Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3135322e38392e3132362e302f32342d3234203d3e20323134303235.roa
File: 3135322e38392e3132362e302f32342d3234203d3e20323134303235.roa (raw, json)
Hash identifier: 9M0pGsxDADnUuLXILg0M0HuB6ow5kZkTFgfx4TTnlVw=
Subject key identifier: 2E:44:4C:0A:C5:A2:71:84:56:A2:19:CC:E9:C1:64:A9:CB:2D:06:5A
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 619BC42072D02729CB77C1CDF79E258BE4299953
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3135322e38392e3132362e302f32342d3234203d3e20323134303235.roa
Signing time: Fri 06 Feb 2026 11:25:31 +0000
ROA not before: Fri 06 Feb 2026 11:20:31 +0000
ROA not after: Fri 05 Feb 2027 11:25:31 +0000
asID: 214025
IP address blocks: 152.89.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:9b:c4:20:72:d0:27:29:cb:77:c1:cd:f7:9e:25:8b:e4:29:99:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Feb 6 11:20:31 2026 GMT
Not After : Feb 5 11:25:31 2027 GMT
Subject: CN=2E444C0AC5A2718456A219CCE9C164A9CB2D065A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:1d:83:2a:f7:5e:ee:7e:17:ed:3d:84:03:2f:
f4:fb:d0:44:1b:4f:b8:79:08:74:fe:c9:b9:fd:94:
d9:9d:ac:e2:47:96:c8:2f:fd:e0:32:32:0a:26:f3:
f7:69:fa:e6:d2:5e:f2:6b:78:75:92:06:8c:70:d8:
37:44:db:46:12:9c:ab:0a:41:73:8e:2e:26:53:06:
b6:d6:1f:50:8c:c8:b3:74:a1:43:c7:d9:f9:97:95:
19:de:06:41:45:84:fb:77:ac:35:57:42:bf:ff:0a:
7e:94:97:61:6b:0b:62:4a:2b:c2:40:2e:7a:42:73:
82:ad:82:cf:1b:cc:84:7d:f2:92:48:20:48:f4:89:
b1:66:96:96:a1:78:c4:de:b7:82:0f:78:de:72:19:
02:cf:23:b6:09:97:ab:74:fe:1f:61:3f:39:38:13:
d1:fb:1f:4f:7e:b2:68:06:47:b4:ef:56:cc:49:9e:
fb:96:4f:78:4f:14:eb:87:9d:68:69:9c:a8:df:e4:
0c:f8:16:17:be:3c:6e:a3:e8:7d:6f:16:d3:3f:65:
7d:79:26:e0:92:5e:ce:c5:55:7c:da:d0:5a:69:9c:
e8:63:32:14:6b:7b:98:de:5a:86:9b:05:01:39:63:
55:4d:5a:37:71:89:a6:82:9a:a5:76:3c:1d:19:5d:
99:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:44:4C:0A:C5:A2:71:84:56:A2:19:CC:E9:C1:64:A9:CB:2D:06:5A
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3135322e38392e3132362e302f32342d3234203d3e20323134303235.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.126.0/24
Signature Algorithm: sha256WithRSAEncryption
70:e8:cc:bd:86:36:fc:a0:e3:a6:09:20:22:d6:3d:21:60:2f:
91:4a:02:f8:2d:90:53:82:17:d5:59:6d:ba:0a:be:08:12:bf:
c7:52:b5:b1:2c:ce:bf:19:80:5c:7e:2b:54:cf:22:80:e9:7f:
60:1c:06:cc:a6:9c:96:e3:72:70:46:92:21:0c:00:cb:0a:2e:
e0:ce:68:f6:08:02:ea:fe:a6:53:49:d7:4d:0f:e2:0a:27:be:
55:65:71:35:96:12:4d:c0:76:c3:3c:b2:97:42:1b:6c:d8:d4:
36:05:c7:5a:3d:42:53:4f:dd:4d:3d:10:4d:db:a8:95:3d:7f:
aa:2f:e4:65:ff:81:64:76:92:0c:09:82:8c:a0:fe:ee:3f:32:
c6:0b:e2:31:d3:d4:c3:7f:dc:e4:a3:1b:66:a0:c9:df:dc:38:
0b:64:f0:4b:69:32:b5:2f:c5:f0:4c:30:6f:94:ce:da:11:8b:
59:06:1a:b4:bb:c7:ed:1e:28:04:3f:ce:a2:29:cf:57:f9:42:
d7:87:07:48:5b:a2:5d:f3:ce:1f:fb:fd:99:f2:83:f2:ee:91:
f2:da:bf:34:59:a5:7f:3a:34:c1:a2:24:00:f7:5d:cd:48:c8:
10:2c:33:9f:31:12:47:8f:4a:72:3c:a4:27:3b:21:33:24:c2:
b8:2e:31:e9
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUYZvEIHLQJynLd8HN954li+QpmVMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNjAyMDYxMTIwMzFaFw0yNzAyMDUxMTI1MzFaMDMxMTAvBgNV
BAMTKDJFNDQ0QzBBQzVBMjcxODQ1NkEyMTlDQ0U5QzE2NEE5Q0IyRDA2NUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZHYMq917ufhftPYQDL/T70EQb
T7h5CHT+ybn9lNmdrOJHlsgv/eAyMgom8/dp+ubSXvJreHWSBoxw2DdE20YSnKsK
QXOOLiZTBrbWH1CMyLN0oUPH2fmXlRneBkFFhPt3rDVXQr//Cn6Ul2FrC2JKK8JA
LnpCc4Ktgs8bzIR98pJIIEj0ibFmlpaheMTet4IPeN5yGQLPI7YJl6t0/h9hPzk4
E9H7H09+smgGR7TvVsxJnvuWT3hPFOuHnWhpnKjf5Az4Fhe+PG6j6H1vFtM/ZX15
JuCSXs7FVXza0FppnOhjMhRre5jeWoabBQE5Y1VNWjdxiaaCmqV2PB0ZXZnlAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQULkRMCsWicYRWohnM6cFkqcstBlowHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzNTMyMmUzODM5MmUzMTMy
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzQzMDMyMzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACYWX4wDQYJKoZIhvcNAQELBQADggEBAHDozL2GNvyg46YJICLWPSFgL5FKAvgt
kFOCF9VZbboKvggSv8dStbEszr8ZgFx+K1TPIoDpf2AcBsymnJbjcnBGkiEMAMsK
LuDOaPYIAur+plNJ100P4gonvlVlcTWWEk3AdsM8spdCG2zY1DYFx1o9QlNP3U09
EE3bqJU9f6ov5GX/gWR2kgwJgoyg/u4/MsYL4jHT1MN/3OSjG2agyd/cOAtk8Etp
MrUvxfBMMG+UztoRi1kGGrS7x+0eKAQ/zqIpz1f5QteHB0hbol3zzh/7/Znyg/Lu
kfLavzRZpX86NMGiJAD3Xc1IyBAsM58xEkePSnI8pCc7ITMkwrguMek=
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:26:24 2026 by rpki-client