Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3134312e39382e37352e302f32342d3234203d3e20313437323933.roa
File: 3134312e39382e37352e302f32342d3234203d3e20313437323933.roa (raw, json)
Hash identifier: o5LuDMZypsd22aAoxdJpiH2NjLEUg+uICc0EHPajqH4=
Subject key identifier: 36:76:3F:84:DE:20:08:84:3C:87:DD:2A:A5:1D:B2:A3:C0:E0:B8:8B
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 14FF80FDC862F234DFC7A991A21F19CEF90853E8
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3134312e39382e37352e302f32342d3234203d3e20313437323933.roa
Signing time: Sat 28 Feb 2026 11:46:33 +0000
ROA not before: Sat 28 Feb 2026 11:41:33 +0000
ROA not after: Sat 27 Feb 2027 11:46:33 +0000
asID: 147293
IP address blocks: 141.98.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 13:50:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:ff:80:fd:c8:62:f2:34:df:c7:a9:91:a2:1f:19:ce:f9:08:53:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Feb 28 11:41:33 2026 GMT
Not After : Feb 27 11:46:33 2027 GMT
Subject: CN=36763F84DE2008843C87DD2AA51DB2A3C0E0B88B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:56:4a:e3:a4:10:4d:e6:42:61:a4:a5:4f:da:
d7:e0:4c:e4:10:1c:31:a5:31:83:1e:74:47:42:cb:
59:00:2c:0b:ff:e2:9d:25:e4:4c:e3:39:8c:22:ba:
98:10:1c:86:82:76:70:1b:33:20:96:70:a9:7b:b1:
42:7a:61:61:f8:2a:aa:77:d9:1e:2d:b6:cc:3a:4c:
9b:58:05:85:15:7c:38:0c:0a:46:42:61:45:6e:f8:
5e:3e:a0:2e:df:7e:a4:bd:be:cd:d6:ff:28:45:8f:
d7:65:39:10:48:86:75:71:2a:58:39:d2:46:02:a9:
01:da:4b:10:af:f9:bd:7c:2d:bf:69:da:fe:07:27:
a2:b8:30:f7:00:0c:c3:0f:84:f3:29:c5:06:51:ef:
4f:56:05:c3:b0:1d:fa:de:ff:d6:dd:5a:f3:a0:9d:
14:60:d4:34:46:13:ae:43:17:f1:76:17:b6:10:b7:
5b:7d:25:ff:de:a9:40:42:cf:fd:48:ea:7a:78:7d:
f7:b6:02:e7:8c:76:00:8f:2b:5c:4e:16:6e:c6:38:
95:0d:62:ad:ab:ef:d2:7e:7c:ef:39:43:a9:a4:da:
1c:6c:c7:9d:1e:8e:07:df:c3:b4:24:0a:fe:6e:94:
20:d9:c6:9c:9a:78:5f:29:2b:86:86:58:96:b0:00:
cf:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:76:3F:84:DE:20:08:84:3C:87:DD:2A:A5:1D:B2:A3:C0:E0:B8:8B
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3134312e39382e37352e302f32342d3234203d3e20313437323933.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.75.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:8c:5d:de:05:8a:ba:75:c6:56:89:ef:3f:e1:ed:85:de:97:
be:83:a6:32:3a:cb:6d:8b:ff:0e:31:1e:34:1c:c2:d0:8c:b7:
ae:f3:18:10:98:4a:25:b5:df:ae:7e:ce:64:4f:4b:9a:b0:c9:
98:af:4f:0e:3c:3e:85:35:8b:35:2c:83:75:43:ad:e3:31:90:
ea:02:80:22:55:f1:64:51:93:6b:09:2b:1b:32:b8:05:e0:79:
bd:f7:4c:e9:85:fa:69:ea:7d:6e:2e:a7:4f:23:2f:83:bb:7e:
62:ac:b4:e7:db:60:67:9c:9c:27:99:de:f5:7e:12:18:91:c3:
63:db:58:e8:da:0b:2b:58:2f:70:67:36:a8:f0:c2:70:ab:f5:
2b:b5:33:5b:ea:bb:08:07:e1:fe:e2:62:e5:f6:6b:c9:cc:fe:
d0:e6:a2:b3:d5:48:16:ef:a6:7e:b8:96:2a:1d:03:b8:41:71:
f4:12:08:dc:03:9e:3f:9b:81:31:a4:f0:20:f6:81:2f:aa:5c:
7d:0d:66:db:21:3b:d1:16:97:7d:fd:22:21:3b:b9:15:3f:f1:
7b:e5:35:02:9c:a4:b5:3a:6f:c0:25:d9:29:27:e0:a4:a4:56:
40:9f:c6:65:b7:cd:e1:58:6f:d1:cb:cd:cb:1c:84:3e:c0:02:
90:ed:f8:39
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUFP+A/chi8jTfx6mRoh8ZzvkIU+gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNjAyMjgxMTQxMzNaFw0yNzAyMjcxMTQ2MzNaMDMxMTAvBgNV
BAMTKDM2NzYzRjg0REUyMDA4ODQzQzg3REQyQUE1MURCMkEzQzBFMEI4OEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9VkrjpBBN5kJhpKVP2tfgTOQQ
HDGlMYMedEdCy1kALAv/4p0l5EzjOYwiupgQHIaCdnAbMyCWcKl7sUJ6YWH4Kqp3
2R4ttsw6TJtYBYUVfDgMCkZCYUVu+F4+oC7ffqS9vs3W/yhFj9dlORBIhnVxKlg5
0kYCqQHaSxCv+b18Lb9p2v4HJ6K4MPcADMMPhPMpxQZR709WBcOwHfre/9bdWvOg
nRRg1DRGE65DF/F2F7YQt1t9Jf/eqUBCz/1I6np4ffe2AueMdgCPK1xOFm7GOJUN
Yq2r79J+fO85Q6mk2hxsx50ejgffw7QkCv5ulCDZxpyaeF8pK4aGWJawAM9NAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUNnY/hN4gCIQ8h90qpR2yo8DguIswHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzEzNDMxMmUzOTM4MmUzNzM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNDM3MzIzOTMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
jWJLMA0GCSqGSIb3DQEBCwUAA4IBAQCfjF3eBYq6dcZWie8/4e2F3pe+g6YyOstt
i/8OMR40HMLQjLeu8xgQmEoltd+ufs5kT0uasMmYr08OPD6FNYs1LIN1Q63jMZDq
AoAiVfFkUZNrCSsbMrgF4Hm990zphfpp6n1uLqdPIy+Du35irLTn22BnnJwnmd71
fhIYkcNj21jo2gsrWC9wZzao8MJwq/UrtTNb6rsIB+H+4mLl9mvJzP7Q5qKz1UgW
76Z+uJYqHQO4QXH0EgjcA54/m4ExpPAg9oEvqlx9DWbbITvRFpd9/SIhO7kVP/F7
5TUCnKS1Om/AJdkpJ+CkpFZAn8Zlt83hWG/Ry83LHIQ+wAKQ7fg5
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:10:26 2026 by rpki-client