Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3132392e302f32342d3234203d3e20313534343130.roa
File: 3139352e35382e3132392e302f32342d3234203d3e20313534343130.roa (raw, json)
Hash identifier: 719pz1J2M9LBzXYfxJZD7IOABsm+fjKN2rYOrlfaeGU=
Subject key identifier: C7:76:CB:13:33:A7:69:6D:AC:D0:E7:57:CE:5D:30:82:8F:DE:07:5F
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 72177EF33743BEE6957FEEB4BEF47FD008195037
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3132392e302f32342d3234203d3e20313534343130.roa
Signing time: Wed 25 Mar 2026 15:48:24 +0000
ROA not before: Wed 25 Mar 2026 15:43:24 +0000
ROA not after: Wed 24 Mar 2027 15:48:24 +0000
asID: 154410
IP address blocks: 195.58.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 17:02:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:17:7e:f3:37:43:be:e6:95:7f:ee:b4:be:f4:7f:d0:08:19:50:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Mar 25 15:43:24 2026 GMT
Not After : Mar 24 15:48:24 2027 GMT
Subject: CN=C776CB1333A7696DACD0E757CE5D30828FDE075F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:00:6e:8a:c9:74:a9:4b:e1:e6:b8:6b:a7:65:
48:cb:ee:19:91:34:62:cc:4d:29:68:fb:95:3b:fd:
cf:40:61:69:6d:9d:b6:6a:86:cf:0b:ed:9c:cf:8b:
89:6b:f3:b4:32:b5:d4:4c:05:62:9b:2c:00:fc:25:
b6:93:27:0f:3d:ad:e2:29:1a:77:f5:08:3b:43:ec:
e9:d5:7e:a3:96:94:e2:36:24:14:26:b0:29:6d:a2:
b9:7f:3f:63:c5:f5:e5:97:e0:1c:31:aa:1a:18:c3:
9a:91:22:67:f0:57:aa:3a:c5:00:d0:c6:b1:2c:b3:
0e:ac:bf:03:e4:62:53:10:fd:ab:38:92:3e:93:4f:
4a:00:95:62:fd:d8:0d:9c:cf:48:a6:eb:55:be:84:
74:5f:1c:3a:51:3e:70:04:6e:97:8c:f5:9a:74:80:
38:9c:8d:8c:7e:cf:50:c8:56:7a:7c:6d:d8:6d:19:
c8:83:04:5d:ce:06:30:13:75:64:e6:67:be:61:7d:
ac:28:77:49:16:7a:b3:c1:eb:be:6f:af:96:8f:35:
0b:29:3a:13:f3:b9:e2:c4:f3:ff:d6:cf:c0:7c:7f:
51:a6:7a:ed:bb:fb:65:d7:14:04:30:81:ae:83:15:
88:f0:0e:3f:d9:49:64:4b:f2:e2:92:7c:af:fe:58:
1d:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:76:CB:13:33:A7:69:6D:AC:D0:E7:57:CE:5D:30:82:8F:DE:07:5F
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3132392e302f32342d3234203d3e20313534343130.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.58.129.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:4d:fe:52:f2:e4:d9:e5:b8:57:8f:6f:40:8a:d3:bd:ca:cc:
ab:80:fc:57:10:8a:ed:4f:11:f1:50:77:11:f4:a7:de:86:62:
b9:2f:0f:a2:30:ff:17:7e:ad:ec:46:81:6c:33:6f:e0:24:8d:
f2:b6:51:4c:0c:ba:20:51:21:6c:56:38:b9:02:c2:62:b9:39:
9e:a4:e2:bf:ee:f8:10:71:f6:2e:ea:c7:be:2f:f2:64:ae:06:
e2:66:49:6a:69:c2:90:a0:ae:78:1a:72:e9:5c:c9:f0:70:c1:
d7:f7:27:4d:6b:5c:d9:77:98:1e:df:6b:db:30:e1:60:ce:01:
d3:6c:0e:97:a1:da:19:14:cb:0b:b4:8e:91:13:c0:64:29:51:
48:86:c4:5f:ee:d9:a5:70:b6:5e:0e:17:d2:71:45:69:0f:81:
bd:6a:73:c2:a6:bb:90:2d:ce:78:fd:83:44:ad:37:71:ed:1f:
fc:f0:59:80:d1:96:8a:5e:19:ad:04:34:bc:37:60:0f:31:ba:
85:43:e8:5b:02:a5:28:40:25:9b:1f:69:3c:4c:ac:e9:86:74:
5a:58:70:f3:79:d7:06:84:54:63:74:9a:98:c4:30:bf:ff:60:
06:36:e8:1e:aa:61:67:dd:bc:9c:07:40:60:e2:90:95:8c:c0:
d8:74:49:14
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUchd+8zdDvuaVf+60vvR/0AgZUDcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjAzMjUxNTQzMjRaFw0yNzAzMjQxNTQ4MjRaMDMxMTAvBgNV
BAMTKEM3NzZDQjEzMzNBNzY5NkRBQ0QwRTc1N0NFNUQzMDgyOEZERTA3NUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7AG6KyXSpS+HmuGunZUjL7hmR
NGLMTSlo+5U7/c9AYWltnbZqhs8L7ZzPi4lr87QytdRMBWKbLAD8JbaTJw89reIp
Gnf1CDtD7OnVfqOWlOI2JBQmsCltorl/P2PF9eWX4BwxqhoYw5qRImfwV6o6xQDQ
xrEssw6svwPkYlMQ/as4kj6TT0oAlWL92A2cz0im61W+hHRfHDpRPnAEbpeM9Zp0
gDicjYx+z1DIVnp8bdhtGciDBF3OBjATdWTmZ75hfawod0kWerPB675vr5aPNQsp
OhPzueLE8//Wz8B8f1Gmeu27+2XXFAQwga6DFYjwDj/ZSWRL8uKSfK/+WB07AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUx3bLEzOnaW2s0OdXzl0wgo/eB18wHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzOTM1MmUzNTM4MmUzMTMy
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM1MzQzNDMxMzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADDOoEwDQYJKoZIhvcNAQELBQADggEBAExN/lLy5NnluFePb0CK073KzKuA/FcQ
iu1PEfFQdxH0p96GYrkvD6Iw/xd+rexGgWwzb+AkjfK2UUwMuiBRIWxWOLkCwmK5
OZ6k4r/u+BBx9i7qx74v8mSuBuJmSWppwpCgrngaculcyfBwwdf3J01rXNl3mB7f
a9sw4WDOAdNsDpeh2hkUywu0jpETwGQpUUiGxF/u2aVwtl4OF9JxRWkPgb1qc8Km
u5Atznj9g0StN3HtH/zwWYDRlopeGa0ENLw3YA8xuoVD6FsCpShAJZsfaTxMrOmG
dFpYcPN51waEVGN0mpjEML//YAY26B6qYWfdvJwHQGDikJWMwNh0SRQ=
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:38:49 2026 by rpki-client