Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c2023c53-184b-484b-b676-598f64d88f22/0/39312e3233332e31312e302f32342d3234203d3e20323038333939.roa
File: 39312e3233332e31312e302f32342d3234203d3e20323038333939.roa (raw, json)
Hash identifier: b608/aD25N0+C4jsRLgiexFiGNPh713tPtHegBXVrp0=
Subject key identifier: A4:8D:E5:12:A4:59:1F:38:F9:53:A3:2C:04:2B:09:54:84:68:8D:00
Certificate issuer: /CN=199cdd14c27fbf6b005a0ada004d53cbcb9667ff
Certificate serial: 187FE903DEBFFD2F928F5C473F028FDC4F9BDD
Authority key identifier: 19:9C:DD:14:C2:7F:BF:6B:00:5A:0A:DA:00:4D:53:CB:CB:96:67:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GZzdFMJ_v2sAWgraAE1Ty8uWZ_8.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c2023c53-184b-484b-b676-598f64d88f22/0/39312e3233332e31312e302f32342d3234203d3e20323038333939.roa
Signing time: Mon 13 Apr 2026 08:23:55 +0000
ROA not before: Mon 13 Apr 2026 08:18:55 +0000
ROA not after: Mon 12 Apr 2027 08:23:55 +0000
asID: 208399
IP address blocks: 91.233.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c2023c53-184b-484b-b676-598f64d88f22/0/199CDD14C27FBF6B005A0ADA004D53CBCB9667FF.crl
rsync://rsync.paas.rpki.ripe.net/repository/c2023c53-184b-484b-b676-598f64d88f22/0/199CDD14C27FBF6B005A0ADA004D53CBCB9667FF.mft
rsync://rpki.ripe.net/repository/DEFAULT/GZzdFMJ_v2sAWgraAE1Ty8uWZ_8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 10:34:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:7f:e9:03:de:bf:fd:2f:92:8f:5c:47:3f:02:8f:dc:4f:9b:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=199cdd14c27fbf6b005a0ada004d53cbcb9667ff
Validity
Not Before: Apr 13 08:18:55 2026 GMT
Not After : Apr 12 08:23:55 2027 GMT
Subject: CN=A48DE512A4591F38F953A32C042B095484688D00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f5:11:72:5d:3e:1d:df:ee:3c:41:0e:fa:03:
f6:9d:03:8c:a5:75:be:0e:f7:84:f3:06:75:23:16:
b7:93:37:35:7a:73:51:b5:f7:39:59:06:0e:59:d7:
89:e9:26:da:76:35:6f:61:77:2c:05:bc:56:eb:19:
39:be:8f:12:e6:b2:c8:3d:70:31:2c:4f:8c:e1:6f:
51:24:74:2d:fb:34:b1:67:5c:64:30:5a:bb:4b:96:
96:1f:eb:5b:60:ba:84:40:3e:af:07:4c:d6:1a:60:
66:ad:b6:f7:89:a7:85:b3:3f:3f:a2:af:59:1f:29:
49:46:c6:e5:c6:41:1b:59:27:c6:dd:95:c9:09:ce:
d3:2b:ae:f2:1e:db:5b:0e:0a:21:6d:3a:76:2e:89:
28:16:6f:11:3d:04:33:a7:ac:0e:13:15:31:78:71:
9c:b0:ba:48:d9:e0:de:50:2a:99:cd:b8:f1:4e:24:
13:f7:55:ec:e2:9a:8e:d3:20:7b:2c:56:85:5a:63:
7c:2f:67:fe:3d:d1:d2:d8:eb:78:b3:15:d3:d1:60:
eb:22:ba:ef:42:95:16:cb:27:78:59:4c:f7:19:7f:
69:50:7e:f4:43:dc:51:62:86:d2:0c:da:e3:e8:a0:
89:34:6e:ea:6c:18:24:9e:e9:8b:67:16:62:ca:b6:
8a:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:8D:E5:12:A4:59:1F:38:F9:53:A3:2C:04:2B:09:54:84:68:8D:00
X509v3 Authority Key Identifier:
keyid:19:9C:DD:14:C2:7F:BF:6B:00:5A:0A:DA:00:4D:53:CB:CB:96:67:FF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c2023c53-184b-484b-b676-598f64d88f22/0/199CDD14C27FBF6B005A0ADA004D53CBCB9667FF.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GZzdFMJ_v2sAWgraAE1Ty8uWZ_8.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c2023c53-184b-484b-b676-598f64d88f22/0/39312e3233332e31312e302f32342d3234203d3e20323038333939.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.11.0/24
Signature Algorithm: sha256WithRSAEncryption
58:28:0d:78:07:80:66:dd:da:97:18:cc:7f:47:db:0f:16:a3:
2e:78:a6:ca:87:e6:5d:8f:ff:14:9d:5b:7f:9a:b4:0b:76:6f:
1b:29:74:d6:02:3e:ac:a1:16:45:b0:08:2a:8a:d4:bc:92:61:
e5:34:4e:00:56:24:36:76:a6:69:3f:c2:ac:98:60:34:b8:c5:
9b:2d:ff:8d:30:99:1f:e3:86:29:2e:38:1c:d1:ab:70:a7:56:
23:94:8a:a4:f8:54:87:6f:27:e3:52:9b:c6:f2:22:d9:cd:7c:
07:99:df:d9:f2:1a:91:17:7a:62:d3:93:d7:31:38:d3:27:0e:
e3:bc:d2:40:88:a0:36:be:07:5e:e9:45:3f:13:65:c7:dc:81:
de:9a:ab:a8:da:e3:84:6f:37:38:00:6b:dc:a9:ad:a3:64:cf:
2b:52:ef:ca:61:88:e0:45:67:61:77:1a:2a:ad:6a:1a:46:d1:
41:61:31:61:d9:9f:f3:6f:ec:72:41:7a:e1:4d:77:c7:49:6e:
36:8f:a3:de:81:6b:dc:48:4f:8e:fa:d6:79:8d:30:9e:66:5f:
52:d7:08:01:f7:13:80:4d:e0:05:a6:dd:69:70:95:30:f2:80:
f4:2f:74:4a:52:8a:fb:5a:31:0e:10:fd:45:a3:99:76:92:74:
5b:e0:a6:77
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgITGH/pA96//S+Sj1xHPwKP3E+b3TANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEygxOTljZGQxNGMyN2ZiZjZiMDA1YTBhZGEwMDRkNTNjYmNi
OTY2N2ZmMB4XDTI2MDQxMzA4MTg1NVoXDTI3MDQxMjA4MjM1NVowMzExMC8GA1UE
AxMoQTQ4REU1MTJBNDU5MUYzOEY5NTNBMzJDMDQyQjA5NTQ4NDY4OEQwMDCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANj1EXJdPh3f7jxBDvoD9p0DjKV1
vg73hPMGdSMWt5M3NXpzUbX3OVkGDlnXiekm2nY1b2F3LAW8VusZOb6PEuayyD1w
MSxPjOFvUSR0Lfs0sWdcZDBau0uWlh/rW2C6hEA+rwdM1hpgZq2294mnhbM/P6Kv
WR8pSUbG5cZBG1knxt2VyQnO0yuu8h7bWw4KIW06di6JKBZvET0EM6esDhMVMXhx
nLC6SNng3lAqmc248U4kE/dV7OKajtMgeyxWhVpjfC9n/j3R0tjreLMV09Fg6yK6
70KVFssneFlM9xl/aVB+9EPcUWKG0gza4+igiTRu6mwYJJ7pi2cWYsq2igMCAwEA
AaOCAj0wggI5MB0GA1UdDgQWBBSkjeUSpFkfOPlToywEKwlUhGiNADAfBgNVHSME
GDAWgBQZnN0Uwn+/awBaCtoATVPLy5Zn/zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5u
ZXQvcmVwb3NpdG9yeS9jMjAyM2M1My0xODRiLTQ4NGItYjY3Ni01OThmNjRkODhm
MjIvMC8xOTlDREQxNEMyN0ZCRjZCMDA1QTBBREEwMDRENTNDQkNCOTY2N0ZGLmNy
bDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvR1p6ZEZNSl92MnNBV2dyYUFFMVR5OHVX
Wl84LmNlcjCBrQYIKwYBBQUHAQsEgaAwgZ0wgZoGCCsGAQUFBzALhoGNcnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9jMjAyM2M1My0x
ODRiLTQ4NGItYjY3Ni01OThmNjRkODhmMjIvMC8zOTMxMmUzMjMzMzMyZTMxMzEy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzgzMzM5Mzkucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABb
6QswDQYJKoZIhvcNAQELBQADggEBAFgoDXgHgGbd2pcYzH9H2w8Woy54psqH5l2P
/xSdW3+atAt2bxspdNYCPqyhFkWwCCqK1LySYeU0TgBWJDZ2pmk/wqyYYDS4xZst
/40wmR/jhikuOBzRq3CnViOUiqT4VIdvJ+NSm8byItnNfAeZ39nyGpEXemLTk9cx
ONMnDuO80kCIoDa+B17pRT8TZcfcgd6aq6ja44RvNzgAa9ypraNkzytS78phiOBF
Z2F3GiqtahpG0UFhMWHZn/Nv7HJBeuFNd8dJbjaPo96Ba9xIT4761nmNMJ5mX1LX
CAH3E4BN4AWm3WlwlTDygPQvdEpSivtaMQ4Q/UWjmXaSdFvgpnc=
-----END CERTIFICATE-----
Generated at Fri Apr 17 01:48:49 2026 by rpki-client