Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139332e32322e3134362e302f32332d3332203d3e203531313637.roa
File: 3139332e32322e3134362e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: MZg0A4zyeKCUIBP58/4FU+C6BF8BH0FOMATtxEhMewI=
Subject key identifier: 7C:3E:5D:D2:AB:48:2C:66:7A:33:D7:FE:C2:A6:C3:DF:7D:9B:2B:4F
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 5958EE9B23D25FD6AEE9F4E89804B0FFE5E49A74
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139332e32322e3134362e302f32332d3332203d3e203531313637.roa
Signing time: Thu 02 Apr 2026 21:23:33 +0000
ROA not before: Thu 02 Apr 2026 21:18:33 +0000
ROA not after: Thu 01 Apr 2027 21:23:33 +0000
asID: 51167
IP address blocks: 193.22.146.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 13:49:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:58:ee:9b:23:d2:5f:d6:ae:e9:f4:e8:98:04:b0:ff:e5:e4:9a:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Apr 2 21:18:33 2026 GMT
Not After : Apr 1 21:23:33 2027 GMT
Subject: CN=7C3E5DD2AB482C667A33D7FEC2A6C3DF7D9B2B4F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:a0:e3:25:d8:84:99:48:6c:2a:bd:50:c1:05:
84:83:f0:0a:f0:4a:56:c3:b6:a6:74:b9:b2:1e:78:
1b:c6:02:95:c2:e8:27:8d:85:d0:23:21:4c:ab:d7:
e1:ab:8b:ad:97:d7:71:56:ef:32:e3:e7:67:65:2f:
99:da:b5:df:b6:43:bf:fa:6a:75:04:8b:4d:60:39:
4f:91:2e:81:69:6a:53:c9:90:15:0f:d7:66:e6:f8:
88:15:09:98:85:da:11:e3:cc:23:63:19:22:6b:51:
84:cf:ee:16:80:63:8f:a8:8e:c6:b7:91:cf:6c:3f:
02:38:cf:13:c6:3a:85:e2:01:52:7c:39:0a:56:5b:
7f:8a:91:6d:20:ca:23:9d:87:a1:a1:be:70:36:18:
d2:3d:83:41:05:c8:05:42:1e:dd:ea:85:20:00:ff:
0e:e3:0b:49:0f:26:12:ea:96:13:90:e5:9a:59:44:
3d:66:8d:88:b3:1c:ad:0a:95:9c:f4:0f:91:34:fc:
3c:14:8f:71:08:f9:0b:56:a8:b4:4b:dc:6b:fc:92:
a1:15:82:17:5f:ad:9f:55:ef:56:6a:75:fe:57:b0:
32:8e:e4:fa:00:29:a1:ed:c8:26:8e:66:a1:af:62:
43:b9:2a:0c:b3:e1:d6:52:a4:ef:e8:7c:ab:67:f9:
a2:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:3E:5D:D2:AB:48:2C:66:7A:33:D7:FE:C2:A6:C3:DF:7D:9B:2B:4F
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139332e32322e3134362e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.22.146.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:ef:e9:2d:bf:9f:94:ea:35:5a:7e:a9:fd:64:a5:95:ef:65:
c0:97:29:e4:7e:20:25:c7:64:1e:b7:05:5c:d1:d6:9e:80:8e:
0f:de:59:3b:b9:80:75:77:06:cb:00:52:26:5c:ba:87:ff:c4:
06:fe:e6:6d:bd:04:4e:9c:90:20:45:8b:2e:5b:23:21:6c:3d:
29:b8:11:4c:17:d9:7d:fa:f5:df:96:9f:c1:e6:c2:a7:fa:f5:
f8:ec:c5:69:d8:75:88:e5:c0:b2:ff:22:b9:d0:7e:35:66:99:
69:52:fa:03:bf:1f:46:11:88:81:5b:63:43:ae:5d:d0:df:6e:
35:db:90:58:ff:cd:4d:8a:36:d9:d2:39:a9:9a:71:b5:b9:d3:
79:e2:bf:06:2c:ff:c4:f2:35:54:31:c6:55:a5:92:aa:89:e9:
f2:ff:9b:29:59:3e:87:88:0a:70:16:19:59:e1:cd:41:5e:3a:
2d:c8:05:b7:58:9c:8b:3e:37:43:5d:fe:0c:41:20:54:fb:73:
69:4e:c4:51:c6:4e:d7:e0:d3:b7:8b:03:2a:ef:7d:58:c7:a5:
d7:0c:f2:bc:c8:31:df:70:23:2f:e8:91:e7:2c:33:37:f5:af:
8f:6d:6f:a2:f5:41:15:20:8e:ae:e3:85:de:b6:f9:04:87:0c:
da:52:68:3c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUWVjumyPSX9au6fTomASw/+XkmnQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNjA0MDIyMTE4MzNaFw0yNzA0MDEyMTIzMzNaMDMxMTAvBgNV
BAMTKDdDM0U1REQyQUI0ODJDNjY3QTMzRDdGRUMyQTZDM0RGN0Q5QjJCNEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD7oOMl2ISZSGwqvVDBBYSD8Arw
SlbDtqZ0ubIeeBvGApXC6CeNhdAjIUyr1+Gri62X13FW7zLj52dlL5natd+2Q7/6
anUEi01gOU+RLoFpalPJkBUP12bm+IgVCZiF2hHjzCNjGSJrUYTP7haAY4+ojsa3
kc9sPwI4zxPGOoXiAVJ8OQpWW3+KkW0gyiOdh6GhvnA2GNI9g0EFyAVCHt3qhSAA
/w7jC0kPJhLqlhOQ5ZpZRD1mjYizHK0KlZz0D5E0/DwUj3EI+QtWqLRL3Gv8kqEV
ghdfrZ9V71Zqdf5XsDKO5PoAKaHtyCaOZqGvYkO5Kgyz4dZSpO/ofKtn+aKjAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUfD5d0qtILGZ6M9f+wqbD332bK08wHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzOTMzMmUzMjMyMmUzMTM0
MzYyZTMwMmYzMjMzMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
wRaSMA0GCSqGSIb3DQEBCwUAA4IBAQBr7+ktv5+U6jVafqn9ZKWV72XAlynkfiAl
x2QetwVc0daegI4P3lk7uYB1dwbLAFImXLqH/8QG/uZtvQROnJAgRYsuWyMhbD0p
uBFMF9l9+vXflp/B5sKn+vX47MVp2HWI5cCy/yK50H41ZplpUvoDvx9GEYiBW2ND
rl3Q324125BY/81NijbZ0jmpmnG1udN54r8GLP/E8jVUMcZVpZKqieny/5spWT6H
iApwFhlZ4c1BXjotyAW3WJyLPjdDXf4MQSBU+3NpTsRRxk7X4NO3iwMq731Yx6XX
DPK8yDHfcCMv6JHnLDM39a+PbW+i9UEVII6u44XetvkEhwzaUmg8
-----END CERTIFICATE-----
Generated at Fri Apr 17 21:24:50 2026 by rpki-client