Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138362e302f32342d3234203d3e20323039303433.roa
File: 3130392e3131302e3138362e302f32342d3234203d3e20323039303433.roa (raw, json)
Hash identifier: K2NM5IqDJFhpLzxNrIxxhvymS018GOjFMlLTJbcVMvE=
Subject key identifier: 22:A3:A8:81:83:16:18:BD:0E:F2:6C:F3:2C:45:5E:63:A9:7D:C8:5B
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 4356457DE7C8FE9EC4C48344DE25C937EBD113BA
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138362e302f32342d3234203d3e20323039303433.roa
Signing time: Tue 24 Feb 2026 14:46:24 +0000
ROA not before: Tue 24 Feb 2026 14:41:24 +0000
ROA not after: Tue 23 Feb 2027 14:46:24 +0000
asID: 209043
IP address blocks: 109.110.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:56:45:7d:e7:c8:fe:9e:c4:c4:83:44:de:25:c9:37:eb:d1:13:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Feb 24 14:41:24 2026 GMT
Not After : Feb 23 14:46:24 2027 GMT
Subject: CN=22A3A881831618BD0EF26CF32C455E63A97DC85B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:90:24:7f:80:14:e9:0e:8a:f4:e3:d2:bb:47:
ba:2d:6c:13:23:c0:d1:98:f4:15:8a:10:bd:8b:aa:
42:66:d9:ec:d8:9e:25:d6:9f:8c:f5:50:e1:15:60:
34:15:bf:9e:b6:b0:8d:16:d5:0b:d1:6c:eb:27:3c:
53:64:bb:78:1d:c5:3c:7e:2b:9f:16:19:f6:5b:60:
5d:ef:44:2b:c8:bf:80:ab:ba:4c:89:d3:a0:11:1a:
bb:93:22:57:b9:bf:a6:ab:cc:37:6b:11:1c:b1:4d:
f6:29:2a:5b:3e:65:84:4a:af:53:96:5e:78:e2:a3:
f5:a2:20:8a:bd:b4:10:2f:b2:be:c8:d3:90:3f:1c:
46:a4:65:d6:f7:ef:09:f5:b2:4f:a4:e5:53:a2:18:
61:31:40:e2:08:79:ae:2c:75:0a:b3:0a:f3:bf:9e:
b1:3d:65:82:fd:46:28:3b:01:6d:fe:e6:6a:27:0d:
72:b6:a3:41:bc:b4:59:90:90:61:ce:26:7d:99:52:
a8:61:ab:22:f1:e7:93:8f:0f:4e:6e:eb:1b:a7:d8:
5e:f3:21:14:03:20:26:a4:2c:b7:6f:44:33:8d:82:
5d:29:8c:4c:e9:87:72:d2:ba:96:24:21:0f:80:fa:
3e:f0:82:ee:1e:a7:29:c0:6e:b8:b8:36:86:db:03:
ca:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:A3:A8:81:83:16:18:BD:0E:F2:6C:F3:2C:45:5E:63:A9:7D:C8:5B
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138362e302f32342d3234203d3e20323039303433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.186.0/24
Signature Algorithm: sha256WithRSAEncryption
10:59:91:bb:97:ea:c4:65:27:52:99:17:40:12:75:11:d1:e4:
ea:8c:14:16:b5:77:3e:02:5b:36:e1:34:7d:52:ff:8a:c3:84:
ca:07:f6:e8:e4:d8:f8:46:a2:aa:c0:5b:ec:20:71:89:c9:04:
30:2b:a3:2f:77:b8:be:45:5d:78:5f:c8:33:f8:b3:21:7b:f3:
75:eb:fb:7b:9b:4a:c5:31:92:c0:8d:46:03:38:1e:79:c2:f2:
8b:dd:1f:12:84:5d:d4:88:4f:81:e8:ec:0d:ef:12:f6:01:67:
84:2d:2c:7b:86:4f:a8:91:29:b0:db:81:65:d6:88:5e:21:8c:
4c:04:ff:4e:a5:74:50:37:d2:32:bb:a7:67:c5:5a:ef:54:42:
fa:55:ca:6d:cf:3d:3b:ba:9e:b2:41:c5:aa:6d:d1:65:08:ac:
75:9e:da:1e:ac:14:6e:1d:d9:bc:1c:19:d6:9a:e2:fd:b9:2e:
b3:b9:f5:2d:ba:83:83:b8:a0:eb:cb:94:17:7f:71:59:c0:ff:
16:68:ba:8e:93:82:71:52:60:9f:7f:f8:fd:e7:1c:fb:61:3f:
f8:7f:0e:94:bb:ef:88:60:b8:e8:73:ce:f3:46:2f:91:81:b8:
6e:bd:78:79:20:ce:f7:2b:86:e5:09:f2:0d:2e:38:59:3e:62:
31:a5:95:cb
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUQ1ZFfefI/p7ExINE3iXJN+vRE7owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNjAyMjQxNDQxMjRaFw0yNzAyMjMxNDQ2MjRaMDMxMTAvBgNV
BAMTKDIyQTNBODgxODMxNjE4QkQwRUYyNkNGMzJDNDU1RTYzQTk3REM4NUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCLkCR/gBTpDor049K7R7otbBMj
wNGY9BWKEL2LqkJm2ezYniXWn4z1UOEVYDQVv562sI0W1QvRbOsnPFNku3gdxTx+
K58WGfZbYF3vRCvIv4CrukyJ06ARGruTIle5v6arzDdrERyxTfYpKls+ZYRKr1OW
Xnjio/WiIIq9tBAvsr7I05A/HEakZdb37wn1sk+k5VOiGGExQOIIea4sdQqzCvO/
nrE9ZYL9Rig7AW3+5monDXK2o0G8tFmQkGHOJn2ZUqhhqyLx55OPD05u6xun2F7z
IRQDICakLLdvRDONgl0pjEzph3LSupYkIQ+A+j7wgu4epynAbri4NobbA8rpAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUIqOogYMWGL0O8mzzLEVeY6l9yFswHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzgzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzOTMwMzQzMy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAG1uujANBgkqhkiG9w0BAQsFAAOCAQEAEFmRu5fqxGUnUpkXQBJ1EdHk6owU
FrV3PgJbNuE0fVL/isOEygf26OTY+EaiqsBb7CBxickEMCujL3e4vkVdeF/IM/iz
IXvzdev7e5tKxTGSwI1GAzgeecLyi90fEoRd1IhPgejsDe8S9gFnhC0se4ZPqJEp
sNuBZdaIXiGMTAT/TqV0UDfSMrunZ8Va71RC+lXKbc89O7qeskHFqm3RZQisdZ7a
HqwUbh3ZvBwZ1pri/bkus7n1LbqDg7ig68uUF39xWcD/Fmi6jpOCcVJgn3/4/ecc
+2E/+H8OlLvviGC46HPO80YvkYG4br14eSDO9yuG5QnyDS44WT5iMaWVyw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:10:05 2026 by rpki-client