Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/39312e3230352e3130372e302f32342d3234203d3e20323132323338.roa
File: 39312e3230352e3130372e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: feuM1W/uK7ao5BfSV9ILiyRnct5KLR+DHnVAf1YR518=
Subject key identifier: 2B:3A:4D:D9:A8:53:B1:53:1D:AA:73:19:2B:DF:DD:7E:5F:5F:57:C6
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 7B2624F1611560BD93F66E2F0769F00594D8ACF5
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/39312e3230352e3130372e302f32342d3234203d3e20323132323338.roa
Signing time: Thu 04 Jun 2026 20:24:59 +0000
ROA not before: Thu 04 Jun 2026 20:19:59 +0000
ROA not after: Thu 03 Jun 2027 20:24:59 +0000
asID: 212238
IP address blocks: 91.205.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 20:26:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:26:24:f1:61:15:60:bd:93:f6:6e:2f:07:69:f0:05:94:d8:ac:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Jun 4 20:19:59 2026 GMT
Not After : Jun 3 20:24:59 2027 GMT
Subject: CN=2B3A4DD9A853B1531DAA73192BDFDD7E5F5F57C6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0a:c4:dd:10:62:92:0b:6f:d8:62:39:0b:31:
e5:b0:e2:db:65:d4:66:9c:23:cb:8a:95:ca:c8:21:
52:a1:78:d4:3f:7b:4c:12:85:2e:da:cb:3c:96:e8:
de:17:3f:ae:14:4c:db:5f:e8:de:ca:ab:fb:9f:54:
a1:5d:db:ad:92:70:27:e7:24:87:d3:a2:58:ef:ef:
c2:ac:d8:30:60:d6:fe:60:b3:7a:73:99:34:16:5e:
38:e2:cc:f7:af:d0:65:a5:13:1b:e9:07:5b:8d:3d:
1a:76:c2:9d:d1:26:bd:30:e8:c5:3b:bc:e5:80:3c:
27:2f:5f:0e:30:f4:58:a5:68:29:47:d6:69:61:eb:
56:cf:a3:30:43:d7:a2:b0:fc:88:c3:d1:cd:e8:73:
14:c2:20:11:75:28:8d:58:69:02:6a:ce:e7:4a:ae:
4a:f3:30:82:2b:f3:74:63:d8:bd:d2:11:43:18:fa:
bb:ef:1a:2c:c9:82:50:6f:7f:18:27:8a:ba:65:36:
68:43:d8:b8:4e:54:18:e1:70:3f:cf:93:a2:47:08:
1b:b1:c9:c5:97:4c:f4:dc:fc:b5:ec:c8:11:c8:43:
72:76:21:8c:12:7c:7c:ef:0e:4b:7e:4a:8e:a9:aa:
f9:f0:2d:9b:5d:8d:58:ec:d9:66:93:5a:b9:2c:cc:
a6:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:3A:4D:D9:A8:53:B1:53:1D:AA:73:19:2B:DF:DD:7E:5F:5F:57:C6
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/39312e3230352e3130372e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.107.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:9d:09:ec:15:b7:da:b5:fd:62:74:40:6d:21:39:ff:d1:2d:
a2:ae:61:93:9f:8a:5d:17:65:56:33:f3:0e:2b:51:b8:0e:23:
10:e5:c3:50:31:91:46:b6:3b:99:e0:75:33:c0:db:7d:19:57:
48:14:52:56:e5:f9:b7:9f:16:cb:4c:1a:be:53:77:28:ad:f9:
bf:f5:f5:04:db:57:c6:8c:02:c8:12:37:95:52:d1:69:27:f0:
b4:aa:a3:45:3e:77:7f:02:fd:ea:30:93:bc:6d:0d:65:3b:b6:
80:83:94:91:5a:21:d9:33:f1:a7:99:14:77:8a:cd:93:bc:c4:
6c:a2:fa:d1:5a:e8:4d:e7:16:c5:db:ed:2f:c5:89:eb:d2:73:
b7:9c:f1:27:0c:ba:92:9f:9b:c3:6e:02:6e:62:ec:c4:ae:b2:
22:c2:c7:60:ca:4f:e4:e2:f5:04:a4:e4:10:8e:bb:76:6f:44:
21:19:aa:1d:04:4b:32:a1:b3:04:d0:58:94:08:3a:a2:7d:5d:
d7:3e:b4:3f:43:cc:90:42:0e:26:0a:c0:ac:f9:3a:0e:6a:c6:
a1:49:e4:20:50:82:a7:6e:b2:f5:15:d8:ef:48:6a:ab:47:a5:
f4:af:48:6c:24:c0:a5:ee:03:5f:59:5b:c5:5d:e1:02:14:19:
6b:c6:af:44
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUeyYk8WEVYL2T9m4vB2nwBZTYrPUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNjA2MDQyMDE5NTlaFw0yNzA2MDMyMDI0NTlaMDMxMTAvBgNV
BAMTKDJCM0E0REQ5QTg1M0IxNTMxREFBNzMxOTJCREZERDdFNUY1RjU3QzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDACsTdEGKSC2/YYjkLMeWw4ttl
1GacI8uKlcrIIVKheNQ/e0wShS7ayzyW6N4XP64UTNtf6N7Kq/ufVKFd262ScCfn
JIfToljv78Ks2DBg1v5gs3pzmTQWXjjizPev0GWlExvpB1uNPRp2wp3RJr0w6MU7
vOWAPCcvXw4w9FilaClH1mlh61bPozBD16Kw/IjD0c3ocxTCIBF1KI1YaQJqzudK
rkrzMIIr83Rj2L3SEUMY+rvvGizJglBvfxgnirplNmhD2LhOVBjhcD/Pk6JHCBux
ycWXTPTc/LXsyBHIQ3J2IYwSfHzvDkt+So6pqvnwLZtdjVjs2WaTWrkszKYlAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUKzpN2ahTsVMdqnMZK9/dfl9fV8YwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzkzMTJlMzIzMDM1MmUzMTMw
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMjMzMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABbzWswDQYJKoZIhvcNAQELBQADggEBAK6dCewVt9q1/WJ0QG0hOf/RLaKuYZOf
il0XZVYz8w4rUbgOIxDlw1AxkUa2O5ngdTPA230ZV0gUUlbl+befFstMGr5Tdyit
+b/19QTbV8aMAsgSN5VS0Wkn8LSqo0U+d38C/eowk7xtDWU7toCDlJFaIdkz8aeZ
FHeKzZO8xGyi+tFa6E3nFsXb7S/FievSc7ec8ScMupKfm8NuAm5i7MSusiLCx2DK
T+Ti9QSk5BCOu3ZvRCEZqh0ESzKhswTQWJQIOqJ9Xdc+tD9DzJBCDiYKwKz5Og5q
xqFJ5CBQgqdusvUV2O9IaqtHpfSvSGwkwKXuA19ZW8Vd4QIUGWvGr0Q=
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:18:01 2026 by rpki-client