Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138312e302f32342d3234203d3e203136353039.roa
File: 3130392e3131302e3138312e302f32342d3234203d3e203136353039.roa (raw, json)
Hash identifier: 4H61PfwzDspewLBsmslnjY291ltaBYyp3UkmgyU/GDI=
Subject key identifier: 3D:65:D1:7B:9E:69:F9:44:A2:01:2D:D6:73:E7:D7:00:B0:77:18:FA
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 471FE2A671E80D25E6CB8C66E0A12945AE1DBC9F
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138312e302f32342d3234203d3e203136353039.roa
Signing time: Wed 28 Jan 2026 10:55:36 +0000
ROA not before: Wed 28 Jan 2026 10:50:36 +0000
ROA not after: Wed 27 Jan 2027 10:55:36 +0000
asID: 16509
IP address blocks: 109.110.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:1f:e2:a6:71:e8:0d:25:e6:cb:8c:66:e0:a1:29:45:ae:1d:bc:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Jan 28 10:50:36 2026 GMT
Not After : Jan 27 10:55:36 2027 GMT
Subject: CN=3D65D17B9E69F944A2012DD673E7D700B07718FA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:87:75:1f:d0:db:bb:41:fe:84:cb:0b:48:17:
1b:e8:c1:a3:a2:73:b6:98:66:a3:b9:80:8a:1e:9c:
84:b3:12:62:fc:50:9c:a3:5d:71:b8:75:70:14:29:
e9:d5:cb:bf:4f:2c:00:c3:21:77:19:46:5a:b8:6a:
4b:15:ec:11:a1:92:84:a7:2c:72:25:ba:af:da:f1:
cc:6c:ad:8d:78:8f:d4:48:8d:83:82:d5:20:0c:25:
3a:5c:f6:ef:4c:77:e8:24:b3:ae:19:33:4e:2a:7f:
3c:a5:e0:9b:46:56:01:66:9d:40:b5:03:a7:f2:81:
a5:81:42:3a:e0:a0:fe:0f:4e:32:ed:01:7e:bb:e0:
a9:f8:75:61:42:97:06:84:f3:a0:1f:80:a0:0c:9d:
c0:3e:af:3d:14:5e:9b:19:20:c4:02:a4:d0:50:72:
61:0b:7c:3e:1f:55:0d:91:1c:23:18:5a:f3:cb:ea:
96:6f:57:a3:1f:80:4b:7d:40:3c:47:c7:12:d0:db:
d2:a8:11:c7:08:63:fd:8e:62:9d:14:9f:41:3c:33:
33:f5:13:21:aa:f4:36:4c:cc:8c:b8:24:ab:4b:1c:
00:1f:ca:5c:f8:f9:f5:5d:54:61:dd:74:4c:b2:cb:
fe:2e:3d:e9:64:ce:99:00:95:d1:01:5b:10:27:39:
74:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:65:D1:7B:9E:69:F9:44:A2:01:2D:D6:73:E7:D7:00:B0:77:18:FA
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138312e302f32342d3234203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.181.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:3f:74:93:60:d0:c3:e2:3d:aa:6f:81:b6:cb:0b:f3:fa:86:
60:07:71:05:43:da:fc:58:08:4e:bd:be:05:54:35:d5:67:95:
de:db:0b:f8:58:f7:a0:53:14:db:46:99:14:fc:7b:79:de:ae:
68:96:50:50:13:a7:91:19:57:85:1d:a0:03:46:0f:35:f8:5b:
9a:d5:db:6a:77:39:46:39:d1:f3:33:12:3f:a1:0f:6a:36:4d:
ba:fb:11:8d:bd:32:98:e9:70:54:6e:c7:93:63:8b:6f:4f:11:
e5:c7:63:1b:6d:26:b0:1c:75:a1:26:ee:7f:5b:d5:2c:29:d8:
21:58:e5:03:5c:23:30:c5:a4:eb:c5:0f:53:be:f1:dd:3f:5b:
5c:ba:75:a5:b8:1a:31:57:94:8e:a0:d0:38:8b:5b:1c:b9:c1:
62:72:db:80:39:7a:3f:70:c4:24:dd:98:c9:c8:4b:61:f4:b4:
fd:75:ca:8c:c8:8f:13:ef:63:d9:c3:9c:51:31:4e:3f:68:31:
53:ae:b4:a0:c7:8e:af:6b:b6:3d:51:3e:4c:45:97:7b:d4:7f:
3f:5a:2f:bf:7a:7f:9a:7d:b4:fe:2a:5c:d0:28:a8:ce:92:0e:
4e:80:1d:ff:6a:da:6a:00:c6:46:52:a6:75:1d:90:f7:0a:6f:
67:d5:19:e6
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIURx/ipnHoDSXmy4xm4KEpRa4dvJ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNjAxMjgxMDUwMzZaFw0yNzAxMjcxMDU1MzZaMDMxMTAvBgNV
BAMTKDNENjVEMTdCOUU2OUY5NDRBMjAxMkRENjczRTdENzAwQjA3NzE4RkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJh3Uf0Nu7Qf6EywtIFxvowaOi
c7aYZqO5gIoenISzEmL8UJyjXXG4dXAUKenVy79PLADDIXcZRlq4aksV7BGhkoSn
LHIluq/a8cxsrY14j9RIjYOC1SAMJTpc9u9Md+gks64ZM04qfzyl4JtGVgFmnUC1
A6fygaWBQjrgoP4PTjLtAX674Kn4dWFClwaE86AfgKAMncA+rz0UXpsZIMQCpNBQ
cmELfD4fVQ2RHCMYWvPL6pZvV6MfgEt9QDxHxxLQ29KoEccIY/2OYp0Un0E8MzP1
EyGq9DZMzIy4JKtLHAAfylz4+fVdVGHddEyyy/4uPelkzpkAldEBWxAnOXTVAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUPWXRe55p+USiAS3Wc+fXALB3GPowHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzgzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzYzNTMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABtbrUwDQYJKoZIhvcNAQELBQADggEBABo/dJNg0MPiPapvgbbLC/P6hmAHcQVD
2vxYCE69vgVUNdVnld7bC/hY96BTFNtGmRT8e3nermiWUFATp5EZV4UdoANGDzX4
W5rV22p3OUY50fMzEj+hD2o2Tbr7EY29MpjpcFRux5Nji29PEeXHYxttJrAcdaEm
7n9b1Swp2CFY5QNcIzDFpOvFD1O+8d0/W1y6daW4GjFXlI6g0DiLWxy5wWJy24A5
ej9wxCTdmMnIS2H0tP11yozIjxPvY9nDnFExTj9oMVOutKDHjq9rtj1RPkxFl3vU
fz9aL796f5p9tP4qXNAoqM6SDk6AHf9q2moAxkZSpnUdkPcKb2fVGeY=
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:14:22 2026 by rpki-client