Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139332e34332e36392e302f32342d3234203d3e20313336373837.roa
File: 3139332e34332e36392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: g6M5BWjylh9NlAFd6ft1G8EARd/+m8TS+yUVEExJnJ4=
Subject key identifier: BD:5A:41:81:5B:40:37:70:87:4D:78:EF:17:50:8C:EF:DC:A6:4A:DE
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 3F8D811C5FCD41E5ED10AB83D5AE8E49D97ABAD3
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139332e34332e36392e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 04 Feb 2026 20:23:15 +0000
ROA not before: Wed 04 Feb 2026 20:18:15 +0000
ROA not after: Wed 03 Feb 2027 20:23:15 +0000
asID: 136787
IP address blocks: 193.43.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 12:36:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:8d:81:1c:5f:cd:41:e5:ed:10:ab:83:d5:ae:8e:49:d9:7a:ba:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Feb 4 20:18:15 2026 GMT
Not After : Feb 3 20:23:15 2027 GMT
Subject: CN=BD5A41815B403770874D78EF17508CEFDCA64ADE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ea:ae:4f:40:1a:33:45:63:23:a1:0c:70:ab:
51:0f:3c:d9:a2:92:43:9c:c0:21:bb:8d:3b:f3:c3:
f9:7c:33:3f:b3:ab:20:ec:fd:b7:cd:50:26:fd:86:
b3:1a:c4:5f:96:2d:bc:bb:aa:33:b8:1b:79:e0:e0:
79:08:34:0f:61:7a:d3:d0:48:78:f1:32:71:c5:9b:
68:e4:64:7d:e6:19:1c:52:32:06:0a:70:a2:10:6b:
e4:d9:b9:77:b7:f8:8c:00:9d:93:36:3a:72:68:11:
93:a5:24:58:6c:e7:82:6a:69:73:ce:a5:a8:90:01:
be:de:f5:0b:af:f9:af:bd:b2:ef:9a:15:af:90:55:
91:e1:1e:6f:c2:e3:a4:34:98:79:a7:4b:d0:6a:cd:
30:d5:f9:29:a2:d3:16:35:74:af:99:80:98:64:c4:
4a:df:01:25:de:e0:9a:04:fd:f7:15:f0:63:ab:f4:
ba:57:53:64:77:00:7c:51:ae:2a:fa:b1:2d:92:a8:
f1:c0:b1:e6:0f:73:7b:fa:95:fa:11:f3:97:02:62:
94:08:f4:a8:cc:fb:06:c4:54:cc:c3:93:17:37:c0:
dc:b2:88:e9:25:74:c3:45:90:9e:ce:12:3e:fe:53:
36:ce:8c:23:14:11:15:aa:32:9c:6c:95:1d:a3:b0:
bc:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:5A:41:81:5B:40:37:70:87:4D:78:EF:17:50:8C:EF:DC:A6:4A:DE
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139332e34332e36392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.43.69.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:ae:b5:26:cb:22:a2:9d:32:06:9c:0c:06:64:bd:20:28:e5:
14:01:cf:80:82:00:69:b3:61:56:84:12:cb:bd:05:95:47:ae:
9e:85:43:62:1a:49:36:74:83:76:56:38:15:1e:6c:1c:3b:ac:
2b:93:fd:49:62:14:bd:ff:45:db:2a:26:d7:ff:fe:3e:d0:5a:
90:10:9b:44:d1:f2:71:03:d2:37:89:1d:be:c0:ef:7f:b5:fe:
fd:20:c7:f7:d7:63:a8:db:6a:22:86:97:11:0a:b7:da:7c:df:
95:d9:90:c6:24:f1:04:10:c8:33:69:7d:e2:00:45:ae:8e:ee:
42:37:b2:54:df:41:5c:d7:33:7e:4b:7f:39:92:56:a9:88:36:
52:cd:25:18:a4:dc:12:d8:fd:43:d0:c4:0d:44:80:0b:30:df:
7b:f0:9b:64:93:ae:5f:52:2f:cf:72:20:bd:e2:9b:e9:bf:90:
51:90:da:13:24:41:ed:01:5c:8f:bb:80:40:19:b6:83:e0:44:
8b:36:ce:11:f3:0d:51:3f:af:29:0e:c1:bc:67:87:d8:b6:52:
85:00:bb:ec:47:a6:ff:8d:93:af:92:cd:0e:4e:47:5b:7a:1d:
e2:31:2a:8a:e9:6d:4e:90:a5:f4:62:b8:50:12:c8:0b:90:a6:
91:ac:0c:5c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUP42BHF/NQeXtEKuD1a6OSdl6utMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNjAyMDQyMDE4MTVaFw0yNzAyMDMyMDIzMTVaMDMxMTAvBgNV
BAMTKEJENUE0MTgxNUI0MDM3NzA4NzRENzhFRjE3NTA4Q0VGRENBNjRBREUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj6q5PQBozRWMjoQxwq1EPPNmi
kkOcwCG7jTvzw/l8Mz+zqyDs/bfNUCb9hrMaxF+WLby7qjO4G3ng4HkINA9hetPQ
SHjxMnHFm2jkZH3mGRxSMgYKcKIQa+TZuXe3+IwAnZM2OnJoEZOlJFhs54JqaXPO
paiQAb7e9Quv+a+9su+aFa+QVZHhHm/C46Q0mHmnS9BqzTDV+Smi0xY1dK+ZgJhk
xErfASXe4JoE/fcV8GOr9LpXU2R3AHxRrir6sS2SqPHAseYPc3v6lfoR85cCYpQI
9KjM+wbEVMzDkxc3wNyyiOkldMNFkJ7OEj7+UzbOjCMUERWqMpxslR2jsLx7AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUvVpBgVtAN3CHTXjvF1CM79ymSt4wHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzOTMzMmUzNDMzMmUzNjM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wStFMA0GCSqGSIb3DQEBCwUAA4IBAQCtrrUmyyKinTIGnAwGZL0gKOUUAc+AggBp
s2FWhBLLvQWVR66ehUNiGkk2dIN2VjgVHmwcO6wrk/1JYhS9/0XbKibX//4+0FqQ
EJtE0fJxA9I3iR2+wO9/tf79IMf312Oo22oihpcRCrfafN+V2ZDGJPEEEMgzaX3i
AEWuju5CN7JU30Fc1zN+S385klapiDZSzSUYpNwS2P1D0MQNRIALMN978Jtkk65f
Ui/PciC94pvpv5BRkNoTJEHtAVyPu4BAGbaD4ESLNs4R8w1RP68pDsG8Z4fYtlKF
ALvsR6b/jZOvks0OTkdbeh3iMSqK6W1OkKX0YrhQEsgLkKaRrAxc
-----END CERTIFICATE-----
Generated at Mon Mar 2 20:01:56 2026 by rpki-client