Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3130392e3130362e31332e302f32342d3234203d3e203134363138.roa
File: 3130392e3130362e31332e302f32342d3234203d3e203134363138.roa (raw, json)
Hash identifier: cQ5+OsTD7ZXl/9WfJaS0FLCGStv7X3qJ7KcRZiyhFT8=
Subject key identifier: 51:04:76:3C:85:55:D6:81:DC:0D:32:02:C2:F0:AB:6D:6C:29:41:3C
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 4D51ACA04F3856BD74E5629DE522F71205A7E8CC
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3130392e3130362e31332e302f32342d3234203d3e203134363138.roa
Signing time: Fri 27 Feb 2026 22:14:50 +0000
ROA not before: Fri 27 Feb 2026 22:09:50 +0000
ROA not after: Fri 26 Feb 2027 22:14:50 +0000
asID: 14618
IP address blocks: 109.106.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:51:ac:a0:4f:38:56:bd:74:e5:62:9d:e5:22:f7:12:05:a7:e8:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Feb 27 22:09:50 2026 GMT
Not After : Feb 26 22:14:50 2027 GMT
Subject: CN=5104763C8555D681DC0D3202C2F0AB6D6C29413C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:08:9c:60:0d:35:81:ba:d1:2e:23:d4:66:b6:
ad:2d:a5:0a:43:0f:b1:c7:2b:8b:46:20:14:b3:7b:
2f:b0:e7:bc:bb:38:ff:7e:10:4f:5f:34:9e:fa:d4:
26:ec:92:c3:e1:e7:55:65:96:c8:ea:13:e1:6f:98:
fb:2c:1b:d7:51:ad:6b:dd:70:fb:d1:4a:4c:5f:08:
55:6e:55:49:2b:09:3f:dd:a6:a5:22:35:96:92:bc:
73:7c:18:e4:e2:fc:87:8a:24:5a:51:91:e0:0c:fd:
dc:55:19:bb:e9:ff:c5:d0:40:4b:7a:fc:b0:eb:06:
b7:33:a6:f1:b8:5f:89:60:e8:e8:72:cb:b4:dc:45:
92:0e:93:19:f4:92:d5:f6:83:33:e5:75:72:1c:1b:
59:e5:09:ca:dc:f6:68:0d:72:fa:e8:4f:38:12:7b:
bd:3e:63:b5:21:e8:40:c0:9b:af:7b:0b:57:78:2d:
36:4a:02:d7:a6:82:f9:50:32:e5:31:82:5a:a9:80:
20:9a:6b:21:34:9e:c4:bd:7b:15:95:3f:7c:51:df:
60:1e:f8:13:e3:14:ca:3e:77:23:0f:81:1b:88:d2:
2b:ac:1b:e4:f2:21:1c:79:75:ba:bb:78:58:7c:c7:
21:be:c4:d2:51:77:ed:98:fe:53:a5:99:a2:e7:f4:
af:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:04:76:3C:85:55:D6:81:DC:0D:32:02:C2:F0:AB:6D:6C:29:41:3C
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3130392e3130362e31332e302f32342d3234203d3e203134363138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.106.13.0/24
Signature Algorithm: sha256WithRSAEncryption
33:f2:61:57:60:d9:44:cb:0f:6c:eb:a6:e4:bb:31:b6:82:91:
a1:26:3d:24:43:b6:77:88:45:99:3d:a2:b6:01:22:23:0a:b0:
56:34:5c:0c:1a:a7:0b:65:51:8d:ea:62:c2:a1:9b:5b:a1:65:
87:12:37:1c:32:1b:cd:66:e0:fb:ab:cd:82:45:0d:8d:0c:21:
c0:2a:ab:a5:8e:fc:b9:12:a5:82:fc:93:84:d8:ad:0a:4e:8a:
4a:98:da:f2:6d:c0:4f:69:0c:cc:07:fa:a2:6c:c8:da:22:c5:
ed:7a:d8:09:92:34:c0:f1:ac:db:03:2b:4d:65:be:d4:9a:43:
75:f3:27:9f:ad:0d:be:63:20:e9:26:d3:88:45:e6:4f:1a:6e:
24:c6:95:19:a3:fb:ae:36:67:6e:58:08:d7:7c:c7:75:44:c9:
ac:0f:84:f9:8e:bf:a8:70:3d:e4:bc:30:f1:e7:15:1d:70:9e:
72:21:7e:6a:62:b2:17:68:51:40:58:34:0c:dd:4d:3a:71:02:
e6:89:b6:87:ad:d2:42:ca:9f:a0:3b:f8:ca:33:a2:9e:89:af:
7e:5d:3a:6b:b4:cc:79:37:bb:69:2a:6a:38:88:e2:07:df:d1:
58:a3:59:8d:9b:96:d9:51:81:2b:f4:36:a4:b9:53:ab:fa:3c:
77:c8:a2:1f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUTVGsoE84Vr105WKd5SL3EgWn6MwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNjAyMjcyMjA5NTBaFw0yNzAyMjYyMjE0NTBaMDMxMTAvBgNV
BAMTKDUxMDQ3NjNDODU1NUQ2ODFEQzBEMzIwMkMyRjBBQjZENkMyOTQxM0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDICJxgDTWButEuI9Rmtq0tpQpD
D7HHK4tGIBSzey+w57y7OP9+EE9fNJ761CbsksPh51VllsjqE+FvmPssG9dRrWvd
cPvRSkxfCFVuVUkrCT/dpqUiNZaSvHN8GOTi/IeKJFpRkeAM/dxVGbvp/8XQQEt6
/LDrBrczpvG4X4lg6Ohyy7TcRZIOkxn0ktX2gzPldXIcG1nlCcrc9mgNcvroTzgS
e70+Y7Uh6EDAm697C1d4LTZKAtemgvlQMuUxglqpgCCaayE0nsS9exWVP3xR32Ae
+BPjFMo+dyMPgRuI0iusG+TyIRx5dbq7eFh8xyG+xNJRd+2Y/lOlmaLn9K9HAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUUQR2PIVV1oHcDTICwvCrbWwpQTwwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzMDM5MmUzMTMwMzYyZTMx
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM0MzYzMTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
bWoNMA0GCSqGSIb3DQEBCwUAA4IBAQAz8mFXYNlEyw9s66bkuzG2gpGhJj0kQ7Z3
iEWZPaK2ASIjCrBWNFwMGqcLZVGN6mLCoZtboWWHEjccMhvNZuD7q82CRQ2NDCHA
Kquljvy5EqWC/JOE2K0KTopKmNrybcBPaQzMB/qibMjaIsXtetgJkjTA8azbAytN
Zb7UmkN18yefrQ2+YyDpJtOIReZPGm4kxpUZo/uuNmduWAjXfMd1RMmsD4T5jr+o
cD3kvDDx5xUdcJ5yIX5qYrIXaFFAWDQM3U06cQLmibaHrdJCyp+gO/jKM6Keia9+
XTprtMx5N7tpKmo4iOIH39FYo1mNm5bZUYEr9DakuVOr+jx3yKIf
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:54:53 2026 by rpki-client