Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3139302e302f32332d3233203d3e20323732303733.roa
File: 3130392e3131302e3139302e302f32332d3233203d3e20323732303733.roa (raw, json)
Hash identifier: iHvsPi2eaZKQ6wHQsES+0tlxulFijT9FiNfHPH2mdO4=
Subject key identifier: FE:FB:4F:4B:E5:20:1A:2E:E5:C5:2C:44:6B:A6:75:E9:31:11:48:BA
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 09F61F6CFFB721709BF53F764A5535A1F218EDD0
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3139302e302f32332d3233203d3e20323732303733.roa
Signing time: Sat 21 Feb 2026 22:55:39 +0000
ROA not before: Sat 21 Feb 2026 22:50:39 +0000
ROA not after: Sat 20 Feb 2027 22:55:39 +0000
asID: 272073
IP address blocks: 109.110.190.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:f6:1f:6c:ff:b7:21:70:9b:f5:3f:76:4a:55:35:a1:f2:18:ed:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Feb 21 22:50:39 2026 GMT
Not After : Feb 20 22:55:39 2027 GMT
Subject: CN=FEFB4F4BE5201A2EE5C52C446BA675E9311148BA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:26:f1:a0:dc:af:2c:5c:12:10:8a:13:24:02:
d2:07:12:26:be:c5:6d:65:99:7b:96:a1:97:52:40:
7f:65:c8:9e:db:62:e5:ce:8f:fa:15:5a:ca:fe:15:
0f:fc:5d:49:6e:87:f0:99:19:98:e6:b5:cc:06:62:
af:03:49:06:0f:60:98:ca:52:e4:ee:f2:82:97:71:
62:9c:0c:9d:32:a0:7b:3e:a6:10:2f:ff:e2:8a:a3:
4d:38:99:e4:36:8d:95:ff:3f:66:47:25:9f:5d:d4:
6c:ef:5e:02:21:88:ce:fb:d0:b0:9b:49:7b:2d:35:
fc:a2:b3:ba:18:20:1d:25:5e:db:d6:21:25:16:78:
f1:92:75:c9:0c:e1:2a:b9:c1:a2:03:64:e5:89:cc:
fa:c4:ce:6a:0d:69:2a:e5:be:6c:43:91:69:f4:e4:
61:7c:0e:94:94:18:35:3d:ed:d3:35:d5:91:db:66:
31:83:b5:89:f0:7d:9a:4c:3b:3e:96:5e:88:1d:21:
bc:24:ab:30:81:8e:d3:05:e6:d7:da:cb:82:de:8c:
08:71:34:f9:9b:7c:39:58:ca:fe:4f:8f:fa:d0:f2:
0a:0f:a9:5f:7f:9b:21:cb:9f:ae:43:9b:1e:de:5b:
97:d3:22:18:ab:51:2e:e1:df:e3:a9:05:f0:da:cf:
ce:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:FB:4F:4B:E5:20:1A:2E:E5:C5:2C:44:6B:A6:75:E9:31:11:48:BA
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3139302e302f32332d3233203d3e20323732303733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.190.0/23
Signature Algorithm: sha256WithRSAEncryption
1e:86:d6:6a:65:45:42:1d:b6:26:29:6e:cb:5a:32:10:1a:f0:
91:6a:10:c3:ae:93:4a:a0:e1:3c:c2:5e:1b:2d:8d:f5:44:cb:
9c:0c:6c:1a:d8:23:45:65:80:57:3a:33:3a:a4:23:40:de:b8:
76:b5:05:54:e9:76:7d:fb:1e:1b:6f:37:a5:16:6a:17:b6:52:
2a:70:b5:1a:74:1f:9e:81:13:1e:97:b9:64:6c:c2:84:2c:17:
95:b5:62:84:0d:98:61:82:d5:cc:86:03:5c:57:a4:2d:06:07:
c7:87:ae:03:8a:6f:eb:2a:9d:6b:a4:a5:9e:ff:61:26:c6:04:
24:99:82:3a:45:db:53:92:e8:0e:0d:23:64:c1:e9:7c:e2:0c:
38:e0:57:62:1c:53:37:f8:aa:38:08:c2:84:92:45:29:3e:22:
fe:cd:fd:06:10:cc:af:ed:a1:3e:07:62:77:6d:6e:cf:c3:b6:
e5:22:cd:9f:99:08:ea:8c:e0:e2:8c:5f:a0:3d:0a:5e:cd:ef:
de:5c:1e:35:c9:88:c1:01:7d:6c:68:df:0c:cf:4c:60:45:66:
77:76:d9:c1:62:af:ac:af:fa:f5:6e:77:2a:0f:4b:d9:9b:df:
13:7a:9c:a9:27:5b:6b:af:89:cf:e2:40:39:b4:cc:bb:bd:e8:
b9:39:7b:ef
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUCfYfbP+3IXCb9T92SlU1ofIY7dAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNjAyMjEyMjUwMzlaFw0yNzAyMjAyMjU1MzlaMDMxMTAvBgNV
BAMTKEZFRkI0RjRCRTUyMDFBMkVFNUM1MkM0NDZCQTY3NUU5MzExMTQ4QkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkJvGg3K8sXBIQihMkAtIHEia+
xW1lmXuWoZdSQH9lyJ7bYuXOj/oVWsr+FQ/8XUluh/CZGZjmtcwGYq8DSQYPYJjK
UuTu8oKXcWKcDJ0yoHs+phAv/+KKo004meQ2jZX/P2ZHJZ9d1GzvXgIhiM770LCb
SXstNfyis7oYIB0lXtvWISUWePGSdckM4Sq5waIDZOWJzPrEzmoNaSrlvmxDkWn0
5GF8DpSUGDU97dM11ZHbZjGDtYnwfZpMOz6WXogdIbwkqzCBjtMF5tfay4LejAhx
NPmbfDlYyv5Pj/rQ8goPqV9/myHLn65Dmx7eW5fTIhirUS7h3+OpBfDaz87zAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU/vtPS+UgGi7lxSxEa6Z16TERSLowHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzkzMDJlMzAyZjMyMzMyZDMyMzMyMDNkM2UyMDMyMzczMjMwMzczMy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAW1uvjANBgkqhkiG9w0BAQsFAAOCAQEAHobWamVFQh22Jiluy1oyEBrwkWoQ
w66TSqDhPMJeGy2N9UTLnAxsGtgjRWWAVzozOqQjQN64drUFVOl2ffseG283pRZq
F7ZSKnC1GnQfnoETHpe5ZGzChCwXlbVihA2YYYLVzIYDXFekLQYHx4euA4pv6yqd
a6Slnv9hJsYEJJmCOkXbU5LoDg0jZMHpfOIMOOBXYhxTN/iqOAjChJJFKT4i/s39
BhDMr+2hPgdid21uz8O25SLNn5kI6ozg4oxfoD0KXs3v3lweNcmIwQF9bGjfDM9M
YEVmd3bZwWKvrK/69W53Kg9L2ZvfE3qcqSdba6+Jz+JAObTMu73ouTl77w==
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:39:03 2026 by rpki-client