Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3130392e3130362e31332e302f32342d3234203d3e20313938343836.roa
File: 3130392e3130362e31332e302f32342d3234203d3e20313938343836.roa (raw, json)
Hash identifier: ZOdWUmHR0v/MwF1yOmxod4e9d3mFWfOeBEiAMaoNi7Q=
Subject key identifier: 4F:11:1E:24:A0:CD:38:D2:03:D0:E2:19:CE:36:1A:50:FB:F6:F2:AC
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 253E35FC126DA8453CCF0F910B63324E2C8916D0
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3130392e3130362e31332e302f32342d3234203d3e20313938343836.roa
Signing time: Wed 06 May 2026 08:55:40 +0000
ROA not before: Wed 06 May 2026 08:50:40 +0000
ROA not after: Wed 05 May 2027 08:55:40 +0000
asID: 198486
IP address blocks: 109.106.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 11:35:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:3e:35:fc:12:6d:a8:45:3c:cf:0f:91:0b:63:32:4e:2c:89:16:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: May 6 08:50:40 2026 GMT
Not After : May 5 08:55:40 2027 GMT
Subject: CN=4F111E24A0CD38D203D0E219CE361A50FBF6F2AC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f5:2a:fe:01:ee:d1:36:a9:90:dc:9f:64:a6:
0c:a3:5a:31:8f:fa:aa:66:b4:a6:52:b0:e9:71:19:
3a:bf:cc:dc:7c:6d:d2:b8:7c:b6:4d:2e:89:f6:7d:
8a:10:21:35:87:9b:f7:0b:c8:06:e3:e1:29:d2:f0:
0a:29:0a:72:e5:31:17:2f:f9:f9:cd:c4:b7:00:ca:
97:84:2d:07:23:f5:03:60:3c:23:bc:18:c7:57:74:
9f:0c:f1:de:5d:69:f3:0b:41:45:0e:f2:54:a8:41:
8d:5d:52:a6:52:be:ff:83:c2:89:49:69:b6:71:20:
a7:78:b8:cf:f2:90:61:6a:8f:c0:3a:0c:a1:44:26:
fb:b3:84:09:50:95:93:1e:8f:73:6e:af:03:94:72:
40:e6:ba:c8:85:98:7e:ef:e2:d9:79:cf:5c:69:4b:
ec:9b:ed:10:b9:2c:e3:ae:3e:ef:cf:51:f5:a7:50:
74:2c:3f:10:45:b9:6d:72:6d:43:c0:24:57:a7:a8:
bf:db:1c:3a:9a:21:1a:a7:ca:d1:5d:f9:ba:ee:82:
2f:67:10:68:48:0f:02:7b:c7:02:6e:95:a3:8e:6d:
0f:a8:69:1d:d2:de:70:ad:68:01:88:0e:e5:11:68:
9b:e2:0a:d4:33:5a:42:17:fc:0b:ac:98:11:e0:b0:
2c:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:11:1E:24:A0:CD:38:D2:03:D0:E2:19:CE:36:1A:50:FB:F6:F2:AC
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3130392e3130362e31332e302f32342d3234203d3e20313938343836.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.106.13.0/24
Signature Algorithm: sha256WithRSAEncryption
09:c8:92:70:0d:20:cd:5e:d1:8b:6b:b3:ea:3c:31:54:54:7e:
d0:d3:24:62:15:b8:ce:22:38:0c:13:a8:1c:92:a2:dc:eb:d9:
bf:57:1b:9d:1b:b7:40:1b:18:d2:a1:34:0f:50:3c:7f:36:c3:
9a:6b:63:97:1c:49:ef:96:d8:28:d9:49:a9:83:59:0a:dd:c1:
04:47:cd:99:64:ca:d6:74:cf:1c:5f:71:52:f3:1f:28:bc:8c:
8f:51:08:10:f5:bc:15:d2:87:c6:76:3b:a5:cf:1b:6b:69:3c:
5b:c8:8c:c4:d6:94:d0:f7:1a:51:fe:18:60:36:b7:82:54:52:
94:37:16:e7:ef:e0:87:00:9e:9a:09:32:0c:59:68:16:9c:be:
32:2a:0f:52:f9:31:0c:57:67:fb:b6:52:11:b3:48:ad:fc:8e:
cf:c2:80:f6:41:59:0a:af:0d:91:3b:11:68:f2:b9:84:30:a9:
fd:3e:b9:03:2e:f8:75:3a:3f:0e:fc:a0:aa:88:d7:89:8d:0b:
0d:9e:6b:19:9c:32:c8:29:22:87:51:3a:6b:7a:4b:66:8a:63:
3d:32:dd:50:04:28:f1:3e:4d:17:42:89:9d:6e:80:64:31:30:
0c:ed:f0:30:9c:65:b2:2f:00:fe:3d:60:55:eb:0b:18:fe:12:
e9:1b:32:1c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJT41/BJtqEU8zw+RC2MyTiyJFtAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNjA1MDYwODUwNDBaFw0yNzA1MDUwODU1NDBaMDMxMTAvBgNV
BAMTKDRGMTExRTI0QTBDRDM4RDIwM0QwRTIxOUNFMzYxQTUwRkJGNkYyQUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC69Sr+Ae7RNqmQ3J9kpgyjWjGP
+qpmtKZSsOlxGTq/zNx8bdK4fLZNLon2fYoQITWHm/cLyAbj4SnS8AopCnLlMRcv
+fnNxLcAypeELQcj9QNgPCO8GMdXdJ8M8d5dafMLQUUO8lSoQY1dUqZSvv+DwolJ
abZxIKd4uM/ykGFqj8A6DKFEJvuzhAlQlZMej3NurwOUckDmusiFmH7v4tl5z1xp
S+yb7RC5LOOuPu/PUfWnUHQsPxBFuW1ybUPAJFenqL/bHDqaIRqnytFd+brugi9n
EGhIDwJ7xwJulaOObQ+oaR3S3nCtaAGIDuURaJviCtQzWkIX/AusmBHgsCxNAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUTxEeJKDNONID0OIZzjYaUPv28qwwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzMDM5MmUzMTMwMzYyZTMx
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM5MzgzNDM4MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABtag0wDQYJKoZIhvcNAQELBQADggEBAAnIknANIM1e0Ytrs+o8MVRUftDTJGIV
uM4iOAwTqBySotzr2b9XG50bt0AbGNKhNA9QPH82w5prY5ccSe+W2CjZSamDWQrd
wQRHzZlkytZ0zxxfcVLzHyi8jI9RCBD1vBXSh8Z2O6XPG2tpPFvIjMTWlND3GlH+
GGA2t4JUUpQ3Fufv4IcAnpoJMgxZaBacvjIqD1L5MQxXZ/u2UhGzSK38js/CgPZB
WQqvDZE7EWjyuYQwqf0+uQMu+HU6Pw78oKqI14mNCw2eaxmcMsgpIodROmt6S2aK
Yz0y3VAEKPE+TRdCiZ1ugGQxMAzt8DCcZbIvAP49YFXrCxj+EukbMhw=
-----END CERTIFICATE-----
Generated at Wed May 13 04:54:57 2026 by rpki-client