Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3130392e3130362e31322e302f32342d3234203d3e20323134303235.roa
File: 3130392e3130362e31322e302f32342d3234203d3e20323134303235.roa (raw, json)
Hash identifier: ObdxE7AOdiXM0bfRRQbmJZr+dw6MYQfAh+Yf9ea9ZT4=
Subject key identifier: D4:86:B7:DC:AC:1B:E3:31:E1:97:FD:05:B1:5D:F7:5F:A7:B8:C4:20
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 516BF319BB89E9BE46EFD16C5038C22E6F9E21DB
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3130392e3130362e31322e302f32342d3234203d3e20323134303235.roa
Signing time: Tue 31 Mar 2026 09:06:20 +0000
ROA not before: Tue 31 Mar 2026 09:01:20 +0000
ROA not after: Tue 30 Mar 2027 09:06:20 +0000
asID: 214025
IP address blocks: 109.106.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:6b:f3:19:bb:89:e9:be:46:ef:d1:6c:50:38:c2:2e:6f:9e:21:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Mar 31 09:01:20 2026 GMT
Not After : Mar 30 09:06:20 2027 GMT
Subject: CN=D486B7DCAC1BE331E197FD05B15DF75FA7B8C420
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d5:12:e5:d6:c7:1d:38:c3:77:c0:8f:72:af:
2e:e1:47:aa:57:79:f7:b1:ce:f4:6e:a9:ce:d0:05:
c8:ad:db:c6:9f:b9:42:d9:01:db:6a:48:04:67:70:
b9:13:b4:45:03:90:e8:fd:30:38:c3:80:73:22:04:
29:85:d4:0f:7c:7d:fe:98:19:88:d2:cf:af:b3:c8:
f6:ad:38:e7:8d:9d:3a:67:51:42:44:bb:6e:c2:0e:
0c:2a:91:bb:34:c5:96:4c:6d:3d:a3:ba:56:0d:9e:
eb:cd:30:9d:e7:92:96:9b:68:44:1c:ad:cf:a5:3d:
bb:ec:02:08:48:c4:2f:72:b6:23:42:89:ea:2d:c7:
55:3c:b8:7c:7d:de:40:ea:45:31:86:6b:9d:45:6e:
fa:3b:19:02:3d:c4:48:68:ad:98:c4:0e:60:33:e1:
b3:cf:f0:fe:59:19:f7:af:7e:03:40:d7:87:76:a9:
52:9f:c7:19:d1:1d:2f:03:2b:a7:1d:75:e7:bd:35:
ca:3f:ea:20:b0:1a:b7:57:c1:c7:54:0f:1e:90:4e:
2e:9b:1c:f2:46:24:4e:7a:11:60:9c:97:28:bb:54:
ef:07:15:09:54:dc:74:23:20:6a:b3:78:a8:a9:3c:
6b:9e:f3:51:bc:e8:77:82:b6:67:bf:68:ee:fc:ec:
4f:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:86:B7:DC:AC:1B:E3:31:E1:97:FD:05:B1:5D:F7:5F:A7:B8:C4:20
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3130392e3130362e31322e302f32342d3234203d3e20323134303235.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.106.12.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:f0:ba:b9:3b:19:fa:dc:2d:6e:7c:b5:ee:a3:5d:8f:b4:36:
33:ac:10:7a:01:d4:d1:bd:ac:71:7f:8f:30:20:b5:8c:62:fe:
1f:b2:09:f1:b3:ee:02:99:8a:f1:e6:0c:04:e3:d1:b0:b2:19:
45:76:60:f4:f4:d0:d2:5b:3e:90:e2:35:15:76:53:95:fa:50:
52:f4:6f:a7:85:64:98:08:3e:17:6e:44:dc:b8:4d:c9:36:66:
a2:f4:1e:7c:4e:7f:e1:ff:18:00:1e:47:2e:76:2c:8c:d9:62:
5c:dd:e7:1b:d4:ba:8b:20:c6:09:80:37:00:dd:d8:2e:8b:bc:
77:a1:dd:08:52:f5:73:33:12:d3:55:13:1a:1b:22:b5:f2:ae:
f7:35:aa:85:da:7c:bc:af:08:88:a6:7f:37:08:8e:0f:89:aa:
1a:68:e2:00:26:b4:86:82:ef:3c:ac:3d:13:12:d3:1f:47:7c:
3f:4a:ca:af:1d:c8:88:98:e2:59:e9:08:c6:95:69:86:5c:a3:
ac:11:d3:56:ec:f3:8a:d0:dd:8a:f1:48:81:d8:01:9d:c0:25:
3b:1f:24:ce:8c:bd:bf:9b:f2:69:ff:72:3e:cd:51:9b:fb:2a:
73:e9:c1:02:78:5e:fd:60:b7:0c:4f:8e:a7:37:56:bf:85:d1:
99:70:b5:b7
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUUWvzGbuJ6b5G79FsUDjCLm+eIdswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNjAzMzEwOTAxMjBaFw0yNzAzMzAwOTA2MjBaMDMxMTAvBgNV
BAMTKEQ0ODZCN0RDQUMxQkUzMzFFMTk3RkQwNUIxNURGNzVGQTdCOEM0MjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+1RLl1scdOMN3wI9yry7hR6pX
efexzvRuqc7QBcit28afuULZAdtqSARncLkTtEUDkOj9MDjDgHMiBCmF1A98ff6Y
GYjSz6+zyPatOOeNnTpnUUJEu27CDgwqkbs0xZZMbT2julYNnuvNMJ3nkpabaEQc
rc+lPbvsAghIxC9ytiNCieotx1U8uHx93kDqRTGGa51Fbvo7GQI9xEhorZjEDmAz
4bPP8P5ZGfevfgNA14d2qVKfxxnRHS8DK6cddee9Nco/6iCwGrdXwcdUDx6QTi6b
HPJGJE56EWCclyi7VO8HFQlU3HQjIGqzeKipPGue81G86HeCtme/aO787E/vAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU1Ia33Kwb4zHhl/0FsV33X6e4xCAwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzMDM5MmUzMTMwMzYyZTMx
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzQzMDMyMzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABtagwwDQYJKoZIhvcNAQELBQADggEBAG/wurk7GfrcLW58te6jXY+0NjOsEHoB
1NG9rHF/jzAgtYxi/h+yCfGz7gKZivHmDATj0bCyGUV2YPT00NJbPpDiNRV2U5X6
UFL0b6eFZJgIPhduRNy4Tck2ZqL0HnxOf+H/GAAeRy52LIzZYlzd5xvUuosgxgmA
NwDd2C6LvHeh3QhS9XMzEtNVExobIrXyrvc1qoXafLyvCIimfzcIjg+Jqhpo4gAm
tIaC7zysPRMS0x9HfD9Kyq8dyIiY4lnpCMaVaYZco6wR01bs84rQ3YrxSIHYAZ3A
JTsfJM6Mvb+b8mn/cj7NUZv7KnPpwQJ4Xv1gtwxPjqc3Vr+F0Zlwtbc=
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:01:52 2026 by rpki-client