Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136362e302f32342d3234203d3e20323131343339.roa
File: 3130392e3131302e3136362e302f32342d3234203d3e20323131343339.roa (raw, json)
Hash identifier: GEQViRhqdAyI9d1N5OwKOlE8VRkmVO6a5abo43flOfA=
Subject key identifier: 2F:8D:FE:89:58:5A:5B:12:E4:82:D2:C6:2F:68:DD:D9:12:CA:D6:D0
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 655922E35063FB63F85B263C8D1D98815C47F9CB
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136362e302f32342d3234203d3e20323131343339.roa
Signing time: Wed 25 Mar 2026 09:46:53 +0000
ROA not before: Wed 25 Mar 2026 09:41:53 +0000
ROA not after: Wed 24 Mar 2027 09:46:53 +0000
asID: 211439
IP address blocks: 109.110.166.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:59:22:e3:50:63:fb:63:f8:5b:26:3c:8d:1d:98:81:5c:47:f9:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Mar 25 09:41:53 2026 GMT
Not After : Mar 24 09:46:53 2027 GMT
Subject: CN=2F8DFE89585A5B12E482D2C62F68DDD912CAD6D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:3b:cd:e3:1a:f1:d0:97:79:53:a2:fd:2c:e6:
5f:0f:8e:0e:e4:b6:07:9a:cf:f7:96:86:4a:97:0e:
f5:cb:fe:1b:4d:3c:d7:6a:58:b2:1f:19:3d:a5:60:
b2:7b:e4:fb:27:81:ae:d8:56:2e:cf:0c:e1:f0:d7:
cf:68:08:83:8b:99:64:2a:ea:b1:ff:52:3b:6c:1b:
39:12:f6:a4:df:49:ba:6f:ac:90:3f:f2:82:6a:21:
10:cd:c3:0e:e8:da:41:20:c7:c5:dd:22:67:5f:4d:
4c:c3:15:51:eb:68:d2:61:11:64:00:c0:bd:ea:06:
95:43:f1:eb:36:c5:24:3b:89:3a:46:6f:84:8f:01:
7f:ac:7a:3d:54:e2:85:6d:fa:96:1c:0e:fa:f4:e1:
87:cd:90:d2:57:05:bd:2a:eb:a6:97:4b:50:8c:ce:
83:81:a0:33:da:8c:87:99:d5:22:32:e6:d4:33:75:
18:5d:71:17:86:91:ce:27:a0:10:7a:09:fe:1a:1d:
5d:70:ec:df:75:7d:a9:7f:11:c3:b1:db:74:49:b9:
87:a0:28:1e:f5:b0:35:4a:2c:38:5e:b0:f1:c7:61:
c6:82:14:07:10:0d:8f:d5:d2:7c:a7:84:d2:7f:4d:
29:da:97:65:27:53:0f:85:8e:0a:83:ac:36:e7:80:
dc:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:8D:FE:89:58:5A:5B:12:E4:82:D2:C6:2F:68:DD:D9:12:CA:D6:D0
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3136362e302f32342d3234203d3e20323131343339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.166.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:53:c5:df:04:cc:f6:53:15:90:1b:fd:0e:33:6f:5f:33:18:
51:df:f3:19:64:fc:83:3e:1a:fc:81:73:0e:69:a2:c5:24:eb:
9a:e0:cc:eb:fa:44:ef:46:b7:35:aa:c2:94:8f:e6:fb:e0:12:
9c:70:51:2a:2a:f7:aa:21:af:35:2b:96:7d:ae:a1:64:cc:5d:
26:db:d5:04:15:61:c9:16:fb:08:b4:a4:60:8f:36:66:7f:8c:
6d:b6:fe:54:3b:3a:3e:f9:75:82:ba:c4:c8:db:3e:4a:a0:ce:
31:99:23:e8:ea:31:2d:f4:c7:a7:5f:1d:0d:14:7f:72:dd:f0:
95:86:25:55:6d:ea:ec:54:57:15:46:f7:6b:5c:eb:b2:d6:8b:
44:66:1c:e9:72:b6:fa:b5:74:e3:d3:f0:fb:19:17:60:c1:d5:
6c:37:fb:9f:40:41:46:d4:ca:b0:1b:64:75:21:cc:4e:db:5b:
dd:a8:c0:00:50:f4:00:85:21:58:84:84:a6:72:e9:e1:b6:52:
2b:6d:cc:01:d0:f9:04:32:ba:53:31:fd:c5:da:af:e4:7f:01:
21:2c:71:99:67:40:67:7b:39:98:8b:8e:9e:b1:51:ce:95:19:
f9:0e:ea:86:1f:af:45:b3:56:de:33:37:c1:24:f2:c3:45:15:
16:bb:87:e5
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUZVki41Bj+2P4WyY8jR2YgVxH+cswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNjAzMjUwOTQxNTNaFw0yNzAzMjQwOTQ2NTNaMDMxMTAvBgNV
BAMTKDJGOERGRTg5NTg1QTVCMTJFNDgyRDJDNjJGNjhEREQ5MTJDQUQ2RDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0O83jGvHQl3lTov0s5l8Pjg7k
tgeaz/eWhkqXDvXL/htNPNdqWLIfGT2lYLJ75Psnga7YVi7PDOHw189oCIOLmWQq
6rH/UjtsGzkS9qTfSbpvrJA/8oJqIRDNww7o2kEgx8XdImdfTUzDFVHraNJhEWQA
wL3qBpVD8es2xSQ7iTpGb4SPAX+sej1U4oVt+pYcDvr04YfNkNJXBb0q66aXS1CM
zoOBoDPajIeZ1SIy5tQzdRhdcReGkc4noBB6Cf4aHV1w7N91fal/EcOx23RJuYeg
KB71sDVKLDhesPHHYcaCFAcQDY/V0nynhNJ/TSnal2UnUw+FjgqDrDbngNxdAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUL43+iVhaWxLkgtLGL2jd2RLK1tAwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzYzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMTM0MzMzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAG1upjANBgkqhkiG9w0BAQsFAAOCAQEArFPF3wTM9lMVkBv9DjNvXzMYUd/z
GWT8gz4a/IFzDmmixSTrmuDM6/pE70a3NarClI/m++ASnHBRKir3qiGvNSuWfa6h
ZMxdJtvVBBVhyRb7CLSkYI82Zn+Mbbb+VDs6Pvl1grrEyNs+SqDOMZkj6OoxLfTH
p18dDRR/ct3wlYYlVW3q7FRXFUb3a1zrstaLRGYc6XK2+rV049Pw+xkXYMHVbDf7
n0BBRtTKsBtkdSHMTttb3ajAAFD0AIUhWISEpnLp4bZSK23MAdD5BDK6UzH9xdqv
5H8BISxxmWdAZ3s5mIuOnrFRzpUZ+Q7qhh+vRbNW3jM3wSTyw0UVFruH5Q==
-----END CERTIFICATE-----
Generated at Thu Mar 26 12:19:27 2026 by rpki-client