Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138372e302f32342d3234203d3e20323039303433.roa
File: 3130392e3131302e3138372e302f32342d3234203d3e20323039303433.roa (raw, json)
Hash identifier: tgDMmay6kn3ogtNIQdQsAqKQH2VXJIlyrbyUPHIEehM=
Subject key identifier: 0A:D4:39:E2:A4:8D:0E:FA:8A:10:CD:D6:92:85:EE:95:E4:AC:C5:9B
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 502CF28A75E8DEC92B1DD36BD21357405ED656BF
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138372e302f32342d3234203d3e20323039303433.roa
Signing time: Thu 07 May 2026 09:47:11 +0000
ROA not before: Thu 07 May 2026 09:42:11 +0000
ROA not after: Thu 06 May 2027 09:47:11 +0000
asID: 209043
IP address blocks: 109.110.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:2c:f2:8a:75:e8:de:c9:2b:1d:d3:6b:d2:13:57:40:5e:d6:56:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: May 7 09:42:11 2026 GMT
Not After : May 6 09:47:11 2027 GMT
Subject: CN=0AD439E2A48D0EFA8A10CDD69285EE95E4ACC59B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:fc:1c:16:05:df:a6:57:46:08:fb:b4:7f:de:
21:9d:0d:27:5a:3c:20:10:69:d0:5c:8e:1f:00:0e:
e5:4c:70:2b:f5:52:48:10:dd:74:a8:50:fb:df:13:
fc:17:7b:04:29:ba:33:95:fa:83:9d:69:d5:de:e3:
32:9b:ab:d8:3c:a5:93:a6:c3:d7:75:33:6a:e0:13:
61:42:51:52:0b:6f:3b:54:80:af:0a:a3:a7:2a:97:
08:36:57:ea:bf:68:97:01:ae:60:8f:b2:f1:67:83:
56:da:8c:f0:1a:0e:8e:cd:dc:0b:fc:b0:b3:2e:b5:
1f:09:31:ee:58:f5:f1:87:8c:7f:ee:e1:af:d8:3d:
87:5e:3b:8d:66:75:32:aa:68:59:50:7f:2d:61:a6:
0f:7b:60:bb:48:fd:d8:66:37:e4:45:0b:4f:ea:ab:
b9:af:34:34:97:7f:9f:a2:e3:b1:b6:67:09:51:9e:
c6:4d:ed:ca:89:96:f5:0c:6f:2e:ae:20:47:92:35:
e5:53:1f:1f:67:06:fb:f0:ac:d8:5a:eb:48:68:8f:
0f:3f:b0:9b:69:f1:5c:bb:a2:87:9f:95:6c:0a:0b:
f7:94:2e:a3:48:3c:0a:37:a3:d2:d4:b2:2c:4d:77:
4e:43:fe:0a:b7:68:3d:67:e0:b2:b4:dc:d8:21:eb:
fe:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:D4:39:E2:A4:8D:0E:FA:8A:10:CD:D6:92:85:EE:95:E4:AC:C5:9B
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138372e302f32342d3234203d3e20323039303433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.187.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:52:18:f6:d0:88:79:81:a8:1f:93:65:3f:4c:2c:f9:69:67:
9b:8c:e0:83:b9:4a:7c:02:84:ba:ea:59:3d:be:11:51:38:51:
ca:3c:86:df:36:d4:e5:24:b2:cd:ed:20:a4:f1:fd:07:06:38:
79:62:2f:3d:8a:c2:62:0c:f5:1b:00:4e:6d:fd:15:18:de:a7:
bf:6e:47:a6:95:61:fd:32:fb:c1:42:1d:fa:34:94:5a:5c:69:
9e:98:87:b0:ec:92:20:0f:cd:87:69:34:a9:d1:d7:10:52:bd:
e8:72:70:84:8e:3e:e1:09:6c:ab:79:99:0d:95:29:8c:36:a0:
f2:13:b5:40:bd:39:63:a9:6f:1c:50:9b:80:4c:0d:6c:be:33:
16:8c:63:50:3e:b9:cd:8a:91:a4:aa:74:14:4c:17:f9:c9:ad:
88:a8:98:a7:5b:b6:45:12:62:c0:13:a4:c0:42:64:36:97:8b:
32:6b:4d:e0:70:03:9e:0c:f6:7e:22:3d:3e:af:09:e2:66:33:
19:af:83:e1:b5:12:f3:b3:97:85:5a:71:00:eb:0f:f5:2e:62:
f2:a3:00:c1:68:f1:13:50:ee:e3:c8:42:21:20:76:98:99:8e:
be:c1:68:ed:e6:4a:75:06:33:56:72:a9:97:67:ff:9a:f9:b7:
b4:e6:8f:e9
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUUCzyinXo3skrHdNr0hNXQF7WVr8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNjA1MDcwOTQyMTFaFw0yNzA1MDYwOTQ3MTFaMDMxMTAvBgNV
BAMTKDBBRDQzOUUyQTQ4RDBFRkE4QTEwQ0RENjkyODVFRTk1RTRBQ0M1OUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0/BwWBd+mV0YI+7R/3iGdDSda
PCAQadBcjh8ADuVMcCv1UkgQ3XSoUPvfE/wXewQpujOV+oOdadXe4zKbq9g8pZOm
w9d1M2rgE2FCUVILbztUgK8Ko6cqlwg2V+q/aJcBrmCPsvFng1bajPAaDo7N3Av8
sLMutR8JMe5Y9fGHjH/u4a/YPYdeO41mdTKqaFlQfy1hpg97YLtI/dhmN+RFC0/q
q7mvNDSXf5+i47G2ZwlRnsZN7cqJlvUMby6uIEeSNeVTHx9nBvvwrNha60hojw8/
sJtp8Vy7ooeflWwKC/eULqNIPAo3o9LUsixNd05D/gq3aD1n4LK03Ngh6/4LAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUCtQ54qSNDvqKEM3WkoXuleSsxZswHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzgzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzOTMwMzQzMy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAG1uuzANBgkqhkiG9w0BAQsFAAOCAQEADVIY9tCIeYGoH5NlP0ws+Wlnm4zg
g7lKfAKEuupZPb4RUThRyjyG3zbU5SSyze0gpPH9BwY4eWIvPYrCYgz1GwBObf0V
GN6nv25HppVh/TL7wUId+jSUWlxpnpiHsOySIA/Nh2k0qdHXEFK96HJwhI4+4Qls
q3mZDZUpjDag8hO1QL05Y6lvHFCbgEwNbL4zFoxjUD65zYqRpKp0FEwX+cmtiKiY
p1u2RRJiwBOkwEJkNpeLMmtN4HADngz2fiI9Pq8J4mYzGa+D4bUS87OXhVpxAOsP
9S5i8qMAwWjxE1Du48hCISB2mJmOvsFo7eZKdQYzVnKpl2f/mvm3tOaP6Q==
-----END CERTIFICATE-----
Generated at Wed May 13 06:36:08 2026 by rpki-client