Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/3130332e34392e3133302e302f32342d3234203d3e20313534333137.roa
File: 3130332e34392e3133302e302f32342d3234203d3e20313534333137.roa (raw, json)
Hash identifier: w3+vUGEtKd/ySG37/woRjizj6qLoxAf3VQ2OqShH1Xo=
Subject key identifier: 98:08:8A:C9:04:CF:6A:D8:50:2F:10:0F:20:65:6B:30:19:FA:4A:E9
Certificate issuer: /CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Certificate serial: 4BD3450B07669E3525A56BDB2DCB02164F527B1C
Authority key identifier: C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/3130332e34392e3133302e302f32342d3234203d3e20313534333137.roa
Signing time: Fri 13 Mar 2026 12:54:03 +0000
ROA not before: Fri 13 Mar 2026 12:49:03 +0000
ROA not after: Fri 12 Mar 2027 12:54:03 +0000
asID: 154317
IP address blocks: 103.49.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.mft
rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 17:04:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:d3:45:0b:07:66:9e:35:25:a5:6b:db:2d:cb:02:16:4f:52:7b:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Validity
Not Before: Mar 13 12:49:03 2026 GMT
Not After : Mar 12 12:54:03 2027 GMT
Subject: CN=98088AC904CF6AD8502F100F20656B3019FA4AE9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:e8:55:d9:af:7f:6c:31:15:07:cd:d9:2d:bf:
34:0e:57:4c:bc:f8:6b:34:b0:74:60:27:9c:c8:c5:
55:dc:eb:8c:a4:10:a9:a3:4b:4c:57:2b:0b:a2:33:
14:79:05:75:53:28:1c:8c:97:77:18:ba:57:89:55:
13:0f:c0:3a:cd:17:c0:cc:ca:76:55:0a:44:ef:74:
3a:81:73:b6:86:ff:52:3d:45:a8:f2:12:79:42:41:
76:31:d0:cf:82:29:6f:9d:fa:22:32:76:f8:eb:50:
84:b4:08:aa:7d:89:b5:02:87:3d:5b:5f:64:34:e0:
70:9b:27:28:10:e9:62:96:06:76:10:4b:0d:7b:f7:
04:5d:52:77:71:37:55:3d:d6:f0:90:ab:05:7d:8d:
0b:42:d2:91:55:d8:6b:50:62:6a:9f:72:0b:9d:d1:
4c:37:08:62:2e:fa:4b:8f:02:9b:e0:85:8f:73:8f:
15:8c:0b:a6:4e:0f:54:4f:ff:f2:87:fe:a2:d0:b4:
75:52:c0:8c:6d:b2:60:62:9a:fa:95:99:4b:c8:1b:
38:c8:c0:7e:c3:23:ad:ec:db:ee:61:b1:a8:47:09:
5d:d3:58:f1:c6:5a:2f:80:8b:25:d1:f1:d5:91:23:
e2:75:59:9a:ad:bb:5c:b0:8f:69:41:ff:40:e3:03:
84:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:08:8A:C9:04:CF:6A:D8:50:2F:10:0F:20:65:6B:30:19:FA:4A:E9
X509v3 Authority Key Identifier:
keyid:C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/3130332e34392e3133302e302f32342d3234203d3e20313534333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.49.130.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:dd:f7:84:45:34:c9:eb:02:6a:43:d8:d5:09:fd:ab:d3:9e:
09:c2:82:84:89:ad:30:44:bd:45:f2:c3:f4:19:25:f9:16:2d:
6c:30:61:c0:20:f9:7b:15:0a:7e:99:51:cd:4a:db:3b:f3:f2:
69:93:5d:60:01:ae:e8:0a:0b:73:56:92:a3:a2:4b:00:bf:02:
36:cb:f5:59:f2:ae:2b:6c:5c:25:23:15:3a:05:33:5d:5e:ce:
69:1a:85:b5:b3:96:d5:4b:19:16:0e:91:da:cd:8f:ac:26:34:
b4:bd:0c:18:60:8b:8e:b2:ff:bf:d6:87:82:17:67:ed:31:9c:
96:70:1b:65:87:f5:ac:88:9c:25:43:0e:9c:9b:23:2d:37:d5:
09:f0:f0:e5:31:16:80:9a:83:41:37:54:80:a4:e1:69:57:dc:
7f:69:98:b7:02:24:fa:ce:86:c7:73:6a:b7:b7:a4:4e:6f:fd:
aa:24:ca:b2:97:45:ff:b1:de:7a:31:2f:c6:85:63:d5:a8:05:
a9:5e:07:66:a5:6c:92:41:1a:76:65:3b:63:47:88:22:36:a8:
ee:b0:46:fd:d6:af:e8:67:51:14:4e:c9:8c:95:27:8b:e0:60:
a7:73:4b:f6:8a:30:1c:64:92:2d:d0:87:40:b5:3f:93:36:3d:
9d:c5:cc:e6
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUS9NFCwdmnjUlpWvbLcsCFk9SexwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzc3MGY0MzM1OGI5N2JhMGFhOWJkYzYyYmJkNTExZTkw
YWVhYjI5ZDAeFw0yNjAzMTMxMjQ5MDNaFw0yNzAzMTIxMjU0MDNaMDMxMTAvBgNV
BAMTKDk4MDg4QUM5MDRDRjZBRDg1MDJGMTAwRjIwNjU2QjMwMTlGQTRBRTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDY6FXZr39sMRUHzdktvzQOV0y8
+Gs0sHRgJ5zIxVXc64ykEKmjS0xXKwuiMxR5BXVTKByMl3cYuleJVRMPwDrNF8DM
ynZVCkTvdDqBc7aG/1I9RajyEnlCQXYx0M+CKW+d+iIydvjrUIS0CKp9ibUChz1b
X2Q04HCbJygQ6WKWBnYQSw179wRdUndxN1U91vCQqwV9jQtC0pFV2GtQYmqfcgud
0Uw3CGIu+kuPApvghY9zjxWMC6ZOD1RP//KH/qLQtHVSwIxtsmBimvqVmUvIGzjI
wH7DI63s2+5hsahHCV3TWPHGWi+AiyXR8dWRI+J1WZqtu1ywj2lB/0DjA4TlAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUmAiKyQTPathQLxAPIGVrMBn6SukwHwYDVR0j
BBgwFoAUx3D0M1i5e6Cqm9xiu9UR6Qrqsp0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQtNmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2
NjIwLzAvQzc3MEY0MzM1OEI5N0JBMEFBOUJEQzYyQkJENTExRTkwQUVBQjI5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3gzRDBNMWk1ZTZDcW05eGl1OVVSNlFy
cXNwMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQt
NmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2NjIwLzAvMzEzMDMzMmUzNDM5MmUzMTMz
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM1MzQzMzMxMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABnMYIwDQYJKoZIhvcNAQELBQADggEBAFvd94RFNMnrAmpD2NUJ/avTngnCgoSJ
rTBEvUXyw/QZJfkWLWwwYcAg+XsVCn6ZUc1K2zvz8mmTXWABrugKC3NWkqOiSwC/
AjbL9VnyritsXCUjFToFM11ezmkahbWzltVLGRYOkdrNj6wmNLS9DBhgi46y/7/W
h4IXZ+0xnJZwG2WH9ayInCVDDpybIy031Qnw8OUxFoCag0E3VICk4WlX3H9pmLcC
JPrOhsdzare3pE5v/aokyrKXRf+x3noxL8aFY9WoBaleB2albJJBGnZlO2NHiCI2
qO6wRv3Wr+hnURROyYyVJ4vgYKdzS/aKMBxkki3Qh0C1P5M2PZ3FzOY=
-----END CERTIFICATE-----
Generated at Fri Mar 27 06:39:38 2026 by rpki-client