Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3134312e39382e37352e302f32342d3234203d3e20313439353032.roa
File: 3134312e39382e37352e302f32342d3234203d3e20313439353032.roa (raw, json)
Hash identifier: lbd7+tkFet96dqBbAJbAIS+ZvcIfxp2hUTAspPLz4uc=
Subject key identifier: 3E:88:3B:89:A1:8E:C9:DD:38:A6:EA:AA:12:8C:86:15:1A:80:10:10
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 029E01CE4B34D81A40A734C2F3A9C836BB06CF80
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3134312e39382e37352e302f32342d3234203d3e20313439353032.roa
Signing time: Fri 27 Feb 2026 14:46:33 +0000
ROA not before: Fri 27 Feb 2026 14:41:33 +0000
ROA not after: Fri 26 Feb 2027 14:46:33 +0000
asID: 149502
IP address blocks: 141.98.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 21:30:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:9e:01:ce:4b:34:d8:1a:40:a7:34:c2:f3:a9:c8:36:bb:06:cf:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Feb 27 14:41:33 2026 GMT
Not After : Feb 26 14:46:33 2027 GMT
Subject: CN=3E883B89A18EC9DD38A6EAAA128C86151A801010
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:29:30:40:f0:8a:76:b3:e2:68:41:35:47:61:
ca:a6:75:5c:96:af:63:85:61:49:a5:1f:02:7b:ef:
ff:31:cb:34:de:b2:3d:89:d7:85:55:97:35:56:01:
15:12:e3:9c:35:ec:c4:cb:65:24:64:8b:4c:5c:1c:
4b:84:15:0a:27:cd:33:46:96:cc:2f:df:e4:37:ae:
01:f6:21:84:46:a5:4c:8a:96:2c:26:6d:3a:91:f5:
3e:28:77:51:e8:85:a5:ad:fe:91:14:e7:17:63:96:
ec:35:d4:00:04:e0:f4:1c:19:28:a1:37:bb:0d:c0:
78:59:f3:83:a7:a1:cc:dc:d7:1e:90:34:e1:7e:1d:
09:88:89:6d:f2:d8:80:ca:52:43:e5:cc:fb:b5:f9:
2b:76:45:5b:32:23:44:35:64:43:19:a7:ae:1b:b2:
cb:bb:3d:22:23:2a:27:c3:87:7e:7e:56:8a:6a:3a:
4e:dc:34:e1:e1:49:17:28:53:79:0b:c2:4f:4c:6c:
b0:bc:3f:e6:b1:39:0e:31:86:5c:e4:f2:a6:6c:1e:
68:f4:e3:f4:1a:a5:bb:57:4e:2e:2c:f4:41:69:65:
41:1b:08:d0:df:a0:eb:51:29:9a:83:11:be:2a:0c:
e9:24:c2:26:a6:c3:83:fa:e5:2f:3f:52:1d:e3:73:
f6:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:88:3B:89:A1:8E:C9:DD:38:A6:EA:AA:12:8C:86:15:1A:80:10:10
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3134312e39382e37352e302f32342d3234203d3e20313439353032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.75.0/24
Signature Algorithm: sha256WithRSAEncryption
39:7f:52:f9:76:83:f0:af:82:20:6b:ff:81:40:cb:ed:ab:4f:
95:87:14:49:8b:f0:c1:64:b4:ac:7f:eb:31:6f:8e:48:44:d2:
98:d7:b8:c8:cd:ba:20:c6:84:32:5d:b0:f1:2c:2e:7b:75:ab:
a0:00:eb:1e:fd:a9:70:36:0c:e2:66:60:92:e5:3b:bc:29:ed:
12:df:c9:39:52:62:19:e5:63:d0:89:fe:cb:c8:03:b8:c0:7c:
5f:43:a2:2d:fc:93:98:d9:96:1c:af:b9:88:74:c7:c2:84:e7:
20:8c:6e:5e:21:ec:50:f5:5e:9e:b5:0f:a5:89:99:41:29:1c:
f8:c9:9b:6e:bf:6f:f5:61:4a:ed:30:5a:37:34:c4:43:a4:7e:
3e:9e:4a:09:a8:94:40:ae:5d:49:c4:73:f3:92:28:f4:5a:ca:
78:60:4a:b2:26:9a:33:5e:59:a2:94:b7:8d:fb:fc:21:ff:47:
7d:54:4c:54:a9:1e:5b:00:7b:76:cb:53:7e:ba:22:2e:22:d4:
7a:bf:23:55:d5:3e:14:c8:fd:67:df:89:39:bb:ff:87:50:df:
59:23:54:46:42:9b:4c:97:dd:7b:18:93:97:82:18:b8:64:fc:
8a:0a:34:fd:6c:0f:98:bb:c1:2f:cd:26:64:8f:8e:30:1f:dc:
65:b1:bd:de
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUAp4Bzks02BpApzTC86nINrsGz4AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNjAyMjcxNDQxMzNaFw0yNzAyMjYxNDQ2MzNaMDMxMTAvBgNV
BAMTKDNFODgzQjg5QTE4RUM5REQzOEE2RUFBQTEyOEM4NjE1MUE4MDEwMTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZKTBA8Ip2s+JoQTVHYcqmdVyW
r2OFYUmlHwJ77/8xyzTesj2J14VVlzVWARUS45w17MTLZSRki0xcHEuEFQonzTNG
lswv3+Q3rgH2IYRGpUyKliwmbTqR9T4od1HohaWt/pEU5xdjluw11AAE4PQcGSih
N7sNwHhZ84Onoczc1x6QNOF+HQmIiW3y2IDKUkPlzPu1+St2RVsyI0Q1ZEMZp64b
ssu7PSIjKifDh35+VopqOk7cNOHhSRcoU3kLwk9MbLC8P+axOQ4xhlzk8qZsHmj0
4/QapbtXTi4s9EFpZUEbCNDfoOtRKZqDEb4qDOkkwiamw4P65S8/Uh3jc/Z1AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUPog7iaGOyd04puqqEoyGFRqAEBAwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzEzNDMxMmUzOTM4MmUzNzM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNDM5MzUzMDMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
jWJLMA0GCSqGSIb3DQEBCwUAA4IBAQA5f1L5doPwr4Iga/+BQMvtq0+VhxRJi/DB
ZLSsf+sxb45IRNKY17jIzbogxoQyXbDxLC57daugAOse/alwNgziZmCS5Tu8Ke0S
38k5UmIZ5WPQif7LyAO4wHxfQ6It/JOY2ZYcr7mIdMfChOcgjG5eIexQ9V6etQ+l
iZlBKRz4yZtuv2/1YUrtMFo3NMRDpH4+nkoJqJRArl1JxHPzkij0Wsp4YEqyJpoz
XlmilLeN+/wh/0d9VExUqR5bAHt2y1N+uiIuItR6vyNV1T4UyP1n34k5u/+HUN9Z
I1RGQptMl917GJOXghi4ZPyKCjT9bA+Yu8EvzSZkj44wH9xlsb3e
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:22:05 2026 by rpki-client