Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d90a935a-a74d-4b98-9430-bc7ae5c24f28/0/3231372e3139382e3138372e302f32342d3234203d3e20323132363039.roa
File: 3231372e3139382e3138372e302f32342d3234203d3e20323132363039.roa (raw, json)
Hash identifier: 5MtBkdNTpZ938xlW09/xBkP2lUiJZGy2AiCo8woEVNw=
Subject key identifier: 5B:9D:59:A0:B1:99:4D:B0:0D:3A:DD:9E:42:90:AD:E8:16:E4:1D:A1
Certificate issuer: /CN=c79d02c618861ad45baf78ce39023cbcb494a7bf
Certificate serial: 4EF886138233A76875D0E99A5CEE09B5116533F6
Authority key identifier: C7:9D:02:C6:18:86:1A:D4:5B:AF:78:CE:39:02:3C:BC:B4:94:A7:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x50CxhiGGtRbr3jOOQI8vLSUp78.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d90a935a-a74d-4b98-9430-bc7ae5c24f28/0/3231372e3139382e3138372e302f32342d3234203d3e20323132363039.roa
Signing time: Tue 07 Apr 2026 08:47:03 +0000
ROA not before: Tue 07 Apr 2026 08:42:03 +0000
ROA not after: Tue 06 Apr 2027 08:47:03 +0000
asID: 212609
IP address blocks: 217.198.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d90a935a-a74d-4b98-9430-bc7ae5c24f28/0/C79D02C618861AD45BAF78CE39023CBCB494A7BF.crl
rsync://rsync.paas.rpki.ripe.net/repository/d90a935a-a74d-4b98-9430-bc7ae5c24f28/0/C79D02C618861AD45BAF78CE39023CBCB494A7BF.mft
rsync://rpki.ripe.net/repository/DEFAULT/x50CxhiGGtRbr3jOOQI8vLSUp78.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 21:23:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:f8:86:13:82:33:a7:68:75:d0:e9:9a:5c:ee:09:b5:11:65:33:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c79d02c618861ad45baf78ce39023cbcb494a7bf
Validity
Not Before: Apr 7 08:42:03 2026 GMT
Not After : Apr 6 08:47:03 2027 GMT
Subject: CN=5B9D59A0B1994DB00D3ADD9E4290ADE816E41DA1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c5:c5:15:e0:f9:30:32:27:ce:78:8e:ed:e5:
bf:5d:ae:fa:f1:fa:cc:e5:99:8a:2d:62:9e:d4:95:
55:fe:2c:80:51:d6:9a:1f:d8:f9:c2:ee:63:08:68:
54:64:de:8b:ac:e4:a2:7c:46:f2:88:61:71:db:4a:
69:b7:a6:8c:e0:5d:7a:b8:75:5b:33:de:8f:be:b9:
cd:df:86:a4:72:80:62:0b:d7:d8:83:a6:9b:24:7a:
ad:71:dd:36:f5:64:d4:5f:8b:98:19:98:c5:dc:23:
0e:b1:6c:b8:d6:9d:c6:77:8c:6a:a7:5a:1f:e3:a9:
41:82:95:aa:66:a0:2e:c5:12:aa:99:f3:c1:bc:a8:
b7:71:08:4b:c2:fd:01:73:b8:f2:37:a0:51:30:4c:
c4:63:37:d1:ae:40:9d:60:61:04:69:b2:6c:62:0f:
ce:55:3a:70:2d:1b:41:41:26:e7:aa:d5:a5:fc:5a:
ca:9b:e6:50:46:3a:5e:0e:f0:fa:25:52:db:4b:82:
5a:3a:59:2d:ac:b8:45:e2:6c:6f:3b:40:c1:2e:bb:
e1:53:d3:88:5c:21:84:66:78:ac:26:a1:f3:26:80:
6f:0a:40:e8:d5:6c:b6:fb:a9:2f:9c:05:f5:e0:b7:
33:b4:27:9f:a4:77:fd:5d:39:9e:31:0d:31:ae:ff:
10:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:9D:59:A0:B1:99:4D:B0:0D:3A:DD:9E:42:90:AD:E8:16:E4:1D:A1
X509v3 Authority Key Identifier:
keyid:C7:9D:02:C6:18:86:1A:D4:5B:AF:78:CE:39:02:3C:BC:B4:94:A7:BF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d90a935a-a74d-4b98-9430-bc7ae5c24f28/0/C79D02C618861AD45BAF78CE39023CBCB494A7BF.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x50CxhiGGtRbr3jOOQI8vLSUp78.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d90a935a-a74d-4b98-9430-bc7ae5c24f28/0/3231372e3139382e3138372e302f32342d3234203d3e20323132363039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.198.187.0/24
Signature Algorithm: sha256WithRSAEncryption
d4:17:4b:fc:86:22:d3:8b:80:33:50:48:b9:94:c2:36:fb:7c:
9a:a1:68:d9:dc:54:1c:bb:ca:66:52:2d:fd:0d:2a:7b:77:31:
78:66:a6:a8:9e:b1:1f:6f:9c:5b:57:78:f4:90:bc:f1:d4:d3:
a8:37:1a:3e:a9:10:7d:90:b8:9d:22:1c:72:06:93:04:18:54:
14:88:31:4f:77:f3:78:fe:20:6f:93:6d:a4:db:98:35:c3:7f:
16:c8:4a:32:ab:64:53:d8:3a:6c:0f:f8:f5:f6:a0:9d:a9:0d:
66:67:43:ed:39:15:20:01:a9:2c:94:d7:94:0b:7a:f8:cd:fe:
5e:56:d6:11:32:da:03:ea:0c:39:e6:5d:70:10:f3:31:c5:e4:
af:27:67:69:83:0f:a7:bc:80:8b:16:50:0f:02:40:8e:58:b8:
9d:62:ed:ac:68:0d:d4:a0:d2:2a:51:81:fc:eb:98:b6:26:c1:
96:36:84:55:80:fd:63:e4:80:b4:7d:81:88:bf:70:61:e5:9d:
d3:f7:9e:e7:7b:6e:b0:54:a2:36:9d:d8:c1:29:2f:79:dd:57:
1a:09:3b:d5:bf:73:e4:08:f7:24:6d:9c:22:01:11:ba:19:b1:
c5:ab:34:d2:7f:f8:ce:03:22:a9:a0:38:fd:20:df:50:1e:0f:
d0:3d:46:b8
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUTviGE4Izp2h10OmaXO4JtRFlM/YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzc5ZDAyYzYxODg2MWFkNDViYWY3OGNlMzkwMjNjYmNi
NDk0YTdiZjAeFw0yNjA0MDcwODQyMDNaFw0yNzA0MDYwODQ3MDNaMDMxMTAvBgNV
BAMTKDVCOUQ1OUEwQjE5OTREQjAwRDNBREQ5RTQyOTBBREU4MTZFNDFEQTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNxcUV4PkwMifOeI7t5b9drvrx
+szlmYotYp7UlVX+LIBR1pof2PnC7mMIaFRk3ous5KJ8RvKIYXHbSmm3pozgXXq4
dVsz3o++uc3fhqRygGIL19iDppskeq1x3Tb1ZNRfi5gZmMXcIw6xbLjWncZ3jGqn
Wh/jqUGClapmoC7FEqqZ88G8qLdxCEvC/QFzuPI3oFEwTMRjN9GuQJ1gYQRpsmxi
D85VOnAtG0FBJueq1aX8Wsqb5lBGOl4O8PolUttLglo6WS2suEXibG87QMEuu+FT
04hcIYRmeKwmofMmgG8KQOjVbLb7qS+cBfXgtzO0J5+kd/1dOZ4xDTGu/xD7AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUW51ZoLGZTbANOt2eQpCt6BbkHaEwHwYDVR0j
BBgwFoAUx50CxhiGGtRbr3jOOQI8vLSUp78wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDkwYTkzNWEtYTc0ZC00Yjk4LTk0MzAtYmM3YWU1YzI0
ZjI4LzAvQzc5RDAyQzYxODg2MUFENDVCQUY3OENFMzkwMjNDQkNCNDk0QTdCRi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3g1MEN4aGlHR3RSYnIzak9PUUk4dkxT
VXA3OC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDkwYTkzNWEt
YTc0ZC00Yjk4LTk0MzAtYmM3YWU1YzI0ZjI4LzAvMzIzMTM3MmUzMTM5MzgyZTMx
MzgzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjM2MzAzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANnGuzANBgkqhkiG9w0BAQsFAAOCAQEA1BdL/IYi04uAM1BIuZTCNvt8mqFo
2dxUHLvKZlIt/Q0qe3cxeGamqJ6xH2+cW1d49JC88dTTqDcaPqkQfZC4nSIccgaT
BBhUFIgxT3fzeP4gb5NtpNuYNcN/FshKMqtkU9g6bA/49fagnakNZmdD7TkVIAGp
LJTXlAt6+M3+XlbWETLaA+oMOeZdcBDzMcXkrydnaYMPp7yAixZQDwJAjli4nWLt
rGgN1KDSKlGB/OuYtibBljaEVYD9Y+SAtH2BiL9wYeWd0/ee53tusFSiNp3YwSkv
ed1XGgk71b9z5Aj3JG2cIgERuhmxxas00n/4zgMiqaA4/SDfUB4P0D1GuA==
-----END CERTIFICATE-----
Generated at Sat Apr 18 03:03:39 2026 by rpki-client