Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e33312e3134392e302f32342d3234203d3e20313432313436.roa
File: 3139342e33312e3134392e302f32342d3234203d3e20313432313436.roa (raw, json)
Hash identifier: osbWJkladDAkUNQN3p+hCwq8B5aWbGBMvLbDlES40xM=
Subject key identifier: 41:98:C3:48:83:21:6B:5F:00:55:DE:DC:85:B4:B0:4F:29:4A:27:E6
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 3B64FFF5770DF3FD8C200B5294B68BB3C335D619
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e33312e3134392e302f32342d3234203d3e20313432313436.roa
Signing time: Wed 22 Apr 2026 12:23:50 +0000
ROA not before: Wed 22 Apr 2026 12:18:50 +0000
ROA not after: Wed 21 Apr 2027 12:23:50 +0000
asID: 142146
IP address blocks: 194.31.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:64:ff:f5:77:0d:f3:fd:8c:20:0b:52:94:b6:8b:b3:c3:35:d6:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Apr 22 12:18:50 2026 GMT
Not After : Apr 21 12:23:50 2027 GMT
Subject: CN=4198C34883216B5F0055DEDC85B4B04F294A27E6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ed:d7:08:83:75:6d:c2:f1:78:6f:93:cc:d6:
10:e4:72:7f:cb:6b:87:7f:49:10:c0:07:01:17:f5:
3f:48:f0:23:08:22:c1:10:8a:d0:2b:ac:a1:28:71:
54:a1:e0:1b:44:8c:09:8d:14:90:32:f4:52:14:f5:
b9:96:bc:84:da:90:c7:6c:c0:cf:93:af:9a:b2:b9:
84:19:1c:55:96:8c:a2:65:37:d1:b3:2a:37:61:fa:
6e:f0:75:4b:7f:70:3c:0c:44:12:0b:c5:56:64:7b:
ae:67:0a:2f:2e:bf:72:a2:1f:d3:58:87:ed:31:7d:
6e:a2:dd:96:c0:5b:f0:58:40:16:09:b4:e6:38:a1:
f8:b6:be:61:62:bc:c6:96:d2:59:bf:35:6f:75:48:
2c:78:19:03:3d:fb:cb:52:63:47:9a:cd:9b:42:36:
d2:0d:92:06:2b:80:93:aa:59:0f:dc:20:03:fe:c3:
ee:66:18:a1:f8:d8:18:9a:f0:05:05:6f:b2:74:25:
0c:00:ce:b7:c7:7e:13:68:95:38:89:e3:a8:eb:1f:
13:47:68:02:9a:47:01:43:90:da:8b:1e:a8:de:d7:
08:93:5f:8d:f3:cb:ee:8d:ee:ae:cd:79:a9:c7:4f:
c9:a0:ff:df:61:cc:9a:20:2f:73:8e:54:4f:f6:97:
24:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:98:C3:48:83:21:6B:5F:00:55:DE:DC:85:B4:B0:4F:29:4A:27:E6
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e33312e3134392e302f32342d3234203d3e20313432313436.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.149.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:b0:e2:f7:d9:15:17:98:3e:ce:2d:20:58:da:04:a7:09:7a:
06:c8:10:9d:94:a9:da:5d:26:ab:e7:56:08:4f:76:c6:fc:ad:
c1:be:6f:3b:c5:94:dc:e3:18:d9:16:e3:c4:60:b2:43:55:ae:
ff:43:94:f1:22:4f:59:bf:c4:b4:33:29:39:9b:66:f0:ee:88:
d9:c6:e8:ae:3c:ca:81:88:a7:fa:46:bc:b6:2a:28:8d:c3:d7:
93:a5:25:cf:73:8a:9e:4f:87:dd:1b:e4:e3:ac:6d:8e:32:44:
57:95:58:8a:11:a0:ea:05:0f:46:b4:82:c1:47:0e:31:81:ea:
9e:07:65:09:8c:d2:fa:74:7f:a4:28:f8:78:bc:3a:7f:4f:a6:
12:14:14:68:72:27:52:f6:a4:dd:68:5f:c0:ee:df:5a:34:f0:
46:86:3f:f4:e5:ee:d7:48:05:ae:48:93:0c:fb:c8:03:d6:64:
92:41:1d:ea:6e:75:1f:c1:e7:4f:bc:91:79:11:91:cd:24:a9:
e7:dc:0d:92:3c:bc:22:4e:92:98:53:79:29:86:bf:53:0c:de:
61:e3:93:fb:0e:ad:9b:d8:33:ee:43:41:18:d1:dc:7e:11:2f:
08:fc:c7:b9:56:37:d5:52:87:32:4a:c6:5d:cd:e9:a3:9c:a0:
b1:1c:67:f0
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUO2T/9XcN8/2MIAtSlLaLs8M11hkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNjA0MjIxMjE4NTBaFw0yNzA0MjExMjIzNTBaMDMxMTAvBgNV
BAMTKDQxOThDMzQ4ODMyMTZCNUYwMDU1REVEQzg1QjRCMDRGMjk0QTI3RTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDP7dcIg3VtwvF4b5PM1hDkcn/L
a4d/SRDABwEX9T9I8CMIIsEQitArrKEocVSh4BtEjAmNFJAy9FIU9bmWvITakMds
wM+Tr5qyuYQZHFWWjKJlN9GzKjdh+m7wdUt/cDwMRBILxVZke65nCi8uv3KiH9NY
h+0xfW6i3ZbAW/BYQBYJtOY4ofi2vmFivMaW0lm/NW91SCx4GQM9+8tSY0eazZtC
NtINkgYrgJOqWQ/cIAP+w+5mGKH42Bia8AUFb7J0JQwAzrfHfhNolTiJ46jrHxNH
aAKaRwFDkNqLHqje1wiTX43zy+6N7q7NeanHT8mg/99hzJogL3OOVE/2lyTxAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUQZjDSIMha18AVd7chbSwTylKJ+YwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzOTM0MmUzMzMxMmUzMTM0
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM0MzIzMTM0MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCH5UwDQYJKoZIhvcNAQELBQADggEBAB6w4vfZFReYPs4tIFjaBKcJegbIEJ2U
qdpdJqvnVghPdsb8rcG+bzvFlNzjGNkW48RgskNVrv9DlPEiT1m/xLQzKTmbZvDu
iNnG6K48yoGIp/pGvLYqKI3D15OlJc9zip5Ph90b5OOsbY4yRFeVWIoRoOoFD0a0
gsFHDjGB6p4HZQmM0vp0f6Qo+Hi8On9PphIUFGhyJ1L2pN1oX8Du31o08EaGP/Tl
7tdIBa5Ikwz7yAPWZJJBHepudR/B50+8kXkRkc0kqefcDZI8vCJOkphTeSmGv1MM
3mHjk/sOrZvYM+5DQRjR3H4RLwj8x7lWN9VShzJKxl3N6aOcoLEcZ/A=
-----END CERTIFICATE-----
Generated at Wed May 13 08:37:17 2026 by rpki-client