Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3130392e3130362e31322e302f32342d3234203d3e20313938343836.roa
File: 3130392e3130362e31322e302f32342d3234203d3e20313938343836.roa (raw, json)
Hash identifier: VQ/If+p1NV7MEB1LUa/Y1Dnsnz3sQwgxskoe4y+9Mfc=
Subject key identifier: C4:87:66:ED:89:E1:38:0C:53:7D:F3:B1:F2:F4:B7:15:89:31:D2:32
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 432B4C8734C5EFE3B77F399AB574A6F104701B0A
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3130392e3130362e31322e302f32342d3234203d3e20313938343836.roa
Signing time: Wed 06 May 2026 08:55:27 +0000
ROA not before: Wed 06 May 2026 08:50:27 +0000
ROA not after: Wed 05 May 2027 08:55:27 +0000
asID: 198486
IP address blocks: 109.106.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 11:35:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:2b:4c:87:34:c5:ef:e3:b7:7f:39:9a:b5:74:a6:f1:04:70:1b:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: May 6 08:50:27 2026 GMT
Not After : May 5 08:55:27 2027 GMT
Subject: CN=C48766ED89E1380C537DF3B1F2F4B7158931D232
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:d8:28:df:ba:a5:97:b3:3a:68:73:9e:2d:e5:
cc:80:ee:b4:5f:b2:3b:25:a8:f1:b2:93:72:aa:39:
47:0e:a9:ea:94:aa:42:42:1b:39:47:4d:8f:51:e6:
58:cd:90:7a:9a:09:62:d9:71:7b:33:5b:c5:de:23:
73:cc:bb:6e:29:b2:20:34:ab:bb:e1:2a:e6:aa:5d:
a3:85:3e:32:25:80:84:54:76:f3:4d:96:7e:1f:c0:
e5:b7:b8:75:99:09:1e:92:3e:95:97:03:d4:ba:b3:
49:23:a7:77:ad:8c:41:3a:8e:ed:c7:bf:7b:00:63:
fb:75:c0:94:5a:0d:4c:1a:dc:e9:bd:9d:01:c8:30:
93:9d:81:36:8e:68:60:81:12:cc:3c:ab:eb:f5:f1:
4f:7f:fc:df:4e:8a:46:29:ad:74:9b:a8:9b:57:61:
83:c1:98:38:fc:82:2e:d1:8b:dd:14:4a:72:1b:53:
0c:f4:ff:f5:cb:4b:b0:3f:0a:1e:31:d1:8b:99:22:
92:c0:d5:fd:3d:7d:52:3f:da:61:b7:fb:a8:94:1a:
ab:82:3a:95:97:40:7c:84:bf:dd:fa:5c:b5:8c:89:
06:98:fb:7d:35:0e:e7:42:dc:ac:ed:10:a8:6e:ac:
e6:13:6f:14:d1:6d:a5:8e:b9:b1:1d:d1:90:68:df:
21:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:87:66:ED:89:E1:38:0C:53:7D:F3:B1:F2:F4:B7:15:89:31:D2:32
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3130392e3130362e31322e302f32342d3234203d3e20313938343836.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.106.12.0/24
Signature Algorithm: sha256WithRSAEncryption
54:d7:3a:40:e3:b4:c5:d6:8b:f0:bb:d1:65:96:f7:a0:20:c2:
71:69:d3:ed:7d:f8:fd:3e:ec:57:e7:43:1a:bd:1b:0e:a3:f0:
8f:5c:de:b2:ea:39:da:e1:b3:e2:8a:77:d4:16:89:9c:49:1d:
81:9c:ec:26:68:bd:2f:15:ec:6f:ba:f7:87:55:97:3a:8a:ee:
49:eb:45:0a:d0:2b:a5:8f:8a:b0:04:46:3e:e2:c1:a2:97:01:
ee:2a:b0:21:ef:4d:58:bc:ff:dc:b3:b3:1f:15:7d:1a:1d:90:
20:ee:88:7f:a0:e6:6c:26:e7:03:a7:d5:2c:ba:c7:b8:0c:cf:
5f:91:01:db:50:9a:de:cb:7a:7c:db:87:06:63:7e:7a:fd:78:
22:92:90:92:6f:8d:44:73:db:ff:e1:f5:0c:bd:8b:2c:9b:21:
ce:44:1d:52:8b:b7:20:d5:e7:67:4a:a0:37:1a:69:0a:53:f8:
3e:fa:88:e8:39:42:21:8e:75:5f:ed:4c:5b:c1:53:ea:29:8e:
0f:6d:af:ff:e2:6d:7c:15:93:7a:10:f5:61:54:dd:ec:63:37:
e8:39:c5:14:b4:dc:26:fd:86:49:ac:7b:65:cd:a8:63:2c:fb:
85:23:ec:d6:3d:6a:2f:b6:f0:55:36:1e:09:70:03:1a:61:86:
0b:6a:a8:c2
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQytMhzTF7+O3fzmatXSm8QRwGwowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNjA1MDYwODUwMjdaFw0yNzA1MDUwODU1MjdaMDMxMTAvBgNV
BAMTKEM0ODc2NkVEODlFMTM4MEM1MzdERjNCMUYyRjRCNzE1ODkzMUQyMzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCP2CjfuqWXszpoc54t5cyA7rRf
sjslqPGyk3KqOUcOqeqUqkJCGzlHTY9R5ljNkHqaCWLZcXszW8XeI3PMu24psiA0
q7vhKuaqXaOFPjIlgIRUdvNNln4fwOW3uHWZCR6SPpWXA9S6s0kjp3etjEE6ju3H
v3sAY/t1wJRaDUwa3Om9nQHIMJOdgTaOaGCBEsw8q+v18U9//N9OikYprXSbqJtX
YYPBmDj8gi7Ri90USnIbUwz0//XLS7A/Ch4x0YuZIpLA1f09fVI/2mG3+6iUGquC
OpWXQHyEv936XLWMiQaY+301DudC3KztEKhurOYTbxTRbaWOubEd0ZBo3yG1AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUxIdm7YnhOAxTffOx8vS3FYkx0jIwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzMDM5MmUzMTMwMzYyZTMx
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM5MzgzNDM4MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABtagwwDQYJKoZIhvcNAQELBQADggEBAFTXOkDjtMXWi/C70WWW96AgwnFp0+19
+P0+7FfnQxq9Gw6j8I9c3rLqOdrhs+KKd9QWiZxJHYGc7CZovS8V7G+694dVlzqK
7knrRQrQK6WPirAERj7iwaKXAe4qsCHvTVi8/9yzsx8VfRodkCDuiH+g5mwm5wOn
1Sy6x7gMz1+RAdtQmt7LenzbhwZjfnr9eCKSkJJvjURz2//h9Qy9iyybIc5EHVKL
tyDV52dKoDcaaQpT+D76iOg5QiGOdV/tTFvBU+opjg9tr//ibXwVk3oQ9WFU3exj
N+g5xRS03Cb9hkmse2XNqGMs+4Uj7NY9ai+28FU2HglwAxphhgtqqMI=
-----END CERTIFICATE-----
Generated at Wed May 13 04:48:15 2026 by rpki-client