Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3130392e3130362e31332e302f32342d3234203d3e203633313939.roa
File: 3130392e3130362e31332e302f32342d3234203d3e203633313939.roa (raw, json)
Hash identifier: 4YVwLnNS1aOK7a9hO3N0FSx09GoKueEEKSg2LJ5fO4c=
Subject key identifier: 8A:BA:70:9E:1B:C4:11:A7:E1:EA:AC:20:98:A4:90:F7:83:99:98:B4
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 5BD2A272C2A15ED500F3E933F42618E4D89DF2DC
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3130392e3130362e31332e302f32342d3234203d3e203633313939.roa
Signing time: Mon 30 Mar 2026 10:16:25 +0000
ROA not before: Mon 30 Mar 2026 10:11:25 +0000
ROA not after: Mon 29 Mar 2027 10:16:25 +0000
asID: 63199
IP address blocks: 109.106.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:d2:a2:72:c2:a1:5e:d5:00:f3:e9:33:f4:26:18:e4:d8:9d:f2:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Mar 30 10:11:25 2026 GMT
Not After : Mar 29 10:16:25 2027 GMT
Subject: CN=8ABA709E1BC411A7E1EAAC2098A490F7839998B4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:21:75:08:bd:f3:2f:0f:d2:4d:8c:bf:30:b2:
22:23:c2:e7:c1:66:03:77:1d:33:48:c9:8e:70:da:
26:1c:68:3a:37:f8:97:2c:6b:a8:6e:fe:47:ef:55:
d8:db:35:dc:38:53:17:1c:6b:e1:bd:78:fc:4d:d5:
11:03:2c:13:9c:79:ba:45:63:c8:f3:ad:1e:50:2e:
1c:0e:2c:40:28:b7:36:9d:c9:88:49:39:55:66:47:
52:46:36:22:12:ed:20:af:7f:d4:78:fe:b4:85:76:
81:29:1a:71:04:39:79:b3:2f:c0:f9:08:a3:67:9e:
ad:9a:4a:1c:a8:63:aa:bb:c3:30:0e:ac:d4:7f:89:
79:70:f4:0e:dc:ee:d1:33:2a:3b:72:82:f3:91:6d:
12:dc:4d:f8:12:8d:d9:f2:08:8c:6d:b8:37:df:2a:
71:87:00:60:1a:ba:e4:7b:27:f8:49:92:66:1a:02:
db:d1:b9:62:66:54:c0:ec:82:72:50:d4:43:a0:85:
9e:c7:04:52:41:e8:48:9b:2b:a7:12:da:21:65:d5:
19:f2:01:eb:d0:fa:93:b6:50:ec:b4:60:85:a5:93:
6e:5d:27:2b:0b:33:a4:b4:fc:98:18:39:04:78:fa:
d7:33:11:9b:a3:87:09:3a:f3:a6:2c:5d:66:3d:a3:
5a:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:BA:70:9E:1B:C4:11:A7:E1:EA:AC:20:98:A4:90:F7:83:99:98:B4
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3130392e3130362e31332e302f32342d3234203d3e203633313939.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.106.13.0/24
Signature Algorithm: sha256WithRSAEncryption
94:30:5d:f5:16:d6:c7:3f:54:7c:fc:11:dd:8c:3e:32:d0:33:
c7:bc:e7:c1:10:df:38:3f:d7:02:24:64:c5:ea:36:fb:b4:c1:
a6:88:fd:b3:4b:46:89:3f:b7:a6:13:7c:61:a3:b5:36:d3:d4:
1f:d5:37:1c:1a:0f:c5:cd:4f:d8:6a:7c:e8:15:f8:b4:70:b0:
a5:3e:15:da:b0:6b:cd:76:33:44:02:4a:5b:4f:a6:e2:34:61:
78:a3:2c:1c:4c:11:77:1f:0b:42:67:f8:67:5e:3d:f7:75:9c:
5e:03:aa:23:e6:e8:9f:72:fd:22:35:9d:ab:5a:ad:cf:0c:f2:
f5:67:e3:b9:2e:da:10:bc:df:ee:d9:7b:b7:67:63:62:6a:9a:
51:14:47:94:ab:ee:c2:80:76:fb:2f:8a:29:20:25:d6:9b:f1:
ba:ea:ff:77:9a:ac:6b:d3:e4:24:7c:d5:6b:5c:fd:58:4b:59:
17:c8:40:10:b0:e8:05:d8:ae:b5:f8:a4:ca:c2:54:cc:e4:58:
d8:db:eb:d0:23:25:f3:4f:31:50:56:22:f8:07:c0:69:6e:73:
1e:c1:c7:64:81:d5:e2:b4:8c:01:db:55:48:9d:c7:ae:38:93:
d4:42:19:8c:25:eb:cc:87:26:d8:18:4f:5c:82:70:e2:36:05:
ba:d7:30:78
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUW9KicsKhXtUA8+kz9CYY5Nid8twwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNjAzMzAxMDExMjVaFw0yNzAzMjkxMDE2MjVaMDMxMTAvBgNV
BAMTKDhBQkE3MDlFMUJDNDExQTdFMUVBQUMyMDk4QTQ5MEY3ODM5OTk4QjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXIXUIvfMvD9JNjL8wsiIjwufB
ZgN3HTNIyY5w2iYcaDo3+Jcsa6hu/kfvVdjbNdw4Uxcca+G9ePxN1REDLBOcebpF
Y8jzrR5QLhwOLEAotzadyYhJOVVmR1JGNiIS7SCvf9R4/rSFdoEpGnEEOXmzL8D5
CKNnnq2aShyoY6q7wzAOrNR/iXlw9A7c7tEzKjtygvORbRLcTfgSjdnyCIxtuDff
KnGHAGAauuR7J/hJkmYaAtvRuWJmVMDsgnJQ1EOghZ7HBFJB6EibK6cS2iFl1Rny
AevQ+pO2UOy0YIWlk25dJysLM6S0/JgYOQR4+tczEZujhwk686YsXWY9o1qDAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUirpwnhvEEafh6qwgmKSQ94OZmLQwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzMDM5MmUzMTMwMzYyZTMx
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMzMzEzOTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
bWoNMA0GCSqGSIb3DQEBCwUAA4IBAQCUMF31FtbHP1R8/BHdjD4y0DPHvOfBEN84
P9cCJGTF6jb7tMGmiP2zS0aJP7emE3xho7U209Qf1TccGg/FzU/YanzoFfi0cLCl
PhXasGvNdjNEAkpbT6biNGF4oywcTBF3HwtCZ/hnXj33dZxeA6oj5uifcv0iNZ2r
Wq3PDPL1Z+O5LtoQvN/u2Xu3Z2NiappRFEeUq+7CgHb7L4opICXWm/G66v93mqxr
0+QkfNVrXP1YS1kXyEAQsOgF2K61+KTKwlTM5FjY2+vQIyXzTzFQViL4B8BpbnMe
wcdkgdXitIwB21VInceuOJPUQhmMJevMhybYGE9cgnDiNgW61zB4
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:50:52 2026 by rpki-client