Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/3139342e3132342e3233352e302f32342d3234203d3e20323037393336.roa
File: 3139342e3132342e3233352e302f32342d3234203d3e20323037393336.roa (raw, json)
Hash identifier: unIb/pLoJEr1pBLYhSY4VQ/RprOtasUPRROCGuOA9r4=
Subject key identifier: CE:D8:D3:9F:9D:C2:DD:12:81:B2:3E:FC:6A:D1:DB:E3:04:01:49:19
Certificate issuer: /CN=cb29a77669df5a7a5cb506d839ee8aa4337ccaac
Certificate serial: 6649656653DAD1F13FBD129CCB61A6181C612B96
Authority key identifier: CB:29:A7:76:69:DF:5A:7A:5C:B5:06:D8:39:EE:8A:A4:33:7C:CA:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yymndmnfWnpctQbYOe6KpDN8yqw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/3139342e3132342e3233352e302f32342d3234203d3e20323037393336.roa
Signing time: Sun 01 Mar 2026 05:46:34 +0000
ROA not before: Sun 01 Mar 2026 05:41:34 +0000
ROA not after: Sun 28 Feb 2027 05:46:34 +0000
asID: 207936
IP address blocks: 194.124.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/CB29A77669DF5A7A5CB506D839EE8AA4337CCAAC.crl
rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/CB29A77669DF5A7A5CB506D839EE8AA4337CCAAC.mft
rsync://rpki.ripe.net/repository/DEFAULT/yymndmnfWnpctQbYOe6KpDN8yqw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 01:03:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:49:65:66:53:da:d1:f1:3f:bd:12:9c:cb:61:a6:18:1c:61:2b:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb29a77669df5a7a5cb506d839ee8aa4337ccaac
Validity
Not Before: Mar 1 05:41:34 2026 GMT
Not After : Feb 28 05:46:34 2027 GMT
Subject: CN=CED8D39F9DC2DD1281B23EFC6AD1DBE304014919
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:94:83:3d:b9:3d:7c:7f:10:59:7d:2b:7f:78:
da:a1:58:7c:a4:a2:04:1c:89:84:fd:93:ef:2b:27:
40:d8:5e:e7:73:d5:10:b1:43:b3:49:68:8e:5f:ea:
69:9c:8e:af:24:5d:2b:ea:83:60:60:81:77:47:23:
9c:72:52:7d:8f:7b:43:b2:33:2a:c5:fd:3d:15:86:
cb:53:64:69:6f:4b:37:2e:6c:ff:0e:2b:1a:41:a8:
2c:52:4e:3c:f3:44:47:3d:e6:9d:2c:09:87:6a:30:
04:91:f9:2d:a4:2f:8c:77:be:12:1b:f6:38:ac:41:
ce:e6:3c:69:d3:a7:da:7e:ce:63:3c:24:e0:1a:cd:
52:d4:03:58:9c:ab:b0:1e:a4:25:a2:ee:8b:f1:9b:
27:c4:59:00:ec:1b:92:e4:22:d0:fc:5c:a2:8d:08:
26:92:70:9e:f9:76:fb:35:56:fa:2f:94:46:3f:04:
d4:9f:eb:e7:51:f6:ba:a9:8a:33:b5:42:66:11:af:
07:22:f4:a4:57:8a:bd:ff:c2:24:da:c6:c9:e0:f6:
ea:44:61:85:a2:c5:ce:5a:9d:c2:bb:50:0d:af:55:
ac:40:03:53:71:4b:7f:90:03:08:32:cd:81:ec:f0:
12:87:82:45:9e:b7:ff:0f:06:1f:f0:5f:5e:fc:bf:
89:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:D8:D3:9F:9D:C2:DD:12:81:B2:3E:FC:6A:D1:DB:E3:04:01:49:19
X509v3 Authority Key Identifier:
keyid:CB:29:A7:76:69:DF:5A:7A:5C:B5:06:D8:39:EE:8A:A4:33:7C:CA:AC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/CB29A77669DF5A7A5CB506D839EE8AA4337CCAAC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yymndmnfWnpctQbYOe6KpDN8yqw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/3139342e3132342e3233352e302f32342d3234203d3e20323037393336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.124.235.0/24
Signature Algorithm: sha256WithRSAEncryption
35:ff:13:10:54:81:7c:b9:63:62:4b:32:5a:7b:ad:cb:f2:6f:
77:cb:a6:26:d3:38:f8:82:f7:18:81:f7:1b:12:3d:89:33:c5:
1d:0e:59:b6:60:5c:b1:10:ef:55:7a:67:2b:fd:e0:30:c7:c8:
cb:f8:32:87:09:4b:d9:73:ee:1e:c7:81:4d:19:ae:78:ea:7f:
30:be:75:1d:00:07:bf:69:30:b4:a3:15:7b:4d:f7:3f:7e:1e:
2c:94:6c:87:bb:44:3b:ba:3c:7c:d9:1b:36:c0:17:ab:c7:4c:
a6:d4:86:b6:a9:4f:8e:1a:da:b2:09:b7:8b:fd:b8:a5:58:08:
10:7f:ba:14:cd:23:a4:66:2b:eb:81:b8:0e:a8:f7:bb:2a:5b:
8c:a5:be:8e:f0:91:4a:0a:51:cc:6e:13:4e:b9:fc:fc:17:17:
bc:39:56:13:3a:c0:78:de:40:c8:28:9d:f3:35:13:c4:d9:57:
cd:41:be:2c:7c:97:20:64:d3:0f:5b:7c:02:67:2f:92:1b:ba:
2a:c1:46:a8:d2:85:d8:02:86:cb:bb:ce:aa:f1:fc:9f:ea:97:
fa:40:38:a1:ae:5c:ea:f1:6f:c2:5d:25:1b:25:d7:58:f1:f8:
b7:09:98:14:94:fc:14:85:dd:85:4d:6c:7c:57:35:4f:59:00:
15:c4:44:13
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUZkllZlPa0fE/vRKcy2GmGBxhK5YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2IyOWE3NzY2OWRmNWE3YTVjYjUwNmQ4MzllZThhYTQz
MzdjY2FhYzAeFw0yNjAzMDEwNTQxMzRaFw0yNzAyMjgwNTQ2MzRaMDMxMTAvBgNV
BAMTKENFRDhEMzlGOURDMkREMTI4MUIyM0VGQzZBRDFEQkUzMDQwMTQ5MTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCclIM9uT18fxBZfSt/eNqhWHyk
ogQciYT9k+8rJ0DYXudz1RCxQ7NJaI5f6mmcjq8kXSvqg2BggXdHI5xyUn2Pe0Oy
MyrF/T0VhstTZGlvSzcubP8OKxpBqCxSTjzzREc95p0sCYdqMASR+S2kL4x3vhIb
9jisQc7mPGnTp9p+zmM8JOAazVLUA1icq7AepCWi7ovxmyfEWQDsG5LkItD8XKKN
CCaScJ75dvs1VvovlEY/BNSf6+dR9rqpijO1QmYRrwci9KRXir3/wiTaxsng9upE
YYWixc5ancK7UA2vVaxAA1NxS3+QAwgyzYHs8BKHgkWet/8PBh/wX178v4nNAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUztjTn53C3RKBsj78atHb4wQBSRkwHwYDVR0j
BBgwFoAUyymndmnfWnpctQbYOe6KpDN8yqwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmIyNWQwNjgtN2Y5Yy00YjBlLWE2OTUtMTc3OWI3ZDhm
MDZlLzAvQ0IyOUE3NzY2OURGNUE3QTVDQjUwNkQ4MzlFRThBQTQzMzdDQ0FBQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3l5bW5kbW5mV25wY3RRYllPZTZLcERO
OHlxdy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmIyNWQwNjgt
N2Y5Yy00YjBlLWE2OTUtMTc3OWI3ZDhmMDZlLzAvMzEzOTM0MmUzMTMyMzQyZTMy
MzMzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNzM5MzMzNi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMJ86zANBgkqhkiG9w0BAQsFAAOCAQEANf8TEFSBfLljYksyWnuty/Jvd8um
JtM4+IL3GIH3GxI9iTPFHQ5ZtmBcsRDvVXpnK/3gMMfIy/gyhwlL2XPuHseBTRmu
eOp/ML51HQAHv2kwtKMVe033P34eLJRsh7tEO7o8fNkbNsAXq8dMptSGtqlPjhra
sgm3i/24pVgIEH+6FM0jpGYr64G4Dqj3uypbjKW+jvCRSgpRzG4TTrn8/BcXvDlW
EzrAeN5AyCid8zUTxNlXzUG+LHyXIGTTD1t8Amcvkhu6KsFGqNKF2AKGy7vOqvH8
n+qX+kA4oa5c6vFvwl0lGyXXWPH4twmYFJT8FIXdhU1sfFc1T1kAFcREEw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 18:08:11 2026 by rpki-client