Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139362e302f32342d3234203d3e20323030303137.roa
File: 3139342e33312e3139362e302f32342d3234203d3e20323030303137.roa (raw, json)
Hash identifier: mYDAbrfXE2SMRwMvSEq6zRWmL22fizr0hTNDEPKCMHw=
Subject key identifier: 05:8E:2D:13:96:F0:D6:80:CA:BB:CF:8E:C7:25:67:90:64:A2:20:26
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 0B6B7595B31B46D338D2448789FD709AC852B998
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139362e302f32342d3234203d3e20323030303137.roa
Signing time: Tue 28 Apr 2026 08:47:06 +0000
ROA not before: Tue 28 Apr 2026 08:42:06 +0000
ROA not after: Tue 27 Apr 2027 08:47:06 +0000
asID: 200017
IP address blocks: 194.31.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:6b:75:95:b3:1b:46:d3:38:d2:44:87:89:fd:70:9a:c8:52:b9:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Apr 28 08:42:06 2026 GMT
Not After : Apr 27 08:47:06 2027 GMT
Subject: CN=058E2D1396F0D680CABBCF8EC725679064A22026
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:20:d4:18:d9:af:8d:78:23:22:c8:41:fe:5e:
56:56:2b:bf:61:11:6a:37:01:33:e1:8e:70:59:92:
f9:5d:84:ce:07:30:18:7e:ae:f2:68:fa:cd:50:09:
8a:1a:6e:7c:f5:26:e2:bb:d6:5a:01:1d:ac:8d:76:
8f:10:fd:fe:12:1e:88:a6:05:de:93:a6:33:69:df:
fb:ff:06:f0:7a:a5:88:7d:46:e9:74:c3:31:7f:22:
30:8a:8e:11:ac:13:a1:1e:db:ea:1e:a4:d0:2d:4f:
f8:ee:0f:20:30:40:2c:c0:4a:da:f9:f9:f9:17:de:
6b:2f:18:63:87:e1:38:28:ed:f5:7d:5d:ad:00:5b:
95:e7:8d:cf:d2:3b:31:60:09:d1:48:d9:d7:34:91:
56:f9:bb:fa:fe:f8:77:5b:c9:a6:31:f7:a3:41:d7:
c1:2c:09:ed:4b:a8:ce:94:1f:0c:9b:61:9d:11:96:
20:89:46:db:17:e6:5d:92:26:ff:2e:8c:08:ac:ad:
e1:f4:d6:5d:85:97:77:24:fd:fb:e6:34:a7:71:e7:
bc:6c:c9:30:46:69:90:08:ea:84:66:c3:9d:3b:2d:
ed:13:33:8c:ae:be:6a:58:ba:fa:a6:66:fc:d3:c0:
a7:86:5f:31:75:a8:62:7f:ef:78:85:38:db:47:6f:
9c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:8E:2D:13:96:F0:D6:80:CA:BB:CF:8E:C7:25:67:90:64:A2:20:26
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139362e302f32342d3234203d3e20323030303137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.196.0/24
Signature Algorithm: sha256WithRSAEncryption
62:62:88:4b:6e:b1:5b:5b:f7:06:33:8b:ec:56:10:61:b7:00:
0f:bd:86:69:1b:d9:eb:c8:7e:53:1b:cb:a2:b1:17:1d:cd:02:
39:5d:dc:c7:71:5b:88:3c:bd:f6:fc:05:55:11:f1:6d:8d:57:
6c:6f:48:3a:e8:f6:2b:f6:f3:75:3c:fa:fe:63:d9:a5:74:6a:
6e:85:9f:a1:49:b7:02:be:1b:3b:da:d6:52:f2:99:cd:ea:fd:
9b:0f:08:28:c7:3d:6a:7e:e3:bf:48:6f:bd:75:bb:77:99:4d:
1e:e8:47:47:e0:cb:1c:9f:c7:16:c7:4b:5c:6e:93:fb:9e:a5:
24:cc:3a:69:22:a3:5f:ef:64:bf:3d:ee:a9:de:4b:49:8c:e0:
58:ae:aa:8a:58:06:55:cd:64:53:fd:0a:3c:64:7e:7a:28:a6:
37:1a:45:77:12:06:aa:17:ad:27:73:3b:49:db:71:b0:1c:a3:
0b:20:4d:f3:cf:11:cd:32:3f:da:e2:b7:84:88:c4:82:04:38:
4a:d8:b3:d5:12:a0:80:55:74:5b:c1:32:86:93:ac:01:75:29:
62:fd:08:a1:a2:19:59:0e:c1:f2:83:42:9c:ed:ec:f2:d1:73:
f0:5b:9f:a5:d4:ff:fa:f5:cf:0b:a1:7e:07:fa:69:0c:11:6d:
46:08:b2:cb
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUC2t1lbMbRtM40kSHif1wmshSuZgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNjA0MjgwODQyMDZaFw0yNzA0MjcwODQ3MDZaMDMxMTAvBgNV
BAMTKDA1OEUyRDEzOTZGMEQ2ODBDQUJCQ0Y4RUM3MjU2NzkwNjRBMjIwMjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnINQY2a+NeCMiyEH+XlZWK79h
EWo3ATPhjnBZkvldhM4HMBh+rvJo+s1QCYoabnz1JuK71loBHayNdo8Q/f4SHoim
Bd6TpjNp3/v/BvB6pYh9Rul0wzF/IjCKjhGsE6Ee2+oepNAtT/juDyAwQCzAStr5
+fkX3msvGGOH4Tgo7fV9Xa0AW5Xnjc/SOzFgCdFI2dc0kVb5u/r++HdbyaYx96NB
18EsCe1LqM6UHwybYZ0RliCJRtsX5l2SJv8ujAisreH01l2Fl3ck/fvmNKdx57xs
yTBGaZAI6oRmw507Le0TM4yuvmpYuvqmZvzTwKeGXzF1qGJ/73iFONtHb5xjAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUBY4tE5bw1oDKu8+OxyVnkGSiICYwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzEzOTM0MmUzMzMxMmUzMTM5
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzAzMDMxMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCH8QwDQYJKoZIhvcNAQELBQADggEBAGJiiEtusVtb9wYzi+xWEGG3AA+9hmkb
2evIflMby6KxFx3NAjld3MdxW4g8vfb8BVUR8W2NV2xvSDro9iv283U8+v5j2aV0
am6Fn6FJtwK+Gzva1lLymc3q/ZsPCCjHPWp+479Ib711u3eZTR7oR0fgyxyfxxbH
S1xuk/uepSTMOmkio1/vZL897qneS0mM4FiuqopYBlXNZFP9CjxkfnoopjcaRXcS
BqoXrSdzO0nbcbAcowsgTfPPEc0yP9rit4SIxIIEOErYs9USoIBVdFvBMoaTrAF1
KWL9CKGiGVkOwfKDQpzt7PLRc/Bbn6XU//r1zwuhfgf6aQwRbUYIsss=
-----END CERTIFICATE-----
Generated at Wed May 13 11:57:47 2026 by rpki-client