Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139332e34332e37302e302f32342d3234203d3e20313336373837.roa
File: 3139332e34332e37302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: yGZjdbZHgj7eAbxZ1SE1fHjpcGnZQZVL1udmL2odqkI=
Subject key identifier: 16:A4:69:EE:E7:FA:4D:3E:7E:13:98:E8:32:6F:31:C2:4D:92:2B:D5
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 2821C448DA790BCEE2F52AF2703644891F65DED3
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139332e34332e37302e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 04 Feb 2026 20:23:15 +0000
ROA not before: Wed 04 Feb 2026 20:18:15 +0000
ROA not after: Wed 03 Feb 2027 20:23:15 +0000
asID: 136787
IP address blocks: 193.43.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 21:16:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:21:c4:48:da:79:0b:ce:e2:f5:2a:f2:70:36:44:89:1f:65:de:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Feb 4 20:18:15 2026 GMT
Not After : Feb 3 20:23:15 2027 GMT
Subject: CN=16A469EEE7FA4D3E7E1398E8326F31C24D922BD5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ac:cb:e7:9d:d2:ea:bf:59:c8:d9:80:4f:56:
19:6f:67:af:4f:59:58:65:fd:da:8b:9e:9f:32:91:
3c:02:0e:de:62:ae:35:5e:c1:29:a3:72:ac:3f:a1:
7e:1a:b3:e0:aa:c2:17:65:96:25:5b:0a:06:4a:f1:
8b:c2:4c:19:9e:58:e8:ea:27:73:91:1c:6a:93:72:
81:25:46:f8:ea:bd:be:3a:e5:3c:fb:28:60:f0:f2:
5d:53:0d:cf:87:d3:87:6e:a5:02:b0:04:11:2c:21:
f0:a1:86:42:a8:75:29:9e:33:3d:b3:19:79:23:10:
22:30:dd:6e:9c:17:55:f2:e2:f9:18:7e:58:0f:f3:
b4:a8:ac:35:e8:87:9f:7b:91:5c:01:56:08:1e:7d:
0f:08:e6:eb:e4:aa:05:85:0d:f5:1c:ae:ea:9c:ef:
dd:8c:df:c6:15:55:7d:ef:74:7a:1a:fa:33:ab:ce:
c2:00:ac:8f:45:74:c3:c0:3a:90:4f:9b:af:21:65:
ca:5c:49:7c:aa:66:81:2e:52:dd:87:45:b3:c8:45:
c2:5b:70:b3:76:d3:dd:20:b8:98:6f:01:81:10:dd:
7e:b2:26:52:52:ec:b6:67:33:e9:55:53:ae:ed:ae:
68:06:d5:82:32:fe:a4:57:de:f6:85:48:13:c5:95:
0f:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:A4:69:EE:E7:FA:4D:3E:7E:13:98:E8:32:6F:31:C2:4D:92:2B:D5
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139332e34332e37302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.43.70.0/24
Signature Algorithm: sha256WithRSAEncryption
45:1e:ec:65:f2:c9:42:6f:e9:10:68:93:53:9b:ae:d7:aa:ea:
3f:26:35:1c:51:04:96:62:f7:8f:a0:f8:0d:6c:98:1a:7b:04:
67:5c:62:4f:08:7a:7b:5d:bf:ed:d9:be:34:34:02:81:53:94:
54:ff:96:95:7d:59:6c:24:83:c9:7f:3a:83:b6:cf:5b:9b:2b:
17:2f:3c:14:ca:3f:12:21:bc:3f:77:c0:4f:bf:b6:3d:9d:48:
40:87:c1:6c:12:19:b5:d8:f2:62:79:22:80:79:17:45:96:d2:
e1:55:2e:72:67:bd:ac:5b:a2:cf:9f:d9:6f:ed:13:bf:e4:a4:
08:94:15:83:f1:06:bd:74:3e:7d:72:5a:56:e8:a0:83:1f:24:
bc:72:5d:04:6c:c4:4a:f4:13:c6:14:0f:9a:26:ba:1b:99:ce:
4b:d3:54:47:c5:e2:17:9a:58:9c:f4:95:2b:24:ea:43:35:04:
9e:6d:c5:8f:19:db:9f:74:55:a7:09:1e:98:e7:b7:80:1e:6e:
a1:f7:b5:9e:45:e0:20:6e:b9:5c:b8:1a:0d:2b:d3:b9:6b:b6:
6d:ea:96:c5:5d:c2:b1:4d:a7:5d:2b:0f:44:bb:08:4e:03:b6:
80:94:e0:e7:3f:d0:ad:47:cd:50:d8:64:7a:16:49:ee:13:81:
42:17:eb:9e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUKCHESNp5C87i9SrycDZEiR9l3tMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNjAyMDQyMDE4MTVaFw0yNzAyMDMyMDIzMTVaMDMxMTAvBgNV
BAMTKDE2QTQ2OUVFRTdGQTREM0U3RTEzOThFODMyNkYzMUMyNEQ5MjJCRDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7rMvnndLqv1nI2YBPVhlvZ69P
WVhl/dqLnp8ykTwCDt5irjVewSmjcqw/oX4as+CqwhdlliVbCgZK8YvCTBmeWOjq
J3ORHGqTcoElRvjqvb465Tz7KGDw8l1TDc+H04dupQKwBBEsIfChhkKodSmeMz2z
GXkjECIw3W6cF1Xy4vkYflgP87SorDXoh597kVwBVggefQ8I5uvkqgWFDfUcruqc
792M38YVVX3vdHoa+jOrzsIArI9FdMPAOpBPm68hZcpcSXyqZoEuUt2HRbPIRcJb
cLN2090guJhvAYEQ3X6yJlJS7LZnM+lVU67trmgG1YIy/qRX3vaFSBPFlQ97AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUFqRp7uf6TT5+E5joMm8xwk2SK9UwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzOTMzMmUzNDMzMmUzNzMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wStGMA0GCSqGSIb3DQEBCwUAA4IBAQBFHuxl8slCb+kQaJNTm67Xquo/JjUcUQSW
YvePoPgNbJgaewRnXGJPCHp7Xb/t2b40NAKBU5RU/5aVfVlsJIPJfzqDts9bmysX
LzwUyj8SIbw/d8BPv7Y9nUhAh8FsEhm12PJieSKAeRdFltLhVS5yZ72sW6LPn9lv
7RO/5KQIlBWD8Qa9dD59clpW6KCDHyS8cl0EbMRK9BPGFA+aJrobmc5L01RHxeIX
mlic9JUrJOpDNQSebcWPGdufdFWnCR6Y57eAHm6h97WeReAgbrlcuBoNK9O5a7Zt
6pbFXcKxTaddKw9EuwhOA7aAlODnP9CtR81Q2GR6FknuE4FCF+ue
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:57:49 2026 by rpki-client