Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136302e302f32342d3234203d3e20343032323033.roa
File: 3130392e3131302e3136302e302f32342d3234203d3e20343032323033.roa (raw, json)
Hash identifier: /44rqoSOiimaJkybiNZr5+VnA3ywmcHO/TxSsRgBGEo=
Subject key identifier: FB:D0:DB:38:0D:15:3B:0C:9A:5D:B3:DD:91:33:F9:80:16:D8:12:E0
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 0910E6CE5B1BA7C0785BED9D5430D520ABAE2B84
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136302e302f32342d3234203d3e20343032323033.roa
Signing time: Mon 23 Mar 2026 05:54:49 +0000
ROA not before: Mon 23 Mar 2026 05:49:49 +0000
ROA not after: Mon 22 Mar 2027 05:54:49 +0000
asID: 402203
IP address blocks: 109.110.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 12:03:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:10:e6:ce:5b:1b:a7:c0:78:5b:ed:9d:54:30:d5:20:ab:ae:2b:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Mar 23 05:49:49 2026 GMT
Not After : Mar 22 05:54:49 2027 GMT
Subject: CN=FBD0DB380D153B0C9A5DB3DD9133F98016D812E0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:51:b8:ca:19:75:a9:de:c5:67:b1:5c:ec:10:
72:62:e8:75:bd:b0:1e:74:4f:ea:ae:4d:86:1e:c2:
58:7f:df:94:56:0f:0f:2a:49:09:83:c4:b3:66:a9:
8e:cf:48:a8:44:86:cf:0a:20:da:b8:29:ab:1c:1b:
45:36:c6:9c:61:75:af:5a:a0:01:af:97:83:ab:dc:
cc:26:b1:d6:96:7e:04:1e:85:f1:1e:96:34:33:00:
50:99:b9:aa:b3:9d:bd:d7:04:5c:05:5e:e3:23:86:
33:38:77:16:36:e2:af:2f:12:5e:01:64:4d:52:8b:
0d:0c:71:0d:28:20:19:04:58:7e:7a:62:22:36:25:
f7:c6:72:a1:e8:c4:84:d0:83:ae:d1:eb:0e:04:c6:
91:c9:a8:a1:61:29:6a:0c:09:48:00:5d:13:be:39:
99:65:5a:a9:ac:f7:67:4d:5f:d6:f9:49:82:c7:d4:
64:9b:3c:a9:8a:0f:07:87:64:a6:c9:be:d4:f7:2c:
54:2b:a6:db:03:7b:a7:2b:b0:3f:c0:d1:6e:d0:2e:
3a:1a:81:e7:57:fe:9c:4e:d0:f6:15:22:ea:9f:6f:
2b:cc:61:ca:a4:1c:ba:7f:03:3f:86:1b:be:81:f5:
da:d8:e6:16:41:95:f1:6c:e8:84:63:3f:83:36:0b:
81:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:D0:DB:38:0D:15:3B:0C:9A:5D:B3:DD:91:33:F9:80:16:D8:12:E0
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136302e302f32342d3234203d3e20343032323033.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.160.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:30:48:78:2b:14:6a:ae:3b:b8:4e:2d:95:d9:62:84:7e:81:
0a:90:50:88:13:48:5c:24:7e:d1:50:85:50:26:40:ce:30:37:
5d:15:a9:57:08:bb:8a:8d:85:ed:17:b8:1e:27:74:3e:08:b8:
33:f0:31:bf:7b:7d:34:40:8a:ff:cd:03:8f:ba:21:45:d1:ad:
90:91:86:9d:d9:f6:74:cc:bb:21:80:90:03:8e:b4:83:a3:06:
4f:f7:0c:27:e5:ce:2b:3f:81:9e:48:d2:1e:0c:f4:b8:38:20:
49:81:50:f0:41:f8:db:e0:87:53:8b:d4:36:9d:fb:00:86:b1:
20:42:83:68:14:4f:8a:56:68:59:d1:6c:b5:37:41:60:0f:cc:
8b:a2:3f:9c:a2:a8:48:ac:d3:a4:88:32:58:c5:56:1c:0e:32:
66:c9:c2:92:43:60:3b:f8:f6:5e:c5:09:91:86:c5:a9:35:c8:
a8:6f:76:c2:c0:a4:bd:17:ef:81:10:e8:66:2a:b8:04:29:44:
ee:92:fb:73:8f:a3:27:2a:7e:53:18:4c:88:75:96:3a:b1:10:
7a:2d:b1:b0:0f:33:ce:ec:68:f3:d5:cc:4f:78:15:c2:1a:cc:
eb:a0:4c:52:cc:b3:52:c2:75:93:2d:fa:e6:e9:b5:2c:02:31:
43:11:d0:0d
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUCRDmzlsbp8B4W+2dVDDVIKuuK4QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNjAzMjMwNTQ5NDlaFw0yNzAzMjIwNTU0NDlaMDMxMTAvBgNV
BAMTKEZCRDBEQjM4MEQxNTNCMEM5QTVEQjNERDkxMzNGOTgwMTZEODEyRTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQUbjKGXWp3sVnsVzsEHJi6HW9
sB50T+quTYYewlh/35RWDw8qSQmDxLNmqY7PSKhEhs8KINq4KascG0U2xpxhda9a
oAGvl4Or3MwmsdaWfgQehfEeljQzAFCZuaqznb3XBFwFXuMjhjM4dxY24q8vEl4B
ZE1Siw0McQ0oIBkEWH56YiI2JffGcqHoxITQg67R6w4ExpHJqKFhKWoMCUgAXRO+
OZllWqms92dNX9b5SYLH1GSbPKmKDweHZKbJvtT3LFQrptsDe6crsD/A0W7QLjoa
gedX/pxO0PYVIuqfbyvMYcqkHLp/Az+GG76B9drY5hZBlfFs6IRjP4M2C4FLAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU+9DbOA0VOwyaXbPdkTP5gBbYEuAwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzYzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzAzMjMyMzAzMy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAG1uoDANBgkqhkiG9w0BAQsFAAOCAQEAnjBIeCsUaq47uE4tldlihH6BCpBQ
iBNIXCR+0VCFUCZAzjA3XRWpVwi7io2F7Re4Hid0Pgi4M/Axv3t9NECK/80Dj7oh
RdGtkJGGndn2dMy7IYCQA460g6MGT/cMJ+XOKz+BnkjSHgz0uDggSYFQ8EH42+CH
U4vUNp37AIaxIEKDaBRPilZoWdFstTdBYA/Mi6I/nKKoSKzTpIgyWMVWHA4yZsnC
kkNgO/j2XsUJkYbFqTXIqG92wsCkvRfvgRDoZiq4BClE7pL7c4+jJyp+UxhMiHWW
OrEQei2xsA8zzuxo89XMT3gVwhrM66BMUsyzUsJ1ky365um1LAIxQxHQDQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:07:29 2026 by rpki-client