Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/3139332e33372e3233362e302f32342d3234203d3e203631333137.roa
File: 3139332e33372e3233362e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: +CYN6LpZToExMphwa4fQCy/ztAP3d8CKz6ZTfV/9ias=
Subject key identifier: 1C:2F:0A:12:6B:F2:1C:17:77:5B:4C:32:F1:F8:F4:76:EA:2F:FF:28
Certificate issuer: /CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Certificate serial: 2FDAA3B2B9A431A5207A600F0AEEBF1D93B57E8F
Authority key identifier: 9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/3139332e33372e3233362e302f32342d3234203d3e203631333137.roa
Signing time: Wed 25 Mar 2026 10:46:54 +0000
ROA not before: Wed 25 Mar 2026 10:41:54 +0000
ROA not after: Wed 24 Mar 2027 10:46:54 +0000
asID: 61317
IP address blocks: 193.37.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 19:35:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:da:a3:b2:b9:a4:31:a5:20:7a:60:0f:0a:ee:bf:1d:93:b5:7e:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Validity
Not Before: Mar 25 10:41:54 2026 GMT
Not After : Mar 24 10:46:54 2027 GMT
Subject: CN=1C2F0A126BF21C17775B4C32F1F8F476EA2FFF28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:0c:ba:34:3e:23:e7:e2:c3:d9:d5:4f:f8:aa:
c5:22:5f:3a:54:26:5b:05:a6:be:40:78:17:09:10:
32:df:c7:c1:60:06:fd:7c:14:0b:3a:b7:41:06:22:
24:59:17:30:8e:1d:7a:f3:db:42:c9:bc:b4:f6:1a:
de:e1:0b:43:11:d3:ca:e9:e0:e7:10:59:0b:fe:c0:
f5:25:29:41:2d:2e:b9:9d:fa:6c:a5:f6:b8:1b:1e:
ee:ca:d4:ad:4d:f8:e1:f1:4f:24:d4:da:be:6a:cb:
17:88:79:a6:12:0f:3e:72:24:c0:44:b5:56:3f:a1:
8f:5a:d9:0d:d3:e0:cb:84:62:6e:3d:74:fa:7a:fc:
bc:73:30:88:b8:9c:db:d3:f7:7a:dc:f1:97:07:14:
09:b8:73:f5:f4:ce:eb:b6:6e:78:28:29:dc:d0:6e:
8e:5e:7d:88:41:3a:40:3e:f2:69:00:61:63:7c:58:
f9:09:0d:56:98:1b:f4:e8:71:40:f1:ea:84:46:a6:
5f:e6:b1:80:3d:ca:a2:b3:8e:20:43:0f:66:03:83:
55:8a:be:32:16:e4:d7:a9:d5:2b:19:9f:52:15:6d:
ca:b6:1c:3f:8b:94:00:e7:53:79:c3:b6:5a:95:db:
c4:7e:09:6d:0d:ad:d3:d3:30:51:2e:cd:51:b0:ce:
49:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:2F:0A:12:6B:F2:1C:17:77:5B:4C:32:F1:F8:F4:76:EA:2F:FF:28
X509v3 Authority Key Identifier:
keyid:9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/3139332e33372e3233362e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.37.236.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:02:db:7a:db:4f:9b:57:8d:fe:fa:71:65:01:e5:86:d7:e1:
f5:79:90:f9:0a:10:bc:56:12:c6:15:1e:b5:6c:03:09:88:3e:
81:a7:ea:4c:8c:95:62:15:ee:03:ac:3b:59:ca:ee:1f:63:27:
ee:f2:fb:af:91:bb:c0:97:ec:9f:da:39:01:c7:92:bc:4a:eb:
69:1b:4e:ac:4d:a0:d4:63:3e:ec:bf:37:d4:c1:f8:c1:73:a7:
00:5c:7a:04:ef:ec:30:61:85:83:02:57:56:b6:a3:d9:f3:84:
af:0f:21:a0:b5:08:2f:83:13:5f:eb:30:f7:09:b3:75:0a:43:
ee:4c:f9:9e:ca:bf:89:1a:68:ec:54:18:1e:34:d1:7a:b9:01:
9a:87:04:00:df:f7:9e:36:84:b5:be:e7:12:4b:18:41:8e:96:
59:a6:cd:85:90:d0:4d:07:bb:b1:0b:c8:5f:7f:4f:0f:97:f3:
33:90:58:ce:4a:c8:78:1d:43:94:8f:6e:d2:45:f6:13:00:b4:
fb:9b:fb:ea:f4:43:f3:16:f1:ca:42:55:b4:d5:67:19:d0:ab:
83:02:ea:23:dd:d2:53:74:c4:5b:b2:58:11:15:30:39:82:44:
ee:58:27:cf:25:2b:71:0f:9d:64:59:3e:87:87:d1:05:45:94:
e4:69:4a:4b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUL9qjsrmkMaUgemAPCu6/HZO1fo8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWYwZDI0Yzg1NWVlZTAwZmU0YWJmMzkwM2M2ZThmY2M3
MDgzZWQ0ZDAeFw0yNjAzMjUxMDQxNTRaFw0yNzAzMjQxMDQ2NTRaMDMxMTAvBgNV
BAMTKDFDMkYwQTEyNkJGMjFDMTc3NzVCNEMzMkYxRjhGNDc2RUEyRkZGMjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtDLo0PiPn4sPZ1U/4qsUiXzpU
JlsFpr5AeBcJEDLfx8FgBv18FAs6t0EGIiRZFzCOHXrz20LJvLT2Gt7hC0MR08rp
4OcQWQv+wPUlKUEtLrmd+myl9rgbHu7K1K1N+OHxTyTU2r5qyxeIeaYSDz5yJMBE
tVY/oY9a2Q3T4MuEYm49dPp6/LxzMIi4nNvT93rc8ZcHFAm4c/X0zuu2bngoKdzQ
bo5efYhBOkA+8mkAYWN8WPkJDVaYG/TocUDx6oRGpl/msYA9yqKzjiBDD2YDg1WK
vjIW5Nep1SsZn1IVbcq2HD+LlADnU3nDtlqV28R+CW0NrdPTMFEuzVGwzkm9AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUHC8KEmvyHBd3W0wy8fj0duov/ygwHwYDVR0j
BBgwFoAUnw0kyFXu4A/kq/OQPG6PzHCD7U0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQtNDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3
ODEzLzAvOUYwRDI0Qzg1NUVFRTAwRkU0QUJGMzkwM0M2RThGQ0M3MDgzRUQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL253MGt5Rlh1NEFfa3FfT1FQRzZQekhD
RDdVMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQt
NDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3ODEzLzAvMzEzOTMzMmUzMzM3MmUzMjMz
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMxMzMzMTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wSXsMA0GCSqGSIb3DQEBCwUAA4IBAQAeAtt620+bV43++nFlAeWG1+H1eZD5ChC8
VhLGFR61bAMJiD6Bp+pMjJViFe4DrDtZyu4fYyfu8vuvkbvAl+yf2jkBx5K8Sutp
G06sTaDUYz7svzfUwfjBc6cAXHoE7+wwYYWDAldWtqPZ84SvDyGgtQgvgxNf6zD3
CbN1CkPuTPmeyr+JGmjsVBgeNNF6uQGahwQA3/eeNoS1vucSSxhBjpZZps2FkNBN
B7uxC8hff08Pl/MzkFjOSsh4HUOUj27SRfYTALT7m/vq9EPzFvHKQlW01WcZ0KuD
Auoj3dJTdMRbslgRFTA5gkTuWCfPJStxD51kWT6Hh9EFRZTkaUpL
-----END CERTIFICATE-----
Generated at Thu Mar 26 12:41:22 2026 by rpki-client