Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3137352e302f32342d3234203d3e20343031333232.roa
File: 3130392e3131302e3137352e302f32342d3234203d3e20343031333232.roa (raw, json)
Hash identifier: fRxAqV6uyN1eF5qhrn4wWLEXR5foI5/K8nVlCzKvEVE=
Subject key identifier: ED:1D:2A:57:8C:E7:B4:CF:B9:AE:27:99:C6:24:02:2A:57:CB:40:4A
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 37A32976D6CD87EE08F3A44A88F878B358676090
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3137352e302f32342d3234203d3e20343031333232.roa
Signing time: Thu 26 Mar 2026 05:43:00 +0000
ROA not before: Thu 26 Mar 2026 05:38:00 +0000
ROA not after: Thu 25 Mar 2027 05:43:00 +0000
asID: 401322
IP address blocks: 109.110.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 07:08:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:a3:29:76:d6:cd:87:ee:08:f3:a4:4a:88:f8:78:b3:58:67:60:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Mar 26 05:38:00 2026 GMT
Not After : Mar 25 05:43:00 2027 GMT
Subject: CN=ED1D2A578CE7B4CFB9AE2799C624022A57CB404A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:82:68:15:29:1c:b8:de:21:00:ff:67:bd:d4:
06:01:31:f7:aa:01:1b:96:ef:d7:d5:48:45:1c:9c:
f5:85:5a:86:70:1d:e2:a8:01:20:ae:8c:69:4c:8e:
3a:5b:87:39:f0:00:91:ed:78:60:e5:04:b0:b3:53:
e4:fd:8e:a4:3a:ac:54:19:17:16:0a:74:8f:fc:88:
64:93:dc:cc:9b:d5:0a:3f:84:6b:92:da:c5:80:78:
03:0f:23:d5:9e:2c:7b:a6:2a:44:6d:36:ce:c2:ae:
5b:6c:bb:1c:c9:48:f3:bc:79:39:ca:7d:fa:7b:00:
34:32:e9:fc:83:f7:ad:7d:c4:f8:66:41:83:ad:39:
bf:6a:fe:ea:ae:01:2c:bd:ae:20:62:42:da:aa:79:
9c:76:0e:45:22:0b:0d:5d:9f:9a:14:9c:19:5f:c1:
9c:21:d7:4c:15:11:0c:31:c9:0b:1e:65:a4:b1:81:
f5:88:75:bc:d7:2e:32:5b:80:07:9c:e5:5a:80:5b:
b1:7f:b3:ee:ef:24:a9:3c:42:f5:56:48:6c:fe:9d:
f6:5b:33:4c:a0:c2:64:6f:47:65:e5:ba:38:75:22:
d3:f8:e3:fe:7c:f2:e2:86:37:fb:b5:17:62:ac:a6:
98:80:69:e8:bd:ff:a0:22:c5:c8:42:14:18:50:6a:
29:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:1D:2A:57:8C:E7:B4:CF:B9:AE:27:99:C6:24:02:2A:57:CB:40:4A
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3137352e302f32342d3234203d3e20343031333232.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.175.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:df:1f:5e:22:03:53:53:dd:74:a2:c3:c8:62:d7:9c:95:57:
9f:fa:95:f6:bb:18:b3:1a:49:27:04:cd:f8:8f:c4:ab:29:fa:
78:1e:b6:f9:53:ac:0b:fa:7b:95:50:42:27:d1:ca:56:ef:49:
72:26:76:d1:80:fe:77:cb:93:da:7b:00:51:b8:c6:3a:45:cb:
91:e9:b8:79:6a:af:70:b1:f6:50:a8:da:4a:8b:1a:23:24:73:
d6:ae:0c:69:1b:d3:64:c7:c4:18:9b:e8:a7:9b:24:48:17:3a:
a7:4e:bf:0a:0e:53:26:cf:e6:9e:a3:28:c8:17:2a:19:58:c3:
a3:20:56:62:64:4e:b4:0c:70:0b:76:ee:a9:0e:9a:74:62:33:
48:06:17:f9:02:83:23:b7:57:51:5a:e6:a6:b5:74:86:5d:02:
5b:86:18:29:62:b1:fb:db:c2:a2:13:ac:f4:89:04:da:cd:3e:
f2:e4:8c:fe:c7:ee:3b:f3:56:c1:40:08:99:4c:92:ac:6c:aa:
3d:50:a7:a6:20:49:ec:24:1c:5d:f9:bd:fd:cb:e7:5c:4b:6c:
eb:3c:be:90:30:b4:c2:c5:53:92:21:43:60:80:00:91:48:07:
48:f4:dc:db:3d:b8:ff:45:74:26:33:c2:ef:8f:5d:25:9b:3a:
24:58:3c:3c
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUN6MpdtbNh+4I86RKiPh4s1hnYJAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNjAzMjYwNTM4MDBaFw0yNzAzMjUwNTQzMDBaMDMxMTAvBgNV
BAMTKEVEMUQyQTU3OENFN0I0Q0ZCOUFFMjc5OUM2MjQwMjJBNTdDQjQwNEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjgmgVKRy43iEA/2e91AYBMfeq
ARuW79fVSEUcnPWFWoZwHeKoASCujGlMjjpbhznwAJHteGDlBLCzU+T9jqQ6rFQZ
FxYKdI/8iGST3Myb1Qo/hGuS2sWAeAMPI9WeLHumKkRtNs7CrltsuxzJSPO8eTnK
ffp7ADQy6fyD9619xPhmQYOtOb9q/uquASy9riBiQtqqeZx2DkUiCw1dn5oUnBlf
wZwh10wVEQwxyQseZaSxgfWIdbzXLjJbgAec5VqAW7F/s+7vJKk8QvVWSGz+nfZb
M0ygwmRvR2Xlujh1ItP44/588uKGN/u1F2KsppiAaei9/6AixchCFBhQainTAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU7R0qV4zntM+5rieZxiQCKlfLQEowHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzczNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzAzMTMzMzIzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAG1urzANBgkqhkiG9w0BAQsFAAOCAQEArN8fXiIDU1PddKLDyGLXnJVXn/qV
9rsYsxpJJwTN+I/Eqyn6eB62+VOsC/p7lVBCJ9HKVu9JciZ20YD+d8uT2nsAUbjG
OkXLkem4eWqvcLH2UKjaSosaIyRz1q4MaRvTZMfEGJvop5skSBc6p06/Cg5TJs/m
nqMoyBcqGVjDoyBWYmROtAxwC3buqQ6adGIzSAYX+QKDI7dXUVrmprV0hl0CW4YY
KWKx+9vCohOs9IkE2s0+8uSM/sfuO/NWwUAImUySrGyqPVCnpiBJ7CQcXfm9/cvn
XEts6zy+kDC0wsVTkiFDYIAAkUgHSPTc2z24/0V0JjPC749dJZs6JFg8PA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:25:20 2026 by rpki-client