Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3132382e302f32342d3234203d3e20313534343130.roa
File: 3139352e35382e3132382e302f32342d3234203d3e20313534343130.roa (raw, json)
Hash identifier: RxPbGdVcIdjdwkjs58U3mqMtmyfPB5WvnfJBAZ/JiWM=
Subject key identifier: F5:6C:E5:76:3E:70:B0:47:09:48:AC:2A:FD:5C:62:A5:CA:29:D0:E1
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 148652B91D6975062DCF2D6806AB51AD21BDD5B6
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3132382e302f32342d3234203d3e20313534343130.roa
Signing time: Wed 25 Mar 2026 15:13:45 +0000
ROA not before: Wed 25 Mar 2026 15:08:45 +0000
ROA not after: Wed 24 Mar 2027 15:13:45 +0000
asID: 154410
IP address blocks: 195.58.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 17:02:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:86:52:b9:1d:69:75:06:2d:cf:2d:68:06:ab:51:ad:21:bd:d5:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Mar 25 15:08:45 2026 GMT
Not After : Mar 24 15:13:45 2027 GMT
Subject: CN=F56CE5763E70B0470948AC2AFD5C62A5CA29D0E1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b1:2d:cc:9f:08:ae:34:00:a6:31:91:3f:4e:
79:b8:4f:ac:71:5e:b8:b5:dc:4a:0a:78:5d:79:56:
c2:6f:78:27:06:4b:99:e7:39:eb:56:a1:de:93:42:
29:eb:24:aa:54:73:27:f8:c3:62:2c:36:36:70:9d:
fa:d0:87:02:6e:2a:f4:9e:27:a1:c7:88:2a:75:4e:
ef:c6:1c:bc:27:c6:c1:a5:fd:ca:4f:63:a8:cb:81:
2c:2f:1a:a3:3b:52:2f:04:2e:d6:90:a1:e0:4f:33:
a9:30:51:39:5e:fb:b4:f7:6b:03:d4:81:0d:a5:be:
75:62:c2:c5:57:0a:c2:9c:2a:8f:63:a7:43:18:58:
14:e9:fe:04:e7:14:e4:1a:b5:12:2b:56:64:8f:35:
8f:bd:1a:5c:f4:78:c4:eb:6f:f7:dc:f3:b9:f0:4e:
81:da:54:1a:a5:d3:96:3d:d0:9f:19:9e:c9:33:2e:
11:9a:e6:a5:c6:d9:04:4b:c0:6c:8f:1d:cc:f7:73:
93:ae:49:a7:70:79:6c:dc:cd:c9:2d:ce:d1:6b:b1:
55:45:45:77:6d:50:66:33:b4:86:d2:2e:c5:97:d1:
b4:a6:63:18:4b:58:51:c0:aa:3d:48:61:07:4e:a5:
48:5e:81:02:13:dd:4e:38:b8:a9:a6:d0:dd:82:da:
ef:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:6C:E5:76:3E:70:B0:47:09:48:AC:2A:FD:5C:62:A5:CA:29:D0:E1
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3132382e302f32342d3234203d3e20313534343130.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.58.128.0/24
Signature Algorithm: sha256WithRSAEncryption
31:18:90:8d:f4:87:22:73:8c:c2:05:b2:05:3c:24:6b:65:29:
24:65:a4:f2:1b:e4:0d:fc:57:46:6d:18:6b:26:3b:29:c9:18:
3c:87:8c:41:48:59:d4:f6:e9:f5:e3:60:45:5c:f3:50:23:b3:
f8:ad:6b:ce:e5:b4:30:a5:99:54:40:2d:db:30:f2:6c:3f:89:
3f:c9:81:24:22:20:58:52:0d:3a:64:18:fe:88:ff:b2:5e:fb:
15:01:11:c1:f3:82:c3:c3:6a:fb:da:38:72:f9:7e:f3:a1:80:
4e:e1:f3:24:2a:36:32:80:5e:b1:8f:7a:18:b9:6a:65:40:fd:
17:84:b3:b7:8a:ad:f0:8d:6c:16:46:6f:80:cb:93:1a:5e:ad:
ff:42:4c:52:90:38:03:a3:7d:28:86:89:8d:17:f9:93:f0:cf:
0f:bb:77:23:b1:f2:e4:a7:19:06:86:ae:5e:47:fa:b5:82:eb:
2d:27:f8:3b:e9:a0:ef:df:0e:ca:7a:74:51:5c:d9:87:40:09:
00:e7:ea:0a:08:5d:29:eb:ab:19:c4:d2:8d:3d:9d:a0:53:84:
46:50:9d:dd:5f:2a:2f:a5:74:ee:17:ae:3a:e3:43:37:0c:ea:
e5:27:92:24:76:37:a3:1b:95:88:59:55:03:7d:bb:45:df:b3:
9b:cc:3c:6d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUFIZSuR1pdQYtzy1oBqtRrSG91bYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjAzMjUxNTA4NDVaFw0yNzAzMjQxNTEzNDVaMDMxMTAvBgNV
BAMTKEY1NkNFNTc2M0U3MEIwNDcwOTQ4QUMyQUZENUM2MkE1Q0EyOUQwRTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQsS3MnwiuNACmMZE/Tnm4T6xx
Xri13EoKeF15VsJveCcGS5nnOetWod6TQinrJKpUcyf4w2IsNjZwnfrQhwJuKvSe
J6HHiCp1Tu/GHLwnxsGl/cpPY6jLgSwvGqM7Ui8ELtaQoeBPM6kwUTle+7T3awPU
gQ2lvnViwsVXCsKcKo9jp0MYWBTp/gTnFOQatRIrVmSPNY+9Glz0eMTrb/fc87nw
ToHaVBql05Y90J8ZnskzLhGa5qXG2QRLwGyPHcz3c5OuSadweWzczcktztFrsVVF
RXdtUGYztIbSLsWX0bSmYxhLWFHAqj1IYQdOpUhegQIT3U44uKmm0N2C2u8dAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU9Wzldj5wsEcJSKwq/Vxipcop0OEwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzOTM1MmUzNTM4MmUzMTMy
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM1MzQzNDMxMzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADDOoAwDQYJKoZIhvcNAQELBQADggEBADEYkI30hyJzjMIFsgU8JGtlKSRlpPIb
5A38V0ZtGGsmOynJGDyHjEFIWdT26fXjYEVc81Ajs/ita87ltDClmVRALdsw8mw/
iT/JgSQiIFhSDTpkGP6I/7Je+xUBEcHzgsPDavvaOHL5fvOhgE7h8yQqNjKAXrGP
ehi5amVA/ReEs7eKrfCNbBZGb4DLkxperf9CTFKQOAOjfSiGiY0X+ZPwzw+7dyOx
8uSnGQaGrl5H+rWC6y0n+DvpoO/fDsp6dFFc2YdACQDn6goIXSnrqxnE0o09naBT
hEZQnd1fKi+ldO4XrjrjQzcM6uUnkiR2N6MblYhZVQN9u0Xfs5vMPG0=
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:38:47 2026 by rpki-client