Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136352e302f32342d3234203d3e20323131343339.roa
File: 3130392e3131302e3136352e302f32342d3234203d3e20323131343339.roa (raw, json)
Hash identifier: RemgvzMCaDyQeoBSbN4UwWqDmkNfnA8pS7rA3mlHmkU=
Subject key identifier: 4F:03:B5:51:B7:4B:47:66:86:A4:14:CA:22:6E:3F:88:71:F4:7C:E3
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 329CB7FA1757AF4CBBA52B5618738D0939D31ECC
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136352e302f32342d3234203d3e20323131343339.roa
Signing time: Thu 19 Mar 2026 10:46:48 +0000
ROA not before: Thu 19 Mar 2026 10:41:48 +0000
ROA not after: Thu 18 Mar 2027 10:46:48 +0000
asID: 211439
IP address blocks: 109.110.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 07:08:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:9c:b7:fa:17:57:af:4c:bb:a5:2b:56:18:73:8d:09:39:d3:1e:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Mar 19 10:41:48 2026 GMT
Not After : Mar 18 10:46:48 2027 GMT
Subject: CN=4F03B551B74B476686A414CA226E3F8871F47CE3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:7b:46:7c:2a:25:12:f9:ca:79:85:60:9a:3d:
09:0a:39:b0:12:ff:e7:a9:79:9b:b1:66:62:ab:dd:
19:ea:76:cc:d6:9d:e4:81:bb:9a:6d:90:42:60:92:
ff:04:4a:f5:2e:71:11:18:56:3a:18:55:94:7a:7d:
24:fc:54:f4:01:60:ab:7d:54:62:b1:b3:e4:3d:3f:
2a:c8:6f:8c:ab:03:9d:da:af:80:1a:50:fe:58:12:
89:63:40:6b:7f:f5:e2:67:d6:66:a2:c1:96:ad:35:
a6:0d:19:9c:22:f1:ef:61:03:41:a4:e3:d3:e4:80:
c9:99:94:e2:d2:8c:12:1f:91:3b:70:f1:3a:73:fe:
19:b2:8a:13:3a:58:0f:f5:bc:a2:2e:ec:94:84:b5:
8d:89:08:6b:7e:18:8a:4d:22:e9:13:a6:28:ef:ea:
30:03:76:8d:c2:2b:91:13:dc:da:3c:58:08:6b:47:
d5:fa:0e:e8:c1:07:fa:db:ae:1b:45:03:bc:80:45:
56:bc:45:66:4e:ee:8d:ed:8e:99:5e:de:93:52:81:
af:9d:41:11:62:b9:30:9b:db:ec:2f:74:6d:3f:4d:
e3:e0:61:37:b6:39:1a:e9:91:a6:7e:de:ae:c5:8f:
94:95:bd:c2:e6:82:e7:d6:40:31:12:ca:e4:93:4e:
54:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:03:B5:51:B7:4B:47:66:86:A4:14:CA:22:6E:3F:88:71:F4:7C:E3
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136352e302f32342d3234203d3e20323131343339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.165.0/24
Signature Algorithm: sha256WithRSAEncryption
42:30:a9:26:e6:84:7f:a6:55:93:91:01:69:f4:99:87:a1:58:
d0:af:a4:2f:52:5e:9b:ab:c4:de:13:88:06:9b:ad:50:d6:b4:
54:e8:1a:96:19:2e:b9:70:33:53:e1:db:f3:4a:06:dc:95:00:
f8:a7:96:fc:bf:05:87:b7:b1:b1:ff:8f:49:f6:30:0a:7c:b7:
b9:e4:d1:44:f8:c0:9e:57:5a:00:ab:21:29:67:6c:bb:a6:f7:
79:7f:d1:ab:2b:df:6e:25:eb:d9:05:3b:fb:70:91:8e:53:b9:
b5:35:7b:01:c2:7e:26:5f:26:73:62:7e:7e:e2:a6:21:eb:03:
c4:17:12:c0:25:2c:3c:b9:d0:8b:4e:8d:2e:33:b1:74:b8:82:
82:b0:34:bd:a6:3e:66:bb:81:fb:85:ee:76:a5:fd:37:b2:82:
46:a6:5d:22:ea:0b:26:76:4f:23:55:5e:59:92:29:31:8b:8b:
85:c3:74:5d:48:2f:79:14:4d:e5:9f:c0:78:2d:6b:be:59:bc:
c0:cb:e0:dd:c6:69:73:8e:41:59:87:3d:45:c4:1a:54:a7:26:
38:f8:67:c2:15:0f:33:04:54:57:67:e5:7f:92:9a:29:a0:0e:
6c:ed:15:96:4b:4b:ee:14:91:3c:db:4a:0f:6c:3a:aa:a7:ef:
98:7b:dd:63
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUMpy3+hdXr0y7pStWGHONCTnTHswwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNjAzMTkxMDQxNDhaFw0yNzAzMTgxMDQ2NDhaMDMxMTAvBgNV
BAMTKDRGMDNCNTUxQjc0QjQ3NjY4NkE0MTRDQTIyNkUzRjg4NzFGNDdDRTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCme0Z8KiUS+cp5hWCaPQkKObAS
/+epeZuxZmKr3RnqdszWneSBu5ptkEJgkv8ESvUucREYVjoYVZR6fST8VPQBYKt9
VGKxs+Q9PyrIb4yrA53ar4AaUP5YEoljQGt/9eJn1maiwZatNaYNGZwi8e9hA0Gk
49PkgMmZlOLSjBIfkTtw8Tpz/hmyihM6WA/1vKIu7JSEtY2JCGt+GIpNIukTpijv
6jADdo3CK5ET3No8WAhrR9X6DujBB/rbrhtFA7yARVa8RWZO7o3tjple3pNSga+d
QRFiuTCb2+wvdG0/TePgYTe2ORrpkaZ+3q7Fj5SVvcLmgufWQDESyuSTTlRTAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUTwO1UbdLR2aGpBTKIm4/iHH0fOMwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzYzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMTM0MzMzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAG1upTANBgkqhkiG9w0BAQsFAAOCAQEAQjCpJuaEf6ZVk5EBafSZh6FY0K+k
L1Jem6vE3hOIBputUNa0VOgalhkuuXAzU+Hb80oG3JUA+KeW/L8Fh7exsf+PSfYw
Cny3ueTRRPjAnldaAKshKWdsu6b3eX/RqyvfbiXr2QU7+3CRjlO5tTV7AcJ+Jl8m
c2J+fuKmIesDxBcSwCUsPLnQi06NLjOxdLiCgrA0vaY+ZruB+4XudqX9N7KCRqZd
IuoLJnZPI1VeWZIpMYuLhcN0XUgveRRN5Z/AeC1rvlm8wMvg3cZpc45BWYc9RcQa
VKcmOPhnwhUPMwRUV2flf5KaKaAObO0VlktL7hSRPNtKD2w6qqfvmHvdYw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:51:23 2026 by rpki-client