Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/3139352e3138342e39322e302f32332d3234203d3e203631333137.roa
File: 3139352e3138342e39322e302f32332d3234203d3e203631333137.roa (raw, json)
Hash identifier: N1SgHIeCyR14qCgo1I2reGlHWWIX9kE3m9tQ4IBQ+AM=
Subject key identifier: 7A:DA:46:FD:D3:35:E8:61:37:24:85:4B:60:FE:22:5E:B5:52:27:2D
Certificate issuer: /CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Certificate serial: 14A2557A0C5DEA232C6918E531F56978C5C19BEB
Authority key identifier: 9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/3139352e3138342e39322e302f32332d3234203d3e203631333137.roa
Signing time: Wed 25 Mar 2026 17:46:54 +0000
ROA not before: Wed 25 Mar 2026 17:41:54 +0000
ROA not after: Wed 24 Mar 2027 17:46:54 +0000
asID: 61317
IP address blocks: 195.184.92.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 19:35:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:a2:55:7a:0c:5d:ea:23:2c:69:18:e5:31:f5:69:78:c5:c1:9b:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Validity
Not Before: Mar 25 17:41:54 2026 GMT
Not After : Mar 24 17:46:54 2027 GMT
Subject: CN=7ADA46FDD335E8613724854B60FE225EB552272D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:5d:cf:1c:d0:08:74:10:7f:53:5e:6d:03:15:
1c:c5:12:45:3e:d8:81:58:01:f9:6e:b2:3b:23:5e:
fd:1b:fa:a2:40:a8:cb:fe:ba:1b:b8:c3:2a:42:f1:
bc:00:3c:95:aa:17:05:c9:e0:00:59:85:4e:bf:8a:
2a:9e:a4:2e:c0:87:38:aa:60:23:f7:2c:47:bc:73:
8c:fe:57:09:7c:8d:32:6c:48:57:8e:fa:2b:49:df:
b2:67:de:46:f5:00:4f:97:d8:30:79:91:de:af:78:
b2:54:4c:01:5e:2a:cc:9a:82:27:9e:ad:bb:89:f9:
50:ff:50:b6:cc:f5:29:6e:f4:d1:16:49:85:e7:fa:
bc:33:17:46:ac:0b:61:ee:c9:b1:38:35:2e:3f:c6:
20:24:84:2f:9c:2a:95:d5:17:f7:03:11:e6:b3:8b:
70:9a:d0:37:aa:69:7c:5e:58:e4:a6:b0:94:7f:7f:
5f:82:cb:07:02:d6:f0:09:2e:22:af:ca:a9:6b:9c:
4b:dc:c2:ae:da:92:ba:5f:fc:e1:f3:b0:fe:c4:72:
dc:1d:80:d8:cd:b1:d4:0f:8a:52:5a:b3:08:70:c6:
63:f8:3e:d1:0c:7f:fc:11:57:90:25:49:dc:bc:87:
c6:e7:7f:56:8a:fa:a6:e2:7a:fe:ad:b5:97:a8:3f:
6b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:DA:46:FD:D3:35:E8:61:37:24:85:4B:60:FE:22:5E:B5:52:27:2D
X509v3 Authority Key Identifier:
keyid:9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/3139352e3138342e39322e302f32332d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.184.92.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:4d:6e:d4:02:89:e1:f7:99:74:93:7c:af:58:5c:11:9d:fd:
42:b2:46:9c:77:2f:0e:5e:1f:a9:7b:15:85:99:bf:d1:5b:f0:
87:d1:98:61:a3:4d:bf:03:46:d4:f0:fb:89:8f:01:96:84:58:
43:1a:13:8b:d1:bb:2f:16:7f:53:39:ca:a7:f4:da:4b:f8:bb:
86:24:d6:6f:6a:2d:f4:a3:53:86:02:3c:3f:e6:e0:b5:df:99:
1f:b1:69:6a:87:e9:cf:41:a7:3d:0e:d2:a2:72:37:df:ea:f3:
5c:9a:05:78:1b:41:6e:99:1e:a3:32:e4:57:a5:2d:61:15:cb:
6b:5e:df:89:6b:81:5e:da:22:f6:92:23:56:5a:7a:cc:6b:91:
69:a9:2b:d6:16:e5:d9:5b:2d:8b:14:34:81:1d:9d:43:e2:cc:
86:6d:17:ea:e4:2a:bc:a6:12:38:f5:2d:44:af:71:5e:b4:9e:
57:1e:39:f7:15:b2:ba:c0:99:df:ff:c0:0d:a3:ac:95:11:93:
77:c2:30:f7:e0:8d:69:0f:f5:f1:dc:78:a9:49:60:a4:d5:cd:
32:59:a3:d0:f8:7d:82:d6:b6:b7:26:61:95:de:a5:94:06:b3:
9c:8c:61:4a:24:eb:c8:ae:13:b6:41:8c:88:75:d9:e2:93:d3:
65:ec:3e:7b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUFKJVegxd6iMsaRjlMfVpeMXBm+swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWYwZDI0Yzg1NWVlZTAwZmU0YWJmMzkwM2M2ZThmY2M3
MDgzZWQ0ZDAeFw0yNjAzMjUxNzQxNTRaFw0yNzAzMjQxNzQ2NTRaMDMxMTAvBgNV
BAMTKDdBREE0NkZERDMzNUU4NjEzNzI0ODU0QjYwRkUyMjVFQjU1MjI3MkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiXc8c0Ah0EH9TXm0DFRzFEkU+
2IFYAflusjsjXv0b+qJAqMv+uhu4wypC8bwAPJWqFwXJ4ABZhU6/iiqepC7Ahziq
YCP3LEe8c4z+Vwl8jTJsSFeO+itJ37Jn3kb1AE+X2DB5kd6veLJUTAFeKsyagiee
rbuJ+VD/ULbM9Slu9NEWSYXn+rwzF0asC2HuybE4NS4/xiAkhC+cKpXVF/cDEeaz
i3Ca0DeqaXxeWOSmsJR/f1+CywcC1vAJLiKvyqlrnEvcwq7akrpf/OHzsP7Ectwd
gNjNsdQPilJaswhwxmP4PtEMf/wRV5AlSdy8h8bnf1aK+qbiev6ttZeoP2uXAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUetpG/dM16GE3JIVLYP4iXrVSJy0wHwYDVR0j
BBgwFoAUnw0kyFXu4A/kq/OQPG6PzHCD7U0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQtNDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3
ODEzLzAvOUYwRDI0Qzg1NUVFRTAwRkU0QUJGMzkwM0M2RThGQ0M3MDgzRUQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL253MGt5Rlh1NEFfa3FfT1FQRzZQekhD
RDdVMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQt
NDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3ODEzLzAvMzEzOTM1MmUzMTM4MzQyZTM5
MzIyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzNjMxMzMzMTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
w7hcMA0GCSqGSIb3DQEBCwUAA4IBAQAbTW7UAonh95l0k3yvWFwRnf1Cskacdy8O
Xh+pexWFmb/RW/CH0Zhho02/A0bU8PuJjwGWhFhDGhOL0bsvFn9TOcqn9NpL+LuG
JNZvai30o1OGAjw/5uC135kfsWlqh+nPQac9DtKicjff6vNcmgV4G0FumR6jMuRX
pS1hFctrXt+Ja4Fe2iL2kiNWWnrMa5FpqSvWFuXZWy2LFDSBHZ1D4syGbRfq5Cq8
phI49S1Er3FetJ5XHjn3FbK6wJnf/8ANo6yVEZN3wjD34I1pD/Xx3HipSWCk1c0y
WaPQ+H2C1ra3JmGV3qWUBrOcjGFKJOvIrhO2QYyIddnik9Nl7D57
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:35:43 2026 by rpki-client