Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3139302e302f32332d3234203d3e20323731373939.roa
File: 3130392e3131302e3139302e302f32332d3234203d3e20323731373939.roa (raw, json)
Hash identifier: GOERPh/w5ki/LR/fWmH+jvfGVbOuJXecRi04ulP+OGU=
Subject key identifier: BD:23:6D:92:7F:B5:2D:87:83:F6:DB:4D:DB:5F:7B:C2:40:B7:E5:67
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 759230467997C733697B1A013AD6C6976B7D34FA
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3139302e302f32332d3234203d3e20323731373939.roa
Signing time: Thu 29 Jan 2026 21:55:36 +0000
ROA not before: Thu 29 Jan 2026 21:50:36 +0000
ROA not after: Thu 28 Jan 2027 21:55:36 +0000
asID: 271799
IP address blocks: 109.110.190.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:92:30:46:79:97:c7:33:69:7b:1a:01:3a:d6:c6:97:6b:7d:34:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Jan 29 21:50:36 2026 GMT
Not After : Jan 28 21:55:36 2027 GMT
Subject: CN=BD236D927FB52D8783F6DB4DDB5F7BC240B7E567
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:6e:74:34:d0:30:70:df:4a:ff:90:f6:0e:79:
1e:73:35:a3:dd:d2:dd:93:a1:86:5b:3f:95:e2:8f:
ab:60:6b:ef:79:d3:8d:1e:51:9f:a6:a3:a9:ca:d6:
65:30:d5:5f:1f:a2:aa:ef:db:28:3a:f3:39:62:19:
53:90:b3:89:de:40:26:29:08:c2:e0:88:35:dd:7d:
4b:33:72:d6:25:07:79:55:ce:07:f0:2c:c9:96:9a:
eb:73:9c:37:1c:4a:3f:17:00:33:b9:35:21:d1:5d:
a6:aa:03:04:2d:40:6a:f2:18:d3:5d:dd:0a:7b:f7:
7f:ef:69:b0:5b:02:1c:9f:a6:0e:70:ab:0b:0f:5d:
26:1c:13:71:b8:f3:00:76:30:99:5b:be:46:7a:3e:
c4:c7:2d:aa:3a:54:dd:68:2b:4e:36:d3:72:96:b7:
72:49:31:0e:8a:5d:77:a0:f6:e6:06:b0:ea:61:5c:
9a:0e:ae:4a:12:21:d5:e1:1a:d9:ef:27:70:e9:28:
5f:33:d9:c1:45:47:73:b0:b6:e0:6d:9f:f9:f1:a6:
72:51:63:ec:cf:c7:f5:56:37:9d:b2:c0:f5:d2:5c:
28:6c:d5:c8:f2:47:a4:e6:cf:b0:5d:69:8c:74:45:
18:c3:cb:b6:3b:b6:06:3f:8e:4c:71:26:a4:7e:f9:
df:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:23:6D:92:7F:B5:2D:87:83:F6:DB:4D:DB:5F:7B:C2:40:B7:E5:67
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3139302e302f32332d3234203d3e20323731373939.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.190.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:8a:ab:fb:2e:94:b6:ae:4f:15:15:b1:0a:3f:0f:6d:7a:15:
35:9f:3f:c0:c5:67:f9:a6:a2:f2:c5:07:27:3c:63:58:17:a5:
28:0f:fc:a8:3e:39:bd:d2:cd:6c:5e:ee:c6:e8:cb:4f:81:9a:
56:c3:22:c6:ed:8b:dd:e6:62:1a:6f:59:3c:ab:c1:27:8d:25:
be:1d:4b:cf:c3:70:ad:f7:68:81:c4:98:60:6e:c6:e0:60:36:
61:73:e9:1c:69:99:1d:af:5f:70:8f:04:11:2d:e9:15:e7:e3:
70:08:47:df:c8:81:b8:16:cd:62:07:19:a9:3f:cd:19:5a:29:
8f:d6:79:46:80:5e:12:f8:9f:91:f5:9f:4d:e8:80:4d:7d:29:
47:d8:8c:75:73:5f:29:aa:52:70:d1:e0:5b:d2:ef:93:bf:7e:
e1:75:19:fb:c7:50:c8:df:79:8a:49:aa:cc:da:99:4b:37:ee:
01:d2:f9:33:fc:c1:0b:80:42:6b:af:39:b0:34:f6:1f:27:ac:
32:8e:b1:98:49:c2:68:3f:ae:62:09:95:bc:6d:57:c1:43:6a:
39:ae:55:c6:59:f5:63:ab:7b:5a:ad:d3:99:ca:fb:40:5b:b8:
19:ca:a8:da:30:a1:d0:15:c7:aa:6d:6b:2a:1a:70:c7:86:c8:
00:5d:7c:42
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUdZIwRnmXxzNpexoBOtbGl2t9NPowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNjAxMjkyMTUwMzZaFw0yNzAxMjgyMTU1MzZaMDMxMTAvBgNV
BAMTKEJEMjM2RDkyN0ZCNTJEODc4M0Y2REI0RERCNUY3QkMyNDBCN0U1NjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDebnQ00DBw30r/kPYOeR5zNaPd
0t2ToYZbP5Xij6tga+95040eUZ+mo6nK1mUw1V8foqrv2yg68zliGVOQs4neQCYp
CMLgiDXdfUszctYlB3lVzgfwLMmWmutznDccSj8XADO5NSHRXaaqAwQtQGryGNNd
3Qp793/vabBbAhyfpg5wqwsPXSYcE3G48wB2MJlbvkZ6PsTHLao6VN1oK04203KW
t3JJMQ6KXXeg9uYGsOphXJoOrkoSIdXhGtnvJ3DpKF8z2cFFR3OwtuBtn/nxpnJR
Y+zPx/VWN52ywPXSXChs1cjyR6Tmz7BdaYx0RRjDy7Y7tgY/jkxxJqR++d/pAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUvSNtkn+1LYeD9ttN2197wkC35WcwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzkzMDJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDMyMzczMTM3MzkzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAW1uvjANBgkqhkiG9w0BAQsFAAOCAQEAGoqr+y6Utq5PFRWxCj8PbXoVNZ8/
wMVn+aai8sUHJzxjWBelKA/8qD45vdLNbF7uxujLT4GaVsMixu2L3eZiGm9ZPKvB
J40lvh1Lz8NwrfdogcSYYG7G4GA2YXPpHGmZHa9fcI8EES3pFefjcAhH38iBuBbN
YgcZqT/NGVopj9Z5RoBeEvifkfWfTeiATX0pR9iMdXNfKapScNHgW9Lvk79+4XUZ
+8dQyN95ikmqzNqZSzfuAdL5M/zBC4BCa685sDT2HyesMo6xmEnCaD+uYgmVvG1X
wUNqOa5Vxln1Y6t7Wq3Tmcr7QFu4Gcqo2jCh0BXHqm1rKhpwx4bIAF18Qg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:58:00 2026 by rpki-client