24:77:09:D2:8D:B3:49:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/637FD1BA3FED44454D6D7030247709D28DB3491A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y3_Ruj_tREVNbXAwJHcJ0o2zSRo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/3133392e32382e32342e302f32342d3234203d3e20323132363039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.24.0/24
Signature Algorithm: sha256WithRSAEncryption
22:34:14:3e:e9:0b:c9:ef:36:c9:ed:b8:9d:50:ba:b5:60:76:
5c:47:42:88:2b:7c:f3:3a:b4:1d:80:c8:6f:dd:ae:3c:b6:04:
18:90:9e:1c:16:38:d0:6c:bc:de:72:e5:2c:ac:17:2a:cb:ab:
1a:13:44:1f:a6:66:be:4d:c5:41:32:7e:93:41:c0:70:1c:a2:
27:aa:e1:7c:e5:4f:f1:e6:a7:ca:c6:b9:29:92:95:7f:6b:98:
14:9a:f1:9a:4d:21:b6:0f:a3:71:dd:42:43:c5:50:64:f5:ce:
57:7f:e4:e3:3c:db:c7:6e:97:29:15:a8:46:2d:79:1e:69:0e:
38:ba:a7:57:a1:19:43:f5:b1:83:50:db:5c:cf:2c:74:cc:eb:
ce:b1:c0:73:31:80:58:35:3e:c0:b8:be:21:0f:ce:a7:19:2a:
4c:87:ea:57:34:96:31:97:7b:50:16:21:d1:a2:3e:3e:46:d7:
89:b9:d0:2a:9c:8a:65:af:51:38:99:4a:ad:5e:2c:ee:e3:b3:
67:90:ef:21:da:0e:c3:48:3e:e7:c3:43:d4:df:c2:fc:b0:95:
5d:60:dc:c2:6c:61:ad:10:01:c0:ba:04:57:da:7d:bb:5f:cc:
66:8f:3a:f4:bc:04:52:95:a8:a3:74:2f:12:09:cc:6a:0a:d7:
e0:43:8e:74
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUUoc1eaRyYVXyMcTVb6F5YoNZAwAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM3ZmQxYmEzZmVkNDQ0NTRkNmQ3MDMwMjQ3NzA5ZDI4
ZGIzNDkxYTAeFw0yNjA0MDcwODQyMDNaFw0yNzA0MDYwODQ3MDNaMDMxMTAvBgNV
BAMTKEE4RjM0NjkzREI1NTc5RTVDOTc5MEYzQ0RGRjY1NDI5NzM5NEQ3NUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVvucIUCBzmNDeB8Q8xMzrVIdv
sTjSCTQc3FyAlj0S3Q9mkptugugPASoAYm84oD0x9EZQi8sZflUPvV7AFZorjAqw
mO7g4Dvp0emt43yrk1Z+/t2VttzIDtmMehJ/braqktVLiRU/6M3QKwu39pT3F6qX
z7kKA5QsMRO3uQW4AzO06vUOyJkf049Su/zzbRQ+PeBpyeHqI4Wr5f3+qV38ls8Y
f2p1AR/XLdMDzkYFwmLJkwcxUXnLqEzuqkm+wnpgNZeFkWKQSUTmKMmQ4eMHucbx
NPZXrw1N4GnXHDMg03DGw92gKtoUudVXyTqQ/JQwrK2xGK/iwM+hYNpxC9krAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUqPNGk9tVeeXJeQ883/ZUKXOU118wHwYDVR0j
BBgwFoAUY3/Ruj/tREVNbXAwJHcJ0o2zSRowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTk0ZGY3MTQtZDM3ZC00OTQyLThlOTQtOTFkZDg1M2Vm
N2UzLzAvNjM3RkQxQkEzRkVENDQ0NTRENkQ3MDMwMjQ3NzA5RDI4REIzNDkxQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1kzX1J1al90UkVWTmJYQXdKSGNKMG8y
elNSby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTk0ZGY3MTQt
ZDM3ZC00OTQyLThlOTQtOTFkZDg1M2VmN2UzLzAvMzEzMzM5MmUzMjM4MmUzMjM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzYzMDM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ixwYMA0GCSqGSIb3DQEBCwUAA4IBAQAiNBQ+6QvJ7zbJ7bidULq1YHZcR0KIK3zz
OrQdgMhv3a48tgQYkJ4cFjjQbLzecuUsrBcqy6saE0Qfpma+TcVBMn6TQcBwHKIn
quF85U/x5qfKxrkpkpV/a5gUmvGaTSG2D6Nx3UJDxVBk9c5Xf+TjPNvHbpcpFahG
LXkeaQ44uqdXoRlD9bGDUNtczyx0zOvOscBzMYBYNT7AuL4hD86nGSpMh+pXNJYx
l3tQFiHRoj4+RteJudAqnIplr1E4mUqtXizu47NnkO8h2g7DSD7nw0PU38L8sJVd
YNzCbGGtEAHAugRX2n27X8xmjzr0vARSlaijdC8SCcxqCtfgQ450
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:15:50 2026 by rpki-client