Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3139302e302f32332d3234203d3e20323732393632.roa
File: 3130392e3131302e3139302e302f32332d3234203d3e20323732393632.roa (raw, json)
Hash identifier: y1vA9gBCNPNQVsS8AoOTdv70AZyjwOK/DVYv9EBpAug=
Subject key identifier: A9:19:E2:D2:47:A5:11:9B:ED:75:47:99:70:F0:15:6F:D4:4D:26:25
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 28EFBF5616DD067DF317C775A68F84591E59FA94
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3139302e302f32332d3234203d3e20323732393632.roa
Signing time: Sun 15 Feb 2026 10:55:38 +0000
ROA not before: Sun 15 Feb 2026 10:50:38 +0000
ROA not after: Sun 14 Feb 2027 10:55:38 +0000
asID: 272962
IP address blocks: 109.110.190.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:ef:bf:56:16:dd:06:7d:f3:17:c7:75:a6:8f:84:59:1e:59:fa:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Feb 15 10:50:38 2026 GMT
Not After : Feb 14 10:55:38 2027 GMT
Subject: CN=A919E2D247A5119BED75479970F0156FD44D2625
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a5:f7:d5:9a:bd:f3:a5:4b:6f:f8:e3:15:29:
9b:0f:71:a5:03:37:7b:ad:28:9c:36:79:e0:33:31:
d3:05:46:04:c9:03:99:19:4a:94:59:46:19:1b:52:
0d:c5:15:58:f7:1a:98:6b:10:e6:21:b0:f6:de:ed:
f1:7b:b5:23:1c:23:22:24:7e:3f:36:a5:98:98:ce:
90:28:6e:24:65:b0:6a:a0:f4:6e:93:d6:c1:2a:8c:
50:c0:ed:a4:08:db:ce:53:04:83:5c:e9:ce:d6:f3:
70:1b:23:11:41:78:cc:a0:ae:57:62:9d:d3:fb:f7:
d6:c0:aa:93:08:fe:d8:ed:72:0a:f1:cf:16:c5:92:
b4:55:76:87:2f:7a:37:f3:7a:bb:1b:b2:fa:35:1f:
69:33:dc:d3:2f:38:d0:c4:05:19:47:23:51:04:b6:
7b:67:e9:21:88:96:49:d3:db:ab:98:b9:b0:b7:8d:
be:e8:4a:71:e5:39:34:79:6a:46:65:02:ba:a4:08:
c1:52:5b:3b:d8:36:0c:78:81:e6:9d:d1:e6:4e:7c:
a0:de:75:c6:af:f3:3e:b0:58:81:c1:f9:15:eb:94:
39:ab:6a:1c:ba:03:cd:8f:29:22:5c:77:c8:63:36:
cd:4f:dd:0f:80:11:5b:12:be:34:9a:be:72:48:09:
0a:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:19:E2:D2:47:A5:11:9B:ED:75:47:99:70:F0:15:6F:D4:4D:26:25
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3139302e302f32332d3234203d3e20323732393632.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.190.0/23
Signature Algorithm: sha256WithRSAEncryption
7f:45:0e:e1:53:53:16:f1:70:3e:7c:2f:a2:fd:41:7b:99:31:
18:64:9d:90:41:b0:5b:ac:23:c5:19:33:fd:7d:9e:57:b4:66:
89:3f:f9:13:73:9c:48:88:e4:f6:ef:d8:28:bb:16:c7:17:12:
f1:65:0d:ca:10:8a:09:e6:54:5f:2e:6d:5c:00:5c:c8:09:ae:
26:b6:c8:54:8b:91:a1:19:2f:73:bb:4b:c6:ad:46:0e:3e:66:
43:8d:a1:b7:98:3f:d4:00:e2:ec:47:05:eb:78:5d:c9:35:ba:
50:eb:7b:20:b3:af:54:6e:69:8e:a3:36:da:15:ad:bb:bf:c1:
2d:20:30:9d:f1:5a:58:16:1d:4b:81:e6:28:b7:98:41:f2:9b:
8d:49:40:31:38:96:32:4b:7f:99:58:b7:7e:6f:40:e1:17:4b:
9c:6e:2e:89:3f:59:57:47:c0:55:a5:20:da:e0:5c:5e:58:c6:
7a:79:e1:3a:17:8f:b6:64:1c:48:77:7b:53:d7:88:e2:d5:9b:
2d:e9:2f:9a:ce:69:8b:88:ab:40:a4:57:3d:6f:52:01:9e:b1:
41:56:c2:97:ed:5f:18:f3:f9:96:80:7a:bf:f5:ff:ff:43:b2:
bb:3c:97:5f:63:77:39:57:cf:78:c7:80:d1:dc:f8:8f:a5:7e:
9a:49:ee:46
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUKO+/VhbdBn3zF8d1po+EWR5Z+pQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNjAyMTUxMDUwMzhaFw0yNzAyMTQxMDU1MzhaMDMxMTAvBgNV
BAMTKEE5MTlFMkQyNDdBNTExOUJFRDc1NDc5OTcwRjAxNTZGRDQ0RDI2MjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVpffVmr3zpUtv+OMVKZsPcaUD
N3utKJw2eeAzMdMFRgTJA5kZSpRZRhkbUg3FFVj3GphrEOYhsPbe7fF7tSMcIyIk
fj82pZiYzpAobiRlsGqg9G6T1sEqjFDA7aQI285TBINc6c7W83AbIxFBeMygrldi
ndP799bAqpMI/tjtcgrxzxbFkrRVdocvejfzersbsvo1H2kz3NMvONDEBRlHI1EE
tntn6SGIlknT26uYubC3jb7oSnHlOTR5akZlArqkCMFSWzvYNgx4gead0eZOfKDe
dcav8z6wWIHB+RXrlDmrahy6A82PKSJcd8hjNs1P3Q+AEVsSvjSavnJICQoVAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUqRni0kelEZvtdUeZcPAVb9RNJiUwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzkzMDJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDMyMzczMjM5MzYzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAW1uvjANBgkqhkiG9w0BAQsFAAOCAQEAf0UO4VNTFvFwPnwvov1Be5kxGGSd
kEGwW6wjxRkz/X2eV7RmiT/5E3OcSIjk9u/YKLsWxxcS8WUNyhCKCeZUXy5tXABc
yAmuJrbIVIuRoRkvc7tLxq1GDj5mQ42ht5g/1ADi7EcF63hdyTW6UOt7ILOvVG5p
jqM22hWtu7/BLSAwnfFaWBYdS4HmKLeYQfKbjUlAMTiWMkt/mVi3fm9A4RdLnG4u
iT9ZV0fAVaUg2uBcXljGennhOhePtmQcSHd7U9eI4tWbLekvms5pi4irQKRXPW9S
AZ6xQVbCl+1fGPP5loB6v/X//0OyuzyXX2N3OVfPeMeA0dz4j6V+mknuRg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:57:11 2026 by rpki-client