Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3134342e302f32342d3234203d3e20323136343136.roa
File: 3139352e35382e3134342e302f32342d3234203d3e20323136343136.roa (raw, json)
Hash identifier: LZtf5PuLGvpowcFbx/Fb+tNNEtLJKNgrQFlg29pREA0=
Subject key identifier: 27:B8:7D:B0:ED:86:22:3B:0A:5C:1A:39:DB:5B:60:3C:1E:74:0D:70
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 5FA0C71C9899D048970C7FA3A0ECDEE001FEE2DB
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3134342e302f32342d3234203d3e20323136343136.roa
Signing time: Mon 11 May 2026 08:49:01 +0000
ROA not before: Mon 11 May 2026 08:44:01 +0000
ROA not after: Mon 10 May 2027 08:49:01 +0000
asID: 216416
IP address blocks: 195.58.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 01:10:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:a0:c7:1c:98:99:d0:48:97:0c:7f:a3:a0:ec:de:e0:01:fe:e2:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: May 11 08:44:01 2026 GMT
Not After : May 10 08:49:01 2027 GMT
Subject: CN=27B87DB0ED86223B0A5C1A39DB5B603C1E740D70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:59:d4:1e:9e:fc:69:dd:bf:49:53:ab:24:d1:
b6:f0:55:3b:96:0d:9a:ac:a9:bb:fa:18:56:23:9c:
d9:9c:35:48:52:06:e0:8e:9f:26:4a:8e:ae:69:d6:
92:d8:b6:af:00:5e:10:8d:0d:7e:cc:2e:67:64:f9:
06:17:b8:ab:7e:0d:29:0b:7f:7e:3a:df:f7:b4:31:
3b:ef:08:9b:64:82:6f:7a:4a:3c:8f:8b:47:cd:ac:
41:75:7c:4d:fa:29:d4:67:03:f2:dd:26:fb:2e:2e:
50:ed:73:00:10:b1:4d:43:c9:0f:18:ae:48:44:33:
1e:7b:af:0e:b4:e4:37:9f:d3:fa:f5:d1:40:1f:5f:
2e:c7:4a:7c:be:72:fd:8c:9c:22:f8:1f:5e:b2:9b:
dd:32:a0:38:4f:42:e4:d1:2e:3c:0c:c0:8c:72:d3:
96:21:db:1a:eb:93:cd:d4:97:81:e0:78:ff:50:08:
e4:1f:51:a2:64:7a:73:7a:a6:93:81:32:de:5a:3e:
b1:e5:b0:2f:70:e3:c6:3b:90:95:4b:8d:88:de:62:
80:1e:e5:a8:2a:04:8f:9f:43:f5:96:d6:e8:cd:3d:
d1:2b:10:7c:8a:71:ea:ee:3d:fa:20:b0:18:f5:74:
73:9e:9e:5f:aa:43:19:d5:42:74:6e:ad:59:17:75:
9e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:B8:7D:B0:ED:86:22:3B:0A:5C:1A:39:DB:5B:60:3C:1E:74:0D:70
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139352e35382e3134342e302f32342d3234203d3e20323136343136.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.58.144.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:f0:97:24:7d:24:d2:da:cd:a4:a2:d7:60:c2:42:bb:0b:02:
df:31:19:58:06:fd:5e:d1:4a:fe:d3:2d:36:fc:59:1f:f7:ff:
65:b7:66:9e:a0:13:6d:7b:af:79:e4:31:3d:0c:b3:ff:22:f2:
86:9a:3c:af:e4:03:19:bb:b8:71:ea:d2:f6:d4:39:05:87:e3:
3c:11:9b:0b:ee:ee:83:a3:44:fa:9f:0a:ef:a2:f7:05:7a:c7:
f0:84:1f:89:0a:1d:49:22:9e:c2:29:9a:1b:37:48:be:b3:cc:
13:23:14:2d:71:f9:62:f7:aa:7d:b8:be:27:39:4e:a3:38:b4:
1e:99:d8:f7:97:ec:53:fe:6a:7d:ce:ea:1d:43:d7:ce:9c:0a:
c7:f6:23:c6:b6:92:61:e8:be:64:0d:21:9a:fc:3e:d6:15:ac:
f9:38:ba:d3:12:91:af:e7:42:5e:34:50:92:82:2b:b0:ee:f8:
5e:c3:cc:52:07:4b:5e:2a:65:f4:4d:14:ae:88:ac:eb:52:18:
f6:e6:13:06:eb:62:75:e9:c0:d6:d1:02:0d:c5:61:0f:66:db:
d7:ea:81:95:23:f6:a6:3c:ea:87:c1:a0:05:d7:89:73:b3:18:
46:13:85:47:60:10:be:2e:25:21:4f:28:69:00:5a:b4:f2:f4:
31:47:ca:1f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUX6DHHJiZ0EiXDH+joOze4AH+4tswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjA1MTEwODQ0MDFaFw0yNzA1MTAwODQ5MDFaMDMxMTAvBgNV
BAMTKDI3Qjg3REIwRUQ4NjIyM0IwQTVDMUEzOURCNUI2MDNDMUU3NDBENzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDwWdQenvxp3b9JU6sk0bbwVTuW
DZqsqbv6GFYjnNmcNUhSBuCOnyZKjq5p1pLYtq8AXhCNDX7MLmdk+QYXuKt+DSkL
f3463/e0MTvvCJtkgm96SjyPi0fNrEF1fE36KdRnA/LdJvsuLlDtcwAQsU1DyQ8Y
rkhEMx57rw605Def0/r10UAfXy7HSny+cv2MnCL4H16ym90yoDhPQuTRLjwMwIxy
05Yh2xrrk83Ul4HgeP9QCOQfUaJkenN6ppOBMt5aPrHlsC9w48Y7kJVLjYjeYoAe
5agqBI+fQ/WW1ujNPdErEHyKceruPfogsBj1dHOenl+qQxnVQnRurVkXdZ57AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUJ7h9sO2GIjsKXBo521tgPB50DXAwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzOTM1MmUzNTM4MmUzMTM0
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzYzNDMxMzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADDOpAwDQYJKoZIhvcNAQELBQADggEBAI7wlyR9JNLazaSi12DCQrsLAt8xGVgG
/V7RSv7TLTb8WR/3/2W3Zp6gE217r3nkMT0Ms/8i8oaaPK/kAxm7uHHq0vbUOQWH
4zwRmwvu7oOjRPqfCu+i9wV6x/CEH4kKHUkinsIpmhs3SL6zzBMjFC1x+WL3qn24
vic5TqM4tB6Z2PeX7FP+an3O6h1D186cCsf2I8a2kmHovmQNIZr8PtYVrPk4utMS
ka/nQl40UJKCK7Du+F7DzFIHS14qZfRNFK6IrOtSGPbmEwbrYnXpwNbRAg3FYQ9m
29fqgZUj9qY86ofBoAXXiXOzGEYThUdgEL4uJSFPKGkAWrTy9DFHyh8=
-----END CERTIFICATE-----
Generated at Wed May 13 10:40:09 2026 by rpki-client