Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3133322e302f32342d3234203d3e20323134343332.roa
File: 3139352e35382e3133322e302f32342d3234203d3e20323134343332.roa (raw, json)
Hash identifier: nSd7tNxK+1fgE72eYcC000lKH/osex2GFQhwLy+AE64=
Subject key identifier: 18:C0:2E:67:C0:85:19:42:57:0A:40:B0:B4:C3:BF:4E:33:CB:52:04
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 4F278DA96F904653CDE314D6CBCDCDB6FE560F20
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3133322e302f32342d3234203d3e20323134343332.roa
Signing time: Wed 06 May 2026 15:58:14 +0000
ROA not before: Wed 06 May 2026 15:53:14 +0000
ROA not after: Wed 05 May 2027 15:58:14 +0000
asID: 214432
IP address blocks: 195.58.132.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 01:10:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:27:8d:a9:6f:90:46:53:cd:e3:14:d6:cb:cd:cd:b6:fe:56:0f:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: May 6 15:53:14 2026 GMT
Not After : May 5 15:58:14 2027 GMT
Subject: CN=18C02E67C0851942570A40B0B4C3BF4E33CB5204
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:96:5a:38:bb:65:58:c9:a5:a1:78:e9:de:53:
71:a0:c2:c2:a2:b8:dc:5f:17:2c:c1:40:41:15:59:
88:70:1d:50:d2:9c:e5:18:8a:73:1b:f3:8a:eb:ad:
18:6f:10:6c:8b:65:f4:ef:64:02:3c:66:43:ed:1c:
6d:a4:f2:f3:e3:a0:78:b7:e3:a3:b0:26:30:ef:2f:
51:2e:ca:b1:6b:70:b9:a6:62:9b:3d:37:e8:c5:61:
3f:3d:23:2d:9c:95:6b:90:b1:18:1e:22:08:10:1d:
57:45:83:8f:fe:72:ce:5e:45:9d:85:a6:83:1b:61:
ff:83:ef:07:2e:66:15:26:7c:ac:33:0b:ae:09:a6:
ab:70:f2:7e:5d:6c:2b:e3:f3:ec:96:e2:63:a9:f4:
e8:03:b9:64:18:07:dd:61:8b:d1:3b:2b:73:d3:25:
eb:bd:b3:1d:d0:de:0d:6f:47:ab:2c:e4:99:e7:c7:
41:72:91:9e:64:de:85:58:0e:fb:69:d8:1e:70:4a:
de:97:37:f6:2d:d9:27:fe:cf:56:58:58:b9:51:c6:
6c:a4:4a:81:74:ba:1d:e6:aa:a0:6b:06:ec:3e:e7:
41:e5:3a:58:7d:f7:d1:dd:13:45:88:5c:66:f5:db:
9d:8f:f1:cc:2a:69:f1:82:d6:54:99:5f:7f:85:97:
66:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:C0:2E:67:C0:85:19:42:57:0A:40:B0:B4:C3:BF:4E:33:CB:52:04
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3133322e302f32342d3234203d3e20323134343332.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.58.132.0/24
Signature Algorithm: sha256WithRSAEncryption
06:89:80:09:ef:fa:7e:f4:29:a0:17:92:7a:70:69:3c:9d:3b:
38:42:94:ad:ff:a5:16:6a:1d:cc:5e:72:5a:67:7a:97:cc:db:
5b:58:22:83:20:b5:ba:f9:39:9c:a9:69:a3:ab:0b:7f:5f:c7:
43:72:2e:57:73:70:38:ba:e2:d5:7b:ac:36:37:6f:b2:00:f4:
6a:e9:b1:95:03:1e:0c:32:e9:be:ff:86:8f:a1:d6:7d:fd:79:
ff:d6:a0:83:78:da:f0:ce:e3:61:c5:0b:bb:e8:e4:8d:3a:4d:
58:2a:82:5f:79:4b:99:5b:18:fe:7d:a5:9c:bc:7d:06:6b:0d:
4d:c4:2e:77:e5:2b:4a:cc:c6:26:3c:03:00:65:da:ff:08:ed:
db:0a:ca:0c:be:4d:79:c4:0c:8e:f9:33:a2:11:34:11:2d:45:
5b:c7:fe:24:7f:f7:06:2d:3a:94:d5:7a:ad:25:eb:1d:8b:cf:
f3:da:0e:39:88:4b:08:28:49:f4:00:e3:76:46:9e:00:8d:9b:
7c:d9:27:c3:33:73:52:79:c1:37:e1:95:f2:63:7e:0d:e4:c8:
c0:69:26:35:a4:f7:c5:b1:93:c2:54:01:f3:f1:f1:20:1b:56:
7b:18:8f:ee:ce:e6:ff:52:ea:de:04:6f:ee:9b:b0:eb:f2:32:
34:d3:2a:4e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUTyeNqW+QRlPN4xTWy83Ntv5WDyAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjA1MDYxNTUzMTRaFw0yNzA1MDUxNTU4MTRaMDMxMTAvBgNV
BAMTKDE4QzAyRTY3QzA4NTE5NDI1NzBBNDBCMEI0QzNCRjRFMzNDQjUyMDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkllo4u2VYyaWheOneU3GgwsKi
uNxfFyzBQEEVWYhwHVDSnOUYinMb84rrrRhvEGyLZfTvZAI8ZkPtHG2k8vPjoHi3
46OwJjDvL1EuyrFrcLmmYps9N+jFYT89Iy2clWuQsRgeIggQHVdFg4/+cs5eRZ2F
poMbYf+D7wcuZhUmfKwzC64Jpqtw8n5dbCvj8+yW4mOp9OgDuWQYB91hi9E7K3PT
Jeu9sx3Q3g1vR6ss5Jnnx0FykZ5k3oVYDvtp2B5wSt6XN/Yt2Sf+z1ZYWLlRxmyk
SoF0uh3mqqBrBuw+50HlOlh999HdE0WIXGb1252P8cwqafGC1lSZX3+Fl2aZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUGMAuZ8CFGUJXCkCwtMO/TjPLUgQwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzOTM1MmUzNTM4MmUzMTMz
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzQzNDMzMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADDOoQwDQYJKoZIhvcNAQELBQADggEBAAaJgAnv+n70KaAXknpwaTydOzhClK3/
pRZqHcxeclpnepfM21tYIoMgtbr5OZypaaOrC39fx0NyLldzcDi64tV7rDY3b7IA
9GrpsZUDHgwy6b7/ho+h1n39ef/WoIN42vDO42HFC7vo5I06TVgqgl95S5lbGP59
pZy8fQZrDU3ELnflK0rMxiY8AwBl2v8I7dsKygy+TXnEDI75M6IRNBEtRVvH/iR/
9wYtOpTVeq0l6x2Lz/PaDjmISwgoSfQA43ZGngCNm3zZJ8Mzc1J5wTfhlfJjfg3k
yMBpJjWk98Wxk8JUAfPx8SAbVnsYj+7O5v9S6t4Eb+6bsOvyMjTTKk4=
-----END CERTIFICATE-----
Generated at Wed May 13 12:01:42 2026 by rpki-client