Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/3139342e3132342e3233372e302f32342d3234203d3e203539383133.roa
File: 3139342e3132342e3233372e302f32342d3234203d3e203539383133.roa (raw, json)
Hash identifier: hJUy+WAsteHuyZTTylubys83kZZc4LE0LX6QYeU4v/U=
Subject key identifier: 11:E2:0C:C7:87:7C:60:B0:BB:98:EC:5E:63:3D:F9:1B:63:F1:58:1D
Certificate issuer: /CN=cb29a77669df5a7a5cb506d839ee8aa4337ccaac
Certificate serial: 797089CBDB4261A6AA42AC2C1CFD10CF683099A7
Authority key identifier: CB:29:A7:76:69:DF:5A:7A:5C:B5:06:D8:39:EE:8A:A4:33:7C:CA:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yymndmnfWnpctQbYOe6KpDN8yqw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/3139342e3132342e3233372e302f32342d3234203d3e203539383133.roa
Signing time: Sun 01 Mar 2026 05:46:33 +0000
ROA not before: Sun 01 Mar 2026 05:41:33 +0000
ROA not after: Sun 28 Feb 2027 05:46:33 +0000
asID: 59813
IP address blocks: 194.124.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/CB29A77669DF5A7A5CB506D839EE8AA4337CCAAC.crl
rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/CB29A77669DF5A7A5CB506D839EE8AA4337CCAAC.mft
rsync://rpki.ripe.net/repository/DEFAULT/yymndmnfWnpctQbYOe6KpDN8yqw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:70:89:cb:db:42:61:a6:aa:42:ac:2c:1c:fd:10:cf:68:30:99:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb29a77669df5a7a5cb506d839ee8aa4337ccaac
Validity
Not Before: Mar 1 05:41:33 2026 GMT
Not After : Feb 28 05:46:33 2027 GMT
Subject: CN=11E20CC7877C60B0BB98EC5E633DF91B63F1581D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:bc:2c:9c:21:03:d7:ad:e2:84:9e:7d:a2:ef:
2b:c2:c8:e9:56:c8:2a:cf:f9:c1:7f:f4:4a:39:d2:
3c:20:f0:90:48:c3:7c:db:5e:07:b7:7f:17:16:aa:
ae:45:77:6e:89:59:2c:8b:16:ee:26:d9:89:9d:c9:
ed:53:6f:a0:a4:fd:de:2d:2e:7d:16:2f:66:10:bf:
5a:be:9d:1f:70:dd:30:10:70:e3:d3:c7:c2:51:02:
3a:84:47:7e:60:9a:c1:66:a4:8c:7d:83:ea:83:6f:
15:d6:fc:58:c2:f2:28:04:8a:12:26:d7:41:78:5e:
5d:82:d2:64:e5:58:e5:5c:55:45:28:e0:af:47:92:
8b:9b:de:6f:0e:be:7b:45:bd:bb:99:15:c0:e4:7f:
de:bf:c8:68:e5:44:1d:e4:f3:3c:30:bf:e1:90:d3:
d0:48:35:45:ef:d2:8c:cd:b3:a3:7f:bc:05:e8:b6:
9e:a4:ad:25:12:5e:39:60:82:cc:cf:47:1f:86:89:
f7:5e:1e:17:3a:7c:f8:b4:4f:80:7d:73:90:79:65:
98:b7:68:30:be:a3:6f:11:09:80:69:df:5e:41:70:
e7:87:b2:e7:b4:29:9f:a9:57:84:2a:26:b9:cc:5c:
61:ef:80:8f:e2:54:ed:8a:3d:82:b4:c2:6d:61:53:
ea:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:E2:0C:C7:87:7C:60:B0:BB:98:EC:5E:63:3D:F9:1B:63:F1:58:1D
X509v3 Authority Key Identifier:
keyid:CB:29:A7:76:69:DF:5A:7A:5C:B5:06:D8:39:EE:8A:A4:33:7C:CA:AC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/CB29A77669DF5A7A5CB506D839EE8AA4337CCAAC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yymndmnfWnpctQbYOe6KpDN8yqw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bb25d068-7f9c-4b0e-a695-1779b7d8f06e/0/3139342e3132342e3233372e302f32342d3234203d3e203539383133.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.124.237.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:41:35:9a:a6:8f:3d:a0:5b:c9:8f:9a:66:c5:5e:e4:ab:b7:
12:93:d5:dd:2c:66:e9:56:44:70:34:b6:5f:dc:68:1c:55:33:
a7:e5:d8:94:8c:b4:08:47:53:5d:5c:78:77:8e:43:16:d3:0b:
9b:c6:10:d0:e7:28:eb:b2:71:5b:a5:7a:94:05:dd:85:94:b0:
c7:ec:e0:e1:c9:77:98:4d:32:2e:66:cd:8e:07:bd:ff:83:e9:
65:a1:2f:65:cf:9e:5c:37:10:53:b0:92:41:7a:88:3d:3c:93:
96:08:c1:eb:41:30:55:bf:20:b4:34:46:2c:10:66:53:fc:5c:
cb:ae:d6:f6:09:11:a6:6c:f0:e7:7e:3e:23:bb:82:4b:d0:22:
be:53:2d:9e:5d:f7:5c:02:0b:d3:57:85:47:12:78:e8:a7:5b:
6b:6c:d8:58:fc:2f:2b:c1:bd:cd:f7:4c:b7:eb:e4:cf:2e:1b:
86:cc:fc:e0:93:ec:bf:44:e8:c3:4d:00:e3:a9:5d:fe:ea:f6:
8a:1c:40:09:5f:24:2b:ef:72:d6:fe:f0:b1:45:80:95:a2:91:
a0:8b:42:cc:11:75:80:b2:5d:b0:de:16:d3:71:e8:5f:81:be:
3d:4e:c2:4a:e2:41:02:e9:b9:d1:8a:5f:e8:18:ed:b5:ac:d2:
8d:8a:c5:e1
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUeXCJy9tCYaaqQqwsHP0Qz2gwmacwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2IyOWE3NzY2OWRmNWE3YTVjYjUwNmQ4MzllZThhYTQz
MzdjY2FhYzAeFw0yNjAzMDEwNTQxMzNaFw0yNzAyMjgwNTQ2MzNaMDMxMTAvBgNV
BAMTKDExRTIwQ0M3ODc3QzYwQjBCQjk4RUM1RTYzM0RGOTFCNjNGMTU4MUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpvCycIQPXreKEnn2i7yvCyOlW
yCrP+cF/9Eo50jwg8JBIw3zbXge3fxcWqq5Fd26JWSyLFu4m2Ymdye1Tb6Ck/d4t
Ln0WL2YQv1q+nR9w3TAQcOPTx8JRAjqER35gmsFmpIx9g+qDbxXW/FjC8igEihIm
10F4Xl2C0mTlWOVcVUUo4K9Hkoub3m8OvntFvbuZFcDkf96/yGjlRB3k8zwwv+GQ
09BINUXv0ozNs6N/vAXotp6krSUSXjlggszPRx+GifdeHhc6fPi0T4B9c5B5ZZi3
aDC+o28RCYBp315BcOeHsue0KZ+pV4QqJrnMXGHvgI/iVO2KPYK0wm1hU+rdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUEeIMx4d8YLC7mOxeYz35G2PxWB0wHwYDVR0j
BBgwFoAUyymndmnfWnpctQbYOe6KpDN8yqwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmIyNWQwNjgtN2Y5Yy00YjBlLWE2OTUtMTc3OWI3ZDhm
MDZlLzAvQ0IyOUE3NzY2OURGNUE3QTVDQjUwNkQ4MzlFRThBQTQzMzdDQ0FBQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3l5bW5kbW5mV25wY3RRYllPZTZLcERO
OHlxdy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmIyNWQwNjgt
N2Y5Yy00YjBlLWE2OTUtMTc3OWI3ZDhmMDZlLzAvMzEzOTM0MmUzMTMyMzQyZTMy
MzMzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzkzODMxMzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCfO0wDQYJKoZIhvcNAQELBQADggEBAA5BNZqmjz2gW8mPmmbFXuSrtxKT1d0s
ZulWRHA0tl/caBxVM6fl2JSMtAhHU11ceHeOQxbTC5vGENDnKOuycVulepQF3YWU
sMfs4OHJd5hNMi5mzY4Hvf+D6WWhL2XPnlw3EFOwkkF6iD08k5YIwetBMFW/ILQ0
RiwQZlP8XMuu1vYJEaZs8Od+PiO7gkvQIr5TLZ5d91wCC9NXhUcSeOinW2ts2Fj8
LyvBvc33TLfr5M8uG4bM/OCT7L9E6MNNAOOpXf7q9oocQAlfJCvvctb+8LFFgJWi
kaCLQswRdYCyXbDeFtNx6F+Bvj1OwkriQQLpudGKX+gY7bWs0o2KxeE=
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:50:28 2026 by rpki-client