Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/39312e3230352e3130362e302f32342d3234203d3e20313336373837.roa
File: 39312e3230352e3130362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 6JekNzfmjD3QPzXj7m0H3PISejsITHH62YUd/NhRCU4=
Subject key identifier: 95:70:20:FC:66:B8:14:B4:9A:53:B4:07:BF:C7:DA:2E:28:36:AE:98
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 7010153A151527400D9C5427A74DC4720FCC4836
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/39312e3230352e3130362e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 04 Feb 2026 20:23:15 +0000
ROA not before: Wed 04 Feb 2026 20:18:15 +0000
ROA not after: Wed 03 Feb 2027 20:23:15 +0000
asID: 136787
IP address blocks: 91.205.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:10:15:3a:15:15:27:40:0d:9c:54:27:a7:4d:c4:72:0f:cc:48:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Feb 4 20:18:15 2026 GMT
Not After : Feb 3 20:23:15 2027 GMT
Subject: CN=957020FC66B814B49A53B407BFC7DA2E2836AE98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:92:18:f9:1d:9e:25:da:1a:f9:0d:1d:85:7f:
5f:bf:40:e9:18:63:ee:a6:f5:0d:8e:f5:56:e3:1f:
2a:26:fe:62:84:06:26:99:7d:f1:c5:41:be:6f:1a:
a3:22:74:b0:f1:95:8e:5a:24:ed:72:72:26:ba:1f:
9c:09:23:65:6d:29:9e:da:eb:2f:dc:8b:0f:60:fc:
14:0c:68:3f:8d:f5:79:9a:c9:11:19:ea:3a:2b:f7:
cf:8e:55:f6:68:85:47:c7:ff:06:4a:5d:55:f1:7f:
fe:c0:f0:6f:2a:27:fe:90:3e:27:fd:c8:08:e0:0c:
9a:ab:b8:f2:81:18:5c:8d:ab:dc:11:48:c2:5a:35:
23:c0:72:f2:e9:c1:7e:b8:9a:e2:a3:b8:4f:ff:56:
4a:a8:b2:1f:f9:ce:73:ee:f9:f9:44:e4:cc:40:0b:
4d:42:05:5b:11:a1:dd:13:65:f3:04:4e:68:b6:05:
0e:35:b0:10:25:3f:45:1e:96:b8:7e:68:67:8b:ba:
79:e8:fd:f2:e1:12:8b:35:8c:56:c2:e0:6a:7b:a3:
b6:93:21:84:ae:7b:cf:c8:b3:86:59:ef:6c:84:cc:
c6:bc:c9:f5:ad:1b:a5:df:a7:b1:0e:cc:db:cb:ad:
e7:d3:7a:9e:73:dd:2a:b7:e3:78:23:a5:3e:58:af:
3a:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:70:20:FC:66:B8:14:B4:9A:53:B4:07:BF:C7:DA:2E:28:36:AE:98
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/39312e3230352e3130362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.106.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:1f:d5:13:b8:01:23:d7:20:be:e7:ed:7c:65:10:8c:56:f0:
dd:f1:d4:3e:9a:f7:0a:24:a8:02:62:2c:03:57:7c:a8:95:7a:
b6:88:23:d9:05:0f:66:3f:2f:32:d6:a2:63:16:ee:fa:82:c6:
ef:0a:78:ce:56:5a:2c:75:db:92:2d:14:79:54:46:dc:3a:3e:
28:c1:f4:0c:1c:d9:41:9a:38:08:27:1e:ea:29:b1:e0:2a:08:
b0:66:1d:8a:17:38:db:0f:88:65:f1:09:25:b6:e3:08:a1:4e:
65:36:bc:96:5c:7c:20:15:c6:50:48:d6:3a:63:cf:32:f5:51:
7e:82:62:a2:2e:c3:15:e4:d6:aa:10:ef:34:a6:97:6f:77:95:
32:0d:94:91:5d:37:e4:5e:e1:f2:30:4b:bd:a6:11:68:11:a3:
3d:ef:0a:a9:04:25:d5:67:0e:b0:d2:83:ce:62:68:b1:c0:86:
f2:a3:4c:03:a8:8b:36:d1:f6:ac:e2:27:1e:a1:8f:fb:0e:78:
7b:9b:43:85:9d:1c:ef:91:24:a2:d5:f9:e5:51:e3:c8:fe:43:
ee:84:ca:52:52:03:da:85:26:6a:d0:22:3a:5a:de:ab:00:2b:
af:80:ac:d4:7a:3b:2c:f4:7c:00:4e:76:b4:cf:e0:7f:d4:45:
23:25:f5:6d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUcBAVOhUVJ0ANnFQnp03Ecg/MSDYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNjAyMDQyMDE4MTVaFw0yNzAyMDMyMDIzMTVaMDMxMTAvBgNV
BAMTKDk1NzAyMEZDNjZCODE0QjQ5QTUzQjQwN0JGQzdEQTJFMjgzNkFFOTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6khj5HZ4l2hr5DR2Ff1+/QOkY
Y+6m9Q2O9VbjHyom/mKEBiaZffHFQb5vGqMidLDxlY5aJO1ycia6H5wJI2VtKZ7a
6y/ciw9g/BQMaD+N9XmayREZ6jor98+OVfZohUfH/wZKXVXxf/7A8G8qJ/6QPif9
yAjgDJqruPKBGFyNq9wRSMJaNSPAcvLpwX64muKjuE//Vkqosh/5znPu+flE5MxA
C01CBVsRod0TZfMETmi2BQ41sBAlP0Uelrh+aGeLunno/fLhEos1jFbC4Gp7o7aT
IYSue8/Is4ZZ72yEzMa8yfWtG6Xfp7EOzNvLrefTep5z3Sq343gjpT5YrzrXAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUlXAg/Ga4FLSaU7QHv8faLig2rpgwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzkzMTJlMzIzMDM1MmUzMTMw
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABbzWowDQYJKoZIhvcNAQELBQADggEBAGof1RO4ASPXIL7n7XxlEIxW8N3x1D6a
9wokqAJiLANXfKiVeraII9kFD2Y/LzLWomMW7vqCxu8KeM5WWix125ItFHlURtw6
PijB9Awc2UGaOAgnHuopseAqCLBmHYoXONsPiGXxCSW24wihTmU2vJZcfCAVxlBI
1jpjzzL1UX6CYqIuwxXk1qoQ7zSml293lTINlJFdN+Re4fIwS72mEWgRoz3vCqkE
JdVnDrDSg85iaLHAhvKjTAOoizbR9qziJx6hj/sOeHubQ4WdHO+RJKLV+eVR48j+
Q+6EylJSA9qFJmrQIjpa3qsAK6+ArNR6Oyz0fABOdrTP4H/URSMl9W0=
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:26:47 2026 by rpki-client