Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3134372e37382e34382e302f32322d3234203d3e20333936333139.roa
File: 3134372e37382e34382e302f32322d3234203d3e20333936333139.roa (raw, json)
Hash identifier: dcCR67w7e/reHnqmEy/3uWg6RHRhIOgGNaldf1nV4/o=
Subject key identifier: 29:0D:E0:38:C2:D2:D7:58:0F:79:DE:3E:5E:0A:BE:B7:32:09:9E:E9
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 06877D6DE97C897CA7083E32E67D0A54037D593E
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3134372e37382e34382e302f32322d3234203d3e20333936333139.roa
Signing time: Mon 29 Dec 2025 09:50:24 +0000
ROA not before: Mon 29 Dec 2025 09:45:24 +0000
ROA not after: Mon 28 Dec 2026 09:50:24 +0000
asID: 396319
IP address blocks: 147.78.48.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 21:16:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:87:7d:6d:e9:7c:89:7c:a7:08:3e:32:e6:7d:0a:54:03:7d:59:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Dec 29 09:45:24 2025 GMT
Not After : Dec 28 09:50:24 2026 GMT
Subject: CN=290DE038C2D2D7580F79DE3E5E0ABEB732099EE9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a5:53:90:5c:fc:f4:8c:cf:ae:c0:28:6e:a5:
e4:11:3f:b5:27:25:74:09:27:bc:da:a2:ce:83:2b:
46:cc:0f:b6:6b:ae:3b:60:24:f4:b4:c3:06:0f:b5:
10:55:11:a8:dc:88:23:fd:0c:06:ed:17:ca:12:e0:
b1:58:90:48:2d:1d:bb:dc:c6:0e:3f:bc:9c:6c:cd:
29:53:90:fa:bc:89:49:23:c9:45:c9:f4:41:a6:4f:
85:e6:b1:ca:10:50:ca:35:e1:39:71:47:f8:67:c2:
58:6c:c9:33:a9:f9:4b:fc:47:6b:15:1f:8e:f2:e8:
99:99:91:8c:bd:c8:79:5f:51:eb:de:1f:75:00:41:
a0:91:91:6a:d1:c0:b0:6f:09:09:34:b7:8d:10:7e:
e2:19:bf:71:64:c1:a3:e5:c6:be:8c:c8:b8:2c:52:
15:4e:30:e8:70:2b:3a:05:d4:62:7b:35:ba:43:5d:
7a:13:00:32:f5:2d:2c:63:e8:fc:2c:6d:17:4c:c9:
76:b1:41:a4:23:0d:b9:87:ec:5a:fe:cf:5e:ad:45:
88:e7:fc:27:80:d7:9c:a1:ff:97:01:7d:3b:d3:5c:
52:c8:f4:a0:06:66:e7:1a:08:42:93:8f:93:02:87:
f6:c6:fb:46:95:44:21:c8:5e:72:71:82:0b:9a:34:
2f:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:0D:E0:38:C2:D2:D7:58:0F:79:DE:3E:5E:0A:BE:B7:32:09:9E:E9
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3134372e37382e34382e302f32322d3234203d3e20333936333139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.48.0/22
Signature Algorithm: sha256WithRSAEncryption
80:25:f2:05:06:c1:60:5d:c1:85:3d:74:dd:61:c7:3a:f1:da:
90:3a:48:17:eb:64:a2:29:96:2d:3e:0e:74:28:71:45:f3:58:
14:05:ac:65:01:50:4f:c0:24:93:55:04:0b:e4:5a:3c:0d:42:
be:ab:ae:9e:e7:00:63:fd:c0:49:58:58:03:d7:c5:05:a4:ec:
9d:39:4a:eb:e3:3a:9a:40:9d:20:4f:8e:5e:ad:56:c9:05:88:
c7:00:64:4f:15:42:ef:13:c2:52:0e:2f:36:eb:1c:db:24:c0:
56:be:35:85:75:9e:f1:a1:f0:a3:73:91:ca:18:bb:84:97:c4:
41:fe:d9:95:28:0e:db:e6:fd:37:22:67:3d:19:3f:ca:00:65:
1e:02:5a:bc:ee:dc:f9:12:ef:6e:e5:77:6e:5f:55:c6:e6:39:
48:d6:af:22:e9:22:21:ba:3e:85:2b:26:98:e9:90:b2:02:da:
26:f2:8f:21:9b:cb:57:17:81:f6:80:37:fc:f6:6f:8a:61:80:
58:f8:a4:97:11:84:8e:2b:3f:f6:aa:d5:0e:20:a6:e5:dc:f3:
5a:fd:a4:f0:d5:35:bd:e7:f3:1f:11:5f:95:b5:bd:63:16:87:
38:72:4c:c5:c1:cf:c7:fd:24:a0:9d:e4:b7:8c:aa:69:98:02:
bc:98:d8:28
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUBod9bel8iXynCD4y5n0KVAN9WT4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTEyMjkwOTQ1MjRaFw0yNjEyMjgwOTUwMjRaMDMxMTAvBgNV
BAMTKDI5MERFMDM4QzJEMkQ3NTgwRjc5REUzRTVFMEFCRUI3MzIwOTlFRTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2pVOQXPz0jM+uwChupeQRP7Un
JXQJJ7zaos6DK0bMD7ZrrjtgJPS0wwYPtRBVEajciCP9DAbtF8oS4LFYkEgtHbvc
xg4/vJxszSlTkPq8iUkjyUXJ9EGmT4XmscoQUMo14TlxR/hnwlhsyTOp+Uv8R2sV
H47y6JmZkYy9yHlfUeveH3UAQaCRkWrRwLBvCQk0t40QfuIZv3FkwaPlxr6MyLgs
UhVOMOhwKzoF1GJ7NbpDXXoTADL1LSxj6PwsbRdMyXaxQaQjDbmH7Fr+z16tRYjn
/CeA15yh/5cBfTvTXFLI9KAGZucaCEKTj5MCh/bG+0aVRCHIXnJxgguaNC/PAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUKQ3gOMLS11gPed4+Xgq+tzIJnukwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzNDM3MmUzNzM4MmUzNDM4
MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzMzOTM2MzMzMTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
k04wMA0GCSqGSIb3DQEBCwUAA4IBAQCAJfIFBsFgXcGFPXTdYcc68dqQOkgX62Si
KZYtPg50KHFF81gUBaxlAVBPwCSTVQQL5Fo8DUK+q66e5wBj/cBJWFgD18UFpOyd
OUrr4zqaQJ0gT45erVbJBYjHAGRPFULvE8JSDi826xzbJMBWvjWFdZ7xofCjc5HK
GLuEl8RB/tmVKA7b5v03Imc9GT/KAGUeAlq87tz5Eu9u5XduX1XG5jlI1q8i6SIh
uj6FKyaY6ZCyAtom8o8hm8tXF4H2gDf89m+KYYBY+KSXEYSOKz/2qtUOIKbl3PNa
/aTw1TW95/MfEV+Vtb1jFoc4ckzFwc/H/SSgneS3jKppmAK8mNgo
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:00:49 2026 by rpki-client