Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/3130332e3134392e3136382e302f32342d3234203d3e20333936303634.roa
File: 3130332e3134392e3136382e302f32342d3234203d3e20333936303634.roa (raw, json)
Hash identifier: R5Epn5BQnUqfS0avyFJajv46KVwt1XNS+Hn4NVwwElQ=
Subject key identifier: D8:65:1E:4B:EA:4B:92:A0:0F:79:3E:35:D8:01:5C:F0:68:03:00:C4
Certificate issuer: /CN=5cdc04bb23eaa4cecc791dfe04bb028b7e797b68
Certificate serial: 0E9F347920C1C4F4F814D5BE841B23AADFF029D2
Authority key identifier: 5C:DC:04:BB:23:EA:A4:CE:CC:79:1D:FE:04:BB:02:8B:7E:79:7B:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/3130332e3134392e3136382e302f32342d3234203d3e20333936303634.roa
Signing time: Sun 10 May 2026 18:26:35 +0000
ROA not before: Sun 10 May 2026 18:21:35 +0000
ROA not after: Sun 09 May 2027 18:26:35 +0000
asID: 396064
IP address blocks: 103.149.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.crl
rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.mft
rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 03:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:9f:34:79:20:c1:c4:f4:f8:14:d5:be:84:1b:23:aa:df:f0:29:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cdc04bb23eaa4cecc791dfe04bb028b7e797b68
Validity
Not Before: May 10 18:21:35 2026 GMT
Not After : May 9 18:26:35 2027 GMT
Subject: CN=D8651E4BEA4B92A00F793E35D8015CF0680300C4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d2:75:2f:79:dc:31:13:35:50:f8:ff:7e:f7:
1b:04:c4:fb:b3:0a:f5:22:24:9e:10:09:c0:2f:3f:
ae:34:e2:0a:7b:79:28:e0:36:5a:77:88:2c:99:16:
a2:8c:42:36:fa:1b:50:b8:48:48:0f:df:3d:26:50:
3c:a8:26:a8:5c:2d:36:f9:d3:1a:6f:7d:79:ef:1a:
72:62:9a:88:c8:d7:49:9c:78:92:3a:fb:44:97:4b:
a9:9f:54:97:b8:63:79:52:a5:a0:7c:27:55:8c:4e:
76:f1:fb:d2:48:fe:80:52:cc:87:c7:25:4a:1f:95:
c6:c5:72:c3:5e:a3:67:fa:41:aa:e4:be:b8:fc:32:
67:ca:7c:d2:89:16:15:a0:3d:cb:e1:a0:d2:f6:49:
1b:d7:74:a7:26:f9:3d:06:5d:fe:5f:5b:f7:23:96:
5d:dc:4b:50:3d:a2:c2:c4:27:9f:c9:03:1b:39:1b:
8c:66:ef:4d:4d:2e:d0:ea:af:9f:88:bc:eb:d8:f9:
a5:66:3a:85:cb:9d:ad:39:3a:95:5d:d5:40:63:73:
c6:9a:a9:9f:28:85:6e:47:f0:a8:5c:fb:d7:0f:19:
59:44:9a:aa:30:c4:8b:92:4e:b4:7b:54:3c:ed:06:
1e:a4:be:fd:94:47:b6:fd:70:23:d6:92:1b:ee:b5:
3e:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:65:1E:4B:EA:4B:92:A0:0F:79:3E:35:D8:01:5C:F0:68:03:00:C4
X509v3 Authority Key Identifier:
keyid:5C:DC:04:BB:23:EA:A4:CE:CC:79:1D:FE:04:BB:02:8B:7E:79:7B:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/3130332e3134392e3136382e302f32342d3234203d3e20333936303634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.149.168.0/24
Signature Algorithm: sha256WithRSAEncryption
d0:e3:87:84:48:06:85:68:37:14:8d:73:22:88:56:33:2c:79:
e4:5e:0d:eb:98:13:1e:c1:7f:c7:d7:00:3e:12:50:a5:0f:b9:
b4:5e:52:43:d6:34:22:62:87:1e:ca:59:e7:e5:f2:4d:ff:24:
d6:58:a4:9e:11:d0:be:1b:7d:6f:79:67:9b:99:f8:1d:0d:42:
b0:e2:32:a1:25:2a:d2:03:b0:32:55:a0:00:00:37:c1:35:f3:
98:02:90:21:ba:83:b8:d2:aa:e4:38:0c:be:b4:01:c5:57:68:
47:43:a7:17:19:87:2d:17:a1:9c:4e:ca:f3:d5:3a:e7:a3:76:
41:3d:9e:0f:5b:1d:f8:f5:ea:21:33:6c:84:36:68:7d:15:df:
c2:10:b1:41:a3:86:08:41:7e:f7:4a:ac:96:7c:59:6c:57:9c:
a6:09:8c:0e:50:e0:48:80:d8:a5:79:40:a2:0a:3c:1d:b7:66:
46:88:c0:ad:7c:94:3b:e4:a5:fa:30:f4:39:fe:3c:58:bc:68:
97:e0:a2:99:ee:4e:93:19:db:4f:35:fc:81:6c:8f:ef:e1:cb:
94:68:ff:a1:44:8b:07:b4:a5:9d:6c:08:8f:b2:15:d9:f5:b4:
47:ee:d8:72:61:58:0d:bb:c1:f4:23:09:d2:0b:ce:7e:b9:29:
d2:ef:dd:94
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUDp80eSDBxPT4FNW+hBsjqt/wKdIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWNkYzA0YmIyM2VhYTRjZWNjNzkxZGZlMDRiYjAyOGI3
ZTc5N2I2ODAeFw0yNjA1MTAxODIxMzVaFw0yNzA1MDkxODI2MzVaMDMxMTAvBgNV
BAMTKEQ4NjUxRTRCRUE0QjkyQTAwRjc5M0UzNUQ4MDE1Q0YwNjgwMzAwQzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCl0nUvedwxEzVQ+P9+9xsExPuz
CvUiJJ4QCcAvP6404gp7eSjgNlp3iCyZFqKMQjb6G1C4SEgP3z0mUDyoJqhcLTb5
0xpvfXnvGnJimojI10mceJI6+0SXS6mfVJe4Y3lSpaB8J1WMTnbx+9JI/oBSzIfH
JUoflcbFcsNeo2f6Qarkvrj8MmfKfNKJFhWgPcvhoNL2SRvXdKcm+T0GXf5fW/cj
ll3cS1A9osLEJ5/JAxs5G4xm701NLtDqr5+IvOvY+aVmOoXLna05OpVd1UBjc8aa
qZ8ohW5H8Khc+9cPGVlEmqowxIuSTrR7VDztBh6kvv2UR7b9cCPWkhvutT7nAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU2GUeS+pLkqAPeT412AFc8GgDAMQwHwYDVR0j
BBgwFoAUXNwEuyPqpM7MeR3+BLsCi355e2gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2QxOWRiMjAtNDY1My00OGQ0LThmYzQtNTgwZDEzNjli
N2M0LzAvNUNEQzA0QkIyM0VBQTRDRUNDNzkxREZFMDRCQjAyOEI3RTc5N0I2OC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hOd0V1eVBxcE03TWVSMy1CTHNDaTM1
NWUyZy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2QxOWRiMjAt
NDY1My00OGQ0LThmYzQtNTgwZDEzNjliN2M0LzAvMzEzMDMzMmUzMTM0MzkyZTMx
MzYzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzkzNjMwMzYzNC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAGeVqDANBgkqhkiG9w0BAQsFAAOCAQEA0OOHhEgGhWg3FI1zIohWMyx55F4N
65gTHsF/x9cAPhJQpQ+5tF5SQ9Y0ImKHHspZ5+XyTf8k1liknhHQvht9b3lnm5n4
HQ1CsOIyoSUq0gOwMlWgAAA3wTXzmAKQIbqDuNKq5DgMvrQBxVdoR0OnFxmHLReh
nE7K89U656N2QT2eD1sd+PXqITNshDZofRXfwhCxQaOGCEF+90qslnxZbFecpgmM
DlDgSIDYpXlAogo8HbdmRojArXyUO+Sl+jD0Of48WLxol+Cime5OkxnbTzX8gWyP
7+HLlGj/oUSLB7SlnWwIj7IV2fW0R+7YcmFYDbvB9CMJ0gvOfrkp0u/dlA==
-----END CERTIFICATE-----
Generated at Wed May 13 10:17:23 2026 by rpki-client