Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136382e302f32342d3234203d3e2035303635.roa
File: 3130392e3131302e3136382e302f32342d3234203d3e2035303635.roa (raw, json)
Hash identifier: qBOYpCCGsS3VwUVvIaOCUEXe+qHPa33+b+b9yCdTO1o=
Subject key identifier: D2:61:34:4C:5C:52:B4:D3:6D:CB:62:0E:3E:60:EF:72:C2:51:ED:F3
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 4AB079F3B27961DAE40E9CF2894E1BAFFCD5A0E2
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136382e302f32342d3234203d3e2035303635.roa
Signing time: Tue 10 Feb 2026 04:55:38 +0000
ROA not before: Tue 10 Feb 2026 04:50:38 +0000
ROA not after: Tue 09 Feb 2027 04:55:38 +0000
asID: 5065
IP address blocks: 109.110.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 05:42:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:b0:79:f3:b2:79:61:da:e4:0e:9c:f2:89:4e:1b:af:fc:d5:a0:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Feb 10 04:50:38 2026 GMT
Not After : Feb 9 04:55:38 2027 GMT
Subject: CN=D261344C5C52B4D36DCB620E3E60EF72C251EDF3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:15:ff:a3:6d:4d:57:e2:20:29:f0:78:bd:50:
d3:5b:79:b1:fb:5b:10:23:eb:c3:78:39:ce:fe:68:
2f:9b:10:38:2c:62:63:58:bb:ec:b6:24:fd:36:5a:
e9:1e:9e:17:9d:4e:5a:f4:ae:fb:7b:3c:0e:ce:c5:
13:43:c1:b5:fb:5e:e4:69:d0:ff:33:4b:8f:f7:1e:
b5:e8:97:9a:80:b1:5a:bc:4b:42:31:b5:00:f1:82:
2f:fb:a7:a5:1a:64:af:ef:f1:f1:e0:c2:15:e0:c6:
69:e7:80:81:31:4a:90:c9:03:12:c2:d3:44:33:07:
5c:b1:16:27:9d:a1:c5:b3:21:8e:9d:df:a9:da:92:
7c:a8:94:50:a9:1a:5f:58:43:36:80:f5:19:ef:0d:
5f:f8:87:d0:f3:c3:97:c1:e1:ce:95:a7:13:07:b7:
99:58:63:f2:38:ad:6f:3c:3b:6a:13:71:c1:05:5b:
82:d2:a3:2f:31:42:89:7e:4e:fe:10:52:5c:01:86:
a5:52:c5:4d:57:7e:14:0e:95:f5:db:2f:13:2d:10:
55:fa:36:b2:ae:b2:b7:85:f5:2f:4c:29:0f:d7:ea:
f8:ff:4e:a6:21:c7:d4:49:7e:39:a6:76:14:3d:c5:
7f:c7:d3:f5:5b:79:bb:87:d3:77:39:68:af:6d:af:
16:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:61:34:4C:5C:52:B4:D3:6D:CB:62:0E:3E:60:EF:72:C2:51:ED:F3
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136382e302f32342d3234203d3e2035303635.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.168.0/24
Signature Algorithm: sha256WithRSAEncryption
36:06:21:37:37:25:7c:c9:8e:90:49:92:82:e0:23:b6:e1:39:
52:f9:9e:8d:31:31:9d:03:7c:30:d8:3a:2c:40:ba:62:48:60:
09:23:96:47:13:eb:82:de:b8:09:4a:39:90:be:fc:65:5f:ba:
75:d3:ee:62:22:d2:ae:cd:2e:77:a9:e3:6a:74:0d:a6:f0:b9:
bf:d1:b0:cc:a5:a1:c0:e5:f5:08:49:8f:ed:ec:e6:18:15:c3:
a6:15:ba:01:d4:ba:43:29:4c:ba:08:5e:25:d3:14:df:ac:bc:
35:51:6f:1e:04:a7:66:8b:43:74:60:86:5e:2d:58:cd:2b:11:
ca:44:74:a5:6c:37:53:7e:c3:f0:d9:3c:11:10:52:84:14:08:
9a:24:ab:86:61:d4:c7:e8:f3:34:14:99:8b:71:7e:4f:ab:c9:
83:f4:ff:13:c2:4f:31:be:e1:ef:ff:d3:18:05:8b:9f:5e:67:
d4:4d:44:49:f8:f4:4f:57:7f:f8:4b:f6:ca:39:ea:15:9e:20:
5c:c0:15:33:f8:81:78:5c:8f:ae:19:fa:0c:6e:19:6e:b4:62:
41:31:b7:d5:d0:cf:fc:5d:c5:a6:e4:77:a4:e3:35:bb:cf:46:
cd:ee:b2:4e:d4:43:c3:51:cb:0a:91:24:fe:54:8c:32:7d:8d:
06:15:48:6b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUSrB587J5YdrkDpzyiU4br/zVoOIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNjAyMTAwNDUwMzhaFw0yNzAyMDkwNDU1MzhaMDMxMTAvBgNV
BAMTKEQyNjEzNDRDNUM1MkI0RDM2RENCNjIwRTNFNjBFRjcyQzI1MUVERjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHFf+jbU1X4iAp8Hi9UNNbebH7
WxAj68N4Oc7+aC+bEDgsYmNYu+y2JP02WukenhedTlr0rvt7PA7OxRNDwbX7XuRp
0P8zS4/3HrXol5qAsVq8S0IxtQDxgi/7p6UaZK/v8fHgwhXgxmnngIExSpDJAxLC
00QzB1yxFiedocWzIY6d36naknyolFCpGl9YQzaA9RnvDV/4h9Dzw5fB4c6VpxMH
t5lYY/I4rW88O2oTccEFW4LSoy8xQol+Tv4QUlwBhqVSxU1XfhQOlfXbLxMtEFX6
NrKusreF9S9MKQ/X6vj/TqYhx9RJfjmmdhQ9xX/H0/VbebuH03c5aK9trxYDAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU0mE0TFxStNNty2IOPmDvcsJR7fMwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzYzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzAzNjM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
bW6oMA0GCSqGSIb3DQEBCwUAA4IBAQA2BiE3NyV8yY6QSZKC4CO24TlS+Z6NMTGd
A3ww2DosQLpiSGAJI5ZHE+uC3rgJSjmQvvxlX7p10+5iItKuzS53qeNqdA2m8Lm/
0bDMpaHA5fUISY/t7OYYFcOmFboB1LpDKUy6CF4l0xTfrLw1UW8eBKdmi0N0YIZe
LVjNKxHKRHSlbDdTfsPw2TwREFKEFAiaJKuGYdTH6PM0FJmLcX5Pq8mD9P8Twk8x
vuHv/9MYBYufXmfUTURJ+PRPV3/4S/bKOeoVniBcwBUz+IF4XI+uGfoMbhlutGJB
MbfV0M/8XcWm5Hek4zW7z0bN7rJO1EPDUcsKkST+VIwyfY0GFUhr
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:23:22 2026 by rpki-client