Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/352e3138312e3138352e302f32342d3234203d3e20323132333834.roa
File: 352e3138312e3138352e302f32342d3234203d3e20323132333834.roa (raw, json)
Hash identifier: PkrjX5lEKZeku6HbTZFd/bgZgjS0Ra0J+FcQrImRmsQ=
Subject key identifier: 1E:AF:65:DA:16:26:AC:EA:47:C9:04:DF:89:84:83:58:74:72:C4:1B
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 4FE79FF9245522762C3158EE562CFA063F93389A
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/352e3138312e3138352e302f32342d3234203d3e20323132333834.roa
Signing time: Tue 05 May 2026 09:47:11 +0000
ROA not before: Tue 05 May 2026 09:42:11 +0000
ROA not after: Tue 04 May 2027 09:47:11 +0000
asID: 212384
IP address blocks: 5.181.185.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 12:15:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:e7:9f:f9:24:55:22:76:2c:31:58:ee:56:2c:fa:06:3f:93:38:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: May 5 09:42:11 2026 GMT
Not After : May 4 09:47:11 2027 GMT
Subject: CN=1EAF65DA1626ACEA47C904DF898483587472C41B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f1:50:42:df:98:1c:6c:de:91:cc:e3:27:b5:
ec:03:1d:e6:8f:08:ee:26:23:d1:b0:8d:1a:f0:b6:
48:83:0a:9e:86:05:c4:7c:d0:1c:f7:00:d4:9b:3a:
d0:73:8e:c1:9a:3c:52:ba:d1:1a:96:40:18:af:70:
a5:2d:82:24:0c:f9:68:53:c8:fe:b0:21:a8:3e:88:
0c:ec:f2:93:0c:db:83:a1:4f:2d:ef:50:31:bb:3a:
8e:00:be:e9:6f:6b:86:df:9b:f8:98:35:86:81:c0:
3e:64:cd:33:cb:1a:26:7f:95:1a:d3:2e:8d:72:67:
e4:dd:47:ea:3e:23:fb:56:9a:b5:b5:74:22:50:90:
bf:6b:32:5c:be:06:53:2a:e0:1f:1b:13:0d:24:40:
57:9e:9f:07:6a:64:88:0c:f4:70:dd:43:04:b7:1a:
50:58:a3:19:2c:c9:7f:a3:db:ed:8a:39:9a:eb:aa:
7e:ca:d6:cb:c9:90:8b:5c:72:be:9c:8b:48:7c:5f:
a9:c6:da:88:e2:ef:88:48:e6:fd:32:e6:57:78:bf:
49:ad:71:e6:c4:e3:35:c3:95:b6:f5:57:33:c0:8b:
60:39:8a:9f:b7:88:c8:4f:1c:27:67:f5:ce:84:df:
22:fc:24:36:a3:d5:94:82:56:f4:90:60:49:ce:78:
ba:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:AF:65:DA:16:26:AC:EA:47:C9:04:DF:89:84:83:58:74:72:C4:1B
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/352e3138312e3138352e302f32342d3234203d3e20323132333834.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.185.0/24
Signature Algorithm: sha256WithRSAEncryption
43:c3:45:ac:4c:e4:6f:e6:bb:3b:38:fb:15:33:6a:db:c9:f4:
d2:0b:46:36:61:cb:b8:4e:9b:69:4f:f6:35:e1:2b:a1:2c:33:
43:8c:23:f6:f0:81:a5:f6:ae:e5:1e:8c:95:bc:5f:8d:51:66:
f8:7d:31:f6:a3:cc:b1:b0:4f:f8:62:81:30:ae:41:41:4c:d4:
03:de:a0:bd:ab:63:b0:4b:53:59:c6:d2:fa:2e:72:d0:6b:e7:
0e:56:ec:ff:6f:a4:eb:99:4e:7d:b8:d0:ae:5a:63:0f:0b:1a:
4b:b1:c9:ae:b7:a0:e8:86:82:88:39:7c:fe:a5:46:29:1c:24:
4b:b9:01:25:a7:bb:50:3e:0b:c6:c8:9d:2d:54:91:33:ce:3f:
a5:ed:9d:da:77:ef:80:75:a2:4b:35:b3:2a:f9:b3:76:fa:aa:
ca:64:34:33:91:7f:21:7f:d0:a2:19:f7:af:9a:ee:7a:f9:70:
d4:a6:58:9d:06:9b:96:d7:1a:c1:fb:0a:00:f4:11:71:af:a2:
47:c0:51:2e:02:18:a2:9c:28:99:e0:9a:8a:2e:39:29:da:ab:
04:31:10:3b:fb:12:a6:98:81:64:e3:5b:dd:74:d1:a3:d5:28:
d6:01:a3:8c:6d:a9:df:9c:cf:57:81:28:cd:83:be:a8:46:c5:
9c:c1:51:3c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUT+ef+SRVInYsMVjuViz6Bj+TOJowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNjA1MDUwOTQyMTFaFw0yNzA1MDQwOTQ3MTFaMDMxMTAvBgNV
BAMTKDFFQUY2NURBMTYyNkFDRUE0N0M5MDRERjg5ODQ4MzU4NzQ3MkM0MUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCm8VBC35gcbN6RzOMntewDHeaP
CO4mI9GwjRrwtkiDCp6GBcR80Bz3ANSbOtBzjsGaPFK60RqWQBivcKUtgiQM+WhT
yP6wIag+iAzs8pMM24OhTy3vUDG7Oo4Avulva4bfm/iYNYaBwD5kzTPLGiZ/lRrT
Lo1yZ+TdR+o+I/tWmrW1dCJQkL9rMly+BlMq4B8bEw0kQFeenwdqZIgM9HDdQwS3
GlBYoxksyX+j2+2KOZrrqn7K1svJkItccr6ci0h8X6nG2oji74hI5v0y5ld4v0mt
cebE4zXDlbb1VzPAi2A5ip+3iMhPHCdn9c6E3yL8JDaj1ZSCVvSQYEnOeLqLAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUHq9l2hYmrOpHyQTfiYSDWHRyxBswHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzUyZTMxMzgzMTJlMzEzODM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzMzODM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
BbW5MA0GCSqGSIb3DQEBCwUAA4IBAQBDw0WsTORv5rs7OPsVM2rbyfTSC0Y2Ycu4
TptpT/Y14SuhLDNDjCP28IGl9q7lHoyVvF+NUWb4fTH2o8yxsE/4YoEwrkFBTNQD
3qC9q2OwS1NZxtL6LnLQa+cOVuz/b6TrmU59uNCuWmMPCxpLscmut6DohoKIOXz+
pUYpHCRLuQElp7tQPgvGyJ0tVJEzzj+l7Z3ad++AdaJLNbMq+bN2+qrKZDQzkX8h
f9CiGfevmu56+XDUplidBpuW1xrB+woA9BFxr6JHwFEuAhiinCiZ4JqKLjkp2qsE
MRA7+xKmmIFk41vddNGj1SjWAaOMbanfnM9XgSjNg76oRsWcwVE8
-----END CERTIFICATE-----
Generated at Wed May 13 06:42:05 2026 by rpki-client