Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e3134362e31352e302f32342d3234203d3e20313336373837.roa
File: 3139342e3134362e31352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: NjRgUyqtjCzGwf/VHxRBmwSI8Fj/I5TZwz19DaA+Pj4=
Subject key identifier: BA:3F:F0:24:0F:83:64:AF:36:D8:41:A6:4C:16:E2:9A:36:D5:6A:95
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 3B287FB6727123923721C39B8056B453DBA600B8
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e3134362e31352e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 04 Feb 2026 20:23:16 +0000
ROA not before: Wed 04 Feb 2026 20:18:16 +0000
ROA not after: Wed 03 Feb 2027 20:23:16 +0000
asID: 136787
IP address blocks: 194.146.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:28:7f:b6:72:71:23:92:37:21:c3:9b:80:56:b4:53:db:a6:00:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Feb 4 20:18:16 2026 GMT
Not After : Feb 3 20:23:16 2027 GMT
Subject: CN=BA3FF0240F8364AF36D841A64C16E29A36D56A95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:35:59:3e:80:9d:44:5b:be:81:a3:9c:02:20:
ba:c9:21:8b:e9:f2:9a:73:b1:6f:c5:4e:44:dc:f6:
85:2f:26:e1:63:35:4b:c4:65:0b:7f:a5:8d:3e:63:
f7:2e:78:6c:25:b4:d0:90:29:55:76:6c:e6:49:53:
4e:b1:66:9c:10:9a:c6:46:a2:9e:fc:9f:0f:b1:83:
95:ba:39:dd:b4:7f:d6:12:d4:dc:e1:8d:b5:0e:3d:
6d:22:af:17:5f:02:1d:f0:7d:16:8b:be:c9:f4:f3:
2f:c9:a2:dd:97:81:d6:7f:b2:d2:b0:d1:62:c7:d2:
c4:dd:10:1a:a0:fb:fb:8f:8f:b9:9d:f9:c9:b6:06:
04:ca:dc:fe:19:23:80:f7:9f:7f:bc:af:c1:02:ba:
63:78:c7:e3:15:57:0b:cb:52:79:0d:52:53:fe:c2:
17:46:e0:02:8d:b3:ba:37:96:39:63:69:53:d0:ca:
4e:c4:4a:16:03:6e:e3:cc:90:a7:05:b9:e6:ce:6f:
d0:4f:23:ab:b1:67:bb:e3:6b:76:a9:76:8b:65:65:
56:97:1a:c9:0f:57:87:e0:ac:2d:4b:c0:ae:b2:11:
d3:9f:82:84:a6:b3:1d:ea:5d:69:5a:f8:9e:bf:b1:
68:2a:c2:ab:23:6d:78:3c:6b:50:5e:d1:d2:e1:be:
fe:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:3F:F0:24:0F:83:64:AF:36:D8:41:A6:4C:16:E2:9A:36:D5:6A:95
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e3134362e31352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.146.15.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:27:03:54:10:e7:90:0c:08:71:55:d9:31:33:52:c0:13:85:
87:e3:5e:96:ce:0d:d5:ad:fe:e0:c5:43:cb:87:ac:d8:1c:09:
0a:74:d8:45:a7:38:74:11:8c:55:06:53:e6:b2:5f:01:69:66:
2f:d2:6f:ac:5e:df:27:15:bf:20:5d:ca:c1:13:4b:d4:20:d3:
e4:0a:3b:99:c9:38:2c:4c:c1:56:e2:97:5b:25:38:ae:ff:6f:
18:21:48:89:75:de:26:db:8b:cf:21:f9:15:38:33:d6:47:df:
0a:a2:b5:98:c8:61:72:f2:b6:88:92:82:41:f0:a8:ca:32:f5:
8d:3e:ce:17:f6:4b:c8:79:ab:29:a7:e8:85:29:08:95:d1:30:
74:42:58:93:75:4d:16:8f:08:35:34:38:7b:2b:4d:0b:39:f2:
c5:2a:0f:e6:4c:10:a5:51:97:35:4b:a4:7c:ea:2a:d2:30:f4:
d5:8f:17:b9:d1:fc:74:26:a3:05:19:36:47:c2:35:dd:94:8e:
eb:c8:5b:55:3b:41:20:da:77:cc:31:f8:59:99:93:4f:68:82:
f8:0e:ac:11:3f:2e:94:15:f1:09:d9:d4:f2:cf:8f:80:eb:a8:
cd:3d:5f:4c:c5:df:86:e8:67:82:1a:e8:91:03:5c:b6:6c:58:
b5:14:05:80
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUOyh/tnJxI5I3IcObgFa0U9umALgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNjAyMDQyMDE4MTZaFw0yNzAyMDMyMDIzMTZaMDMxMTAvBgNV
BAMTKEJBM0ZGMDI0MEY4MzY0QUYzNkQ4NDFBNjRDMTZFMjlBMzZENTZBOTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSNVk+gJ1EW76Bo5wCILrJIYvp
8ppzsW/FTkTc9oUvJuFjNUvEZQt/pY0+Y/cueGwltNCQKVV2bOZJU06xZpwQmsZG
op78nw+xg5W6Od20f9YS1NzhjbUOPW0irxdfAh3wfRaLvsn08y/Jot2XgdZ/stKw
0WLH0sTdEBqg+/uPj7md+cm2BgTK3P4ZI4D3n3+8r8ECumN4x+MVVwvLUnkNUlP+
whdG4AKNs7o3ljljaVPQyk7EShYDbuPMkKcFuebOb9BPI6uxZ7vja3apdotlZVaX
GskPV4fgrC1LwK6yEdOfgoSmsx3qXWla+J6/sWgqwqsjbXg8a1Be0dLhvv7xAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUuj/wJA+DZK822EGmTBbimjbVapUwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzOTM0MmUzMTM0MzYyZTMx
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCkg8wDQYJKoZIhvcNAQELBQADggEBAIsnA1QQ55AMCHFV2TEzUsAThYfjXpbO
DdWt/uDFQ8uHrNgcCQp02EWnOHQRjFUGU+ayXwFpZi/Sb6xe3ycVvyBdysETS9Qg
0+QKO5nJOCxMwVbil1slOK7/bxghSIl13ibbi88h+RU4M9ZH3wqitZjIYXLytoiS
gkHwqMoy9Y0+zhf2S8h5qymn6IUpCJXRMHRCWJN1TRaPCDU0OHsrTQs58sUqD+ZM
EKVRlzVLpHzqKtIw9NWPF7nR/HQmowUZNkfCNd2UjuvIW1U7QSDad8wx+FmZk09o
gvgOrBE/LpQV8QnZ1PLPj4DrqM09X0zF34boZ4Ia6JEDXLZsWLUUBYA=
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:44:47 2026 by rpki-client