Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/3139342e3132342e3233362e302f32342d3234203d3e203630373335.roa
File: 3139342e3132342e3233362e302f32342d3234203d3e203630373335.roa (raw, json)
Hash identifier: ys4GcQr92xf16wQYlCYeGPMDsfyEnGKsrz3bvGtNWC8=
Subject key identifier: BE:E0:B7:58:42:40:27:55:0F:FC:77:1C:E9:E0:27:D8:32:4D:F6:39
Certificate issuer: /CN=cb29a77669df5a7a5cb506d839ee8aa4337ccaac
Certificate serial: 5B1A98AF1ABFA4B4724741A3B65E8BCF474E7BE6
Authority key identifier: CB:29:A7:76:69:DF:5A:7A:5C:B5:06:D8:39:EE:8A:A4:33:7C:CA:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yymndmnfWnpctQbYOe6KpDN8yqw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/3139342e3132342e3233362e302f32342d3234203d3e203630373335.roa
Signing time: Sun 01 Mar 2026 05:46:34 +0000
ROA not before: Sun 01 Mar 2026 05:41:34 +0000
ROA not after: Sun 28 Feb 2027 05:46:34 +0000
asID: 60735
IP address blocks: 194.124.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/CB29A77669DF5A7A5CB506D839EE8AA4337CCAAC.crl
rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/CB29A77669DF5A7A5CB506D839EE8AA4337CCAAC.mft
rsync://rpki.ripe.net/repository/DEFAULT/yymndmnfWnpctQbYOe6KpDN8yqw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:1a:98:af:1a:bf:a4:b4:72:47:41:a3:b6:5e:8b:cf:47:4e:7b:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb29a77669df5a7a5cb506d839ee8aa4337ccaac
Validity
Not Before: Mar 1 05:41:34 2026 GMT
Not After : Feb 28 05:46:34 2027 GMT
Subject: CN=BEE0B758424027550FFC771CE9E027D8324DF639
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b6:96:e2:ea:ff:f9:94:70:2f:56:da:eb:33:
74:c5:6d:41:d8:40:12:6e:7f:5e:e8:84:5e:29:4a:
2f:57:de:5b:c5:88:4d:c1:a9:9a:b3:e9:87:78:24:
b8:1c:8e:3e:a4:88:a9:c9:e6:d7:83:a2:b7:ac:b3:
76:58:aa:1f:c1:8e:93:5d:40:cd:b6:84:73:3d:f3:
59:56:d7:74:77:c3:c3:f4:ea:20:1f:46:88:5e:66:
3f:79:56:01:6b:6e:8b:17:39:1f:71:23:d1:88:76:
56:71:1d:17:1a:df:5d:50:c1:a3:65:a5:99:b8:c7:
ec:97:eb:fa:fb:a0:3d:dd:9a:df:a6:4c:66:d0:41:
19:ed:4d:aa:65:1b:dd:39:9f:02:68:f3:43:c5:8d:
da:9b:d2:51:e4:53:2f:e7:8d:d3:40:cb:6c:95:59:
1d:51:cb:3e:8d:09:a4:48:32:0b:4a:8e:3e:88:4e:
49:2e:df:90:f7:fe:65:73:dd:6d:13:95:88:78:f8:
2e:8b:d5:09:57:90:d4:97:3d:aa:37:79:9a:88:0e:
7c:9a:67:2c:e8:4d:3f:f5:f3:27:b1:29:b0:83:da:
10:5d:79:a3:37:46:95:c7:3c:34:67:1e:24:eb:76:
b0:88:55:17:3d:15:74:64:06:63:be:53:3e:bd:92:
e9:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:E0:B7:58:42:40:27:55:0F:FC:77:1C:E9:E0:27:D8:32:4D:F6:39
X509v3 Authority Key Identifier:
keyid:CB:29:A7:76:69:DF:5A:7A:5C:B5:06:D8:39:EE:8A:A4:33:7C:CA:AC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/CB29A77669DF5A7A5CB506D839EE8AA4337CCAAC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yymndmnfWnpctQbYOe6KpDN8yqw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/3139342e3132342e3233362e302f32342d3234203d3e203630373335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.124.236.0/24
Signature Algorithm: sha256WithRSAEncryption
93:9b:85:22:5e:1b:a6:f7:ce:bb:cd:c9:74:9a:72:ea:0a:74:
a5:d6:99:ab:ff:19:47:3a:17:6f:3a:ac:d0:b3:6e:da:20:ca:
b1:d7:f3:fe:ec:99:cc:c1:4c:a2:bf:0c:6a:8d:66:ca:0e:2e:
6b:05:fb:d3:db:56:e8:d6:92:49:8b:33:43:8b:22:6d:ef:4f:
9c:7f:eb:a6:41:f6:2b:8c:c0:3d:36:25:84:a0:6d:a7:75:46:
f2:e9:35:6d:e8:0c:b4:18:24:dd:8b:74:d5:7a:6a:2f:fa:5b:
18:49:c5:85:2c:d3:20:4a:16:32:ef:e2:e2:c2:bb:68:8c:8d:
9c:49:3e:68:dd:9b:2a:f3:c2:52:e2:5c:52:1b:5a:a5:6a:2e:
7c:d7:0f:74:09:42:05:9c:2e:b8:70:79:4b:cd:07:56:91:36:
d9:19:a8:04:51:70:73:cb:61:de:6f:b5:e8:e0:92:ba:4f:fb:
b8:8b:b1:ca:8a:1d:d7:74:85:74:ee:15:c3:d2:0b:c2:ca:0c:
b7:7a:27:82:57:f8:a1:7a:f2:a6:7f:9a:6d:df:97:53:6e:74:
0a:f6:7f:30:fc:63:19:58:a1:5c:a2:43:d3:39:be:62:89:73:
22:b1:33:11:b9:13:73:52:38:e6:b7:5d:7e:59:f3:ee:74:6d:
60:67:5c:12
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUWxqYrxq/pLRyR0Gjtl6Lz0dOe+YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2IyOWE3NzY2OWRmNWE3YTVjYjUwNmQ4MzllZThhYTQz
MzdjY2FhYzAeFw0yNjAzMDEwNTQxMzRaFw0yNzAyMjgwNTQ2MzRaMDMxMTAvBgNV
BAMTKEJFRTBCNzU4NDI0MDI3NTUwRkZDNzcxQ0U5RTAyN0Q4MzI0REY2MzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCztpbi6v/5lHAvVtrrM3TFbUHY
QBJuf17ohF4pSi9X3lvFiE3BqZqz6Yd4JLgcjj6kiKnJ5teDoress3ZYqh/BjpNd
QM22hHM981lW13R3w8P06iAfRoheZj95VgFrbosXOR9xI9GIdlZxHRca311QwaNl
pZm4x+yX6/r7oD3dmt+mTGbQQRntTaplG905nwJo80PFjdqb0lHkUy/njdNAy2yV
WR1Ryz6NCaRIMgtKjj6ITkku35D3/mVz3W0TlYh4+C6L1QlXkNSXPao3eZqIDnya
ZyzoTT/18yexKbCD2hBdeaM3RpXHPDRnHiTrdrCIVRc9FXRkBmO+Uz69kukrAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUvuC3WEJAJ1UP/Hcc6eAn2DJN9jkwHwYDVR0j
BBgwFoAUyymndmnfWnpctQbYOe6KpDN8yqwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmIyNWQwNjgtN2Y5Yy00YjBlLWE2OTUtMTc3OWI3ZDhm
MDZlLzAvQ0IyOUE3NzY2OURGNUE3QTVDQjUwNkQ4MzlFRThBQTQzMzdDQ0FBQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3l5bW5kbW5mV25wY3RRYllPZTZLcERO
OHlxdy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmIyNWQwNjgt
N2Y5Yy00YjBlLWE2OTUtMTc3OWI3ZDhmMDZlLzAvMzEzOTM0MmUzMTMyMzQyZTMy
MzMzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzAzNzMzMzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCfOwwDQYJKoZIhvcNAQELBQADggEBAJObhSJeG6b3zrvNyXSacuoKdKXWmav/
GUc6F286rNCzbtogyrHX8/7smczBTKK/DGqNZsoOLmsF+9PbVujWkkmLM0OLIm3v
T5x/66ZB9iuMwD02JYSgbad1RvLpNW3oDLQYJN2LdNV6ai/6WxhJxYUs0yBKFjLv
4uLCu2iMjZxJPmjdmyrzwlLiXFIbWqVqLnzXD3QJQgWcLrhweUvNB1aRNtkZqARR
cHPLYd5vtejgkrpP+7iLscqKHdd0hXTuFcPSC8LKDLd6J4JX+KF68qZ/mm3fl1Nu
dAr2fzD8YxlYoVyiQ9M5vmKJcyKxMxG5E3NSOOa3XX5Z8+50bWBnXBI=
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:28:41 2026 by rpki-client