Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3130392e3130362e31322e302f32332d3234203d3e20313437303033.roa
File: 3130392e3130362e31322e302f32332d3234203d3e20313437303033.roa (raw, json)
Hash identifier: LzCdTnoRknZPRy4mNPbsX4r06ziB7DEhkrXn9kynth4=
Subject key identifier: 61:07:06:32:7A:21:23:0F:F1:AB:69:5E:C5:5C:B2:09:0E:C6:AB:88
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 658C4B5B08ED61C76EF80B045F8A595D28DA0081
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3130392e3130362e31322e302f32332d3234203d3e20313437303033.roa
Signing time: Thu 11 Jun 2026 08:06:11 +0000
ROA not before: Thu 11 Jun 2026 08:01:11 +0000
ROA not after: Thu 10 Jun 2027 08:06:11 +0000
asID: 147003
IP address blocks: 109.106.12.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 20:26:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:8c:4b:5b:08:ed:61:c7:6e:f8:0b:04:5f:8a:59:5d:28:da:00:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Jun 11 08:01:11 2026 GMT
Not After : Jun 10 08:06:11 2027 GMT
Subject: CN=610706327A21230FF1AB695EC55CB2090EC6AB88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:9a:a6:28:f0:5b:a8:d7:0a:6d:48:c2:2a:f8:
2c:f6:a5:29:a3:93:02:e0:55:b9:df:d3:a0:c3:be:
2d:4c:53:f3:cb:d0:3d:12:c0:d3:8f:28:8a:94:f0:
04:e2:9a:4e:7e:c0:93:37:fd:f4:c6:a1:e7:42:a1:
10:34:e1:30:e9:31:ad:6b:ca:00:f2:3e:0e:fe:11:
75:7e:97:eb:9c:60:c8:d0:71:89:de:26:47:45:7b:
4d:6b:9d:f6:ce:ff:d4:c5:87:63:5c:c2:ec:bc:ac:
d7:78:ad:aa:87:9a:64:59:6e:e6:c0:0f:0e:23:51:
f6:da:23:4d:2f:ce:3f:84:cc:36:f1:39:26:ee:3b:
59:61:09:73:21:62:ed:57:ef:87:b1:49:31:df:15:
02:6c:aa:51:db:4d:19:e8:87:04:8d:5e:da:91:7c:
f3:f3:9f:5f:0e:1a:a2:ed:5d:f7:3d:d9:ec:71:2a:
4f:1b:6f:0e:d1:11:49:86:9d:bf:69:23:cd:f4:a5:
71:71:fd:2c:7d:3a:f9:1e:cc:79:d3:22:ef:29:c7:
76:43:ae:17:4f:3e:5b:25:49:43:f5:c2:7b:e8:36:
be:fd:f8:17:46:82:bc:3a:5c:69:70:fe:a8:47:6f:
b3:8e:eb:01:cf:14:7e:98:e6:64:00:19:74:68:39:
fb:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:07:06:32:7A:21:23:0F:F1:AB:69:5E:C5:5C:B2:09:0E:C6:AB:88
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3130392e3130362e31322e302f32332d3234203d3e20313437303033.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.106.12.0/23
Signature Algorithm: sha256WithRSAEncryption
72:98:65:d2:68:a8:0b:4f:49:1d:53:a8:7a:83:ec:89:e3:ae:
6e:35:27:bd:97:c8:31:9d:38:7f:80:55:2d:24:0b:0c:47:c3:
5e:c3:b6:d3:82:4f:20:69:ee:28:b6:a1:54:75:28:6e:80:7f:
52:d2:ce:ea:06:f0:f7:fa:87:3e:8e:8c:01:bf:67:53:50:50:
d4:7d:e4:e6:e4:34:b6:e7:38:bd:e5:97:62:d4:39:67:c1:c7:
5c:41:da:ea:c9:cf:65:31:97:b4:f5:34:3b:55:48:0e:e2:cf:
fa:57:35:67:5b:68:15:f3:5b:c8:3f:03:8d:ea:36:4c:4b:1b:
8c:f4:e7:b4:36:96:8f:36:b6:ec:6f:17:5d:3e:df:6b:99:8e:
20:e6:51:78:1f:ef:20:e6:91:ad:8d:24:48:0e:64:ef:9e:98:
67:7d:18:36:83:d6:37:39:3e:65:46:bd:2d:42:b2:ab:6d:62:
bb:d3:16:00:bc:2b:53:da:d5:09:8b:68:12:db:fa:81:9c:6c:
08:a8:d1:d8:f4:1b:3d:c1:c4:96:ea:3f:1f:ab:b1:bc:a4:4d:
7e:78:7e:ac:6e:5c:ba:1a:69:f5:a0:e2:11:2c:c1:c5:13:fa:
24:79:50:a8:4b:03:41:54:ec:49:68:05:87:39:8d:ac:0a:5c:
4a:7b:a3:7d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZYxLWwjtYcdu+AsEX4pZXSjaAIEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNjA2MTEwODAxMTFaFw0yNzA2MTAwODA2MTFaMDMxMTAvBgNV
BAMTKDYxMDcwNjMyN0EyMTIzMEZGMUFCNjk1RUM1NUNCMjA5MEVDNkFCODgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDemqYo8Fuo1wptSMIq+Cz2pSmj
kwLgVbnf06DDvi1MU/PL0D0SwNOPKIqU8ATimk5+wJM3/fTGoedCoRA04TDpMa1r
ygDyPg7+EXV+l+ucYMjQcYneJkdFe01rnfbO/9TFh2Ncwuy8rNd4raqHmmRZbubA
Dw4jUfbaI00vzj+EzDbxOSbuO1lhCXMhYu1X74exSTHfFQJsqlHbTRnohwSNXtqR
fPPzn18OGqLtXfc92exxKk8bbw7REUmGnb9pI830pXFx/Sx9OvkezHnTIu8px3ZD
rhdPPlslSUP1wnvoNr79+BdGgrw6XGlw/qhHb7OO6wHPFH6Y5mQAGXRoOftlAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUYQcGMnohIw/xq2lexVyyCQ7Gq4gwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzMDM5MmUzMTMwMzYyZTMx
MzIyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzMTM0MzczMDMwMzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAFtagwwDQYJKoZIhvcNAQELBQADggEBAHKYZdJoqAtPSR1TqHqD7Injrm41J72X
yDGdOH+AVS0kCwxHw17DttOCTyBp7ii2oVR1KG6Af1LSzuoG8Pf6hz6OjAG/Z1NQ
UNR95ObkNLbnOL3ll2LUOWfBx1xB2urJz2Uxl7T1NDtVSA7iz/pXNWdbaBXzW8g/
A43qNkxLG4z057Q2lo82tuxvF10+32uZjiDmUXgf7yDmka2NJEgOZO+emGd9GDaD
1jc5PmVGvS1CsqttYrvTFgC8K1Pa1QmLaBLb+oGcbAio0dj0Gz3BxJbqPx+rsbyk
TX54fqxuXLoaafWg4hEswcUT+iR5UKhLA0FU7EloBYc5jawKXEp7o30=
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:54:13 2026 by rpki-client