Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/3138352e3231302e3136392e302f32342d3234203d3e20333936333536.roa
File: 3138352e3231302e3136392e302f32342d3234203d3e20333936333536.roa (raw, json)
Hash identifier: Bi5+EQy7UJgrNe3LUpRa23W0K4fnlH6JBDjke5iQM0k=
Subject key identifier: 5B:9F:D0:8D:1C:D5:F5:AD:A1:93:EF:FE:64:8B:BB:0F:4A:5A:9A:93
Certificate issuer: /CN=22bfd4e021547d030ac10b0213535d4c6968eede
Certificate serial: 372E22D717872C7797273CB4607AC833BDC3EF0F
Authority key identifier: 22:BF:D4:E0:21:54:7D:03:0A:C1:0B:02:13:53:5D:4C:69:68:EE:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/3138352e3231302e3136392e302f32342d3234203d3e20333936333536.roa
Signing time: Mon 23 Mar 2026 17:39:14 +0000
ROA not before: Mon 23 Mar 2026 17:34:14 +0000
ROA not after: Mon 22 Mar 2027 17:39:14 +0000
asID: 396356
IP address blocks: 185.210.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.crl
rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 19:57:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:2e:22:d7:17:87:2c:77:97:27:3c:b4:60:7a:c8:33:bd:c3:ef:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22bfd4e021547d030ac10b0213535d4c6968eede
Validity
Not Before: Mar 23 17:34:14 2026 GMT
Not After : Mar 22 17:39:14 2027 GMT
Subject: CN=5B9FD08D1CD5F5ADA193EFFE648BBB0F4A5A9A93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:48:ac:b3:80:b2:5f:cd:28:ba:4b:14:c4:f4:
ba:c1:36:65:78:d1:52:0d:ff:08:7d:fd:ca:55:14:
43:9e:64:b9:20:c4:08:75:08:98:f2:bf:1c:df:97:
ad:e8:09:71:fc:05:43:bc:52:0a:2a:95:2b:50:4c:
e8:0d:d5:a7:20:4f:f7:bf:e0:b9:11:da:a6:d7:83:
e7:c5:86:4d:19:0d:67:fa:f2:b4:58:ba:a8:3b:54:
6c:fa:a0:ee:ce:29:15:c3:7d:f0:ea:a9:6c:6b:16:
bf:da:5e:79:b4:81:4a:67:86:a9:da:9f:c3:de:e6:
82:d2:fc:8f:f9:63:ea:ed:f6:25:81:34:be:35:93:
49:58:fe:e2:84:66:8a:ff:88:8a:aa:4c:b9:68:b8:
f8:c3:f5:65:6a:41:29:01:8f:b0:00:a3:d3:46:76:
ac:7b:4c:b7:86:25:55:aa:21:b4:69:2f:97:43:ab:
75:5e:e7:9f:be:1b:46:06:b5:7a:94:90:1e:13:e4:
29:88:dc:36:63:4d:72:53:52:29:08:b7:e5:5a:b8:
2b:08:f7:0d:7d:a7:7e:65:72:a3:d2:8e:3f:96:e7:
f8:39:22:2d:90:13:d9:2b:3d:a1:83:0c:32:fd:65:
db:e1:7d:c4:9b:74:ff:f3:7e:10:39:f0:56:c3:37:
50:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:9F:D0:8D:1C:D5:F5:AD:A1:93:EF:FE:64:8B:BB:0F:4A:5A:9A:93
X509v3 Authority Key Identifier:
keyid:22:BF:D4:E0:21:54:7D:03:0A:C1:0B:02:13:53:5D:4C:69:68:EE:DE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/3138352e3231302e3136392e302f32342d3234203d3e20333936333536.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.169.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:a2:2e:e3:da:36:6d:ea:37:27:b8:bb:23:3d:9f:50:aa:b4:
73:90:8e:ee:c7:18:92:59:5d:53:a3:24:89:22:ff:27:1b:05:
cf:c0:64:8f:22:1c:47:03:fa:1f:94:7c:87:3e:4c:15:df:1a:
59:e1:28:17:e8:d9:5e:9c:5a:89:79:00:dd:27:6e:09:1d:30:
2d:e8:e3:22:ad:dd:40:18:eb:f7:f8:7a:14:a3:99:72:8d:97:
b9:75:9e:c3:90:c1:b3:47:32:87:cb:b0:4b:6d:70:55:7e:f2:
b5:51:5c:61:98:2b:80:69:97:c3:01:33:a1:2c:aa:f2:ec:bf:
92:ab:93:11:60:b9:33:ff:92:12:75:8e:59:f0:ed:c6:38:07:
0f:ed:44:98:6a:b2:95:65:bd:96:9c:fa:1a:1e:05:02:16:94:
66:17:76:3a:d8:f3:96:f9:ac:e7:e8:23:2b:5c:ef:d4:60:74:
c2:a1:4f:ea:6d:4c:7f:2f:f9:33:49:80:c4:f0:29:7a:08:73:
cf:19:9b:17:8a:b1:ee:df:c3:6f:e3:4f:50:7e:a2:16:74:fe:
77:fd:c5:26:1a:a4:17:d1:88:1a:bc:25:e0:ef:96:a3:86:75:
86:98:da:8d:fa:28:15:5f:fe:60:f9:dd:9c:72:c9:d6:18:9b:
f7:42:db:71
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUNy4i1xeHLHeXJzy0YHrIM73D7w8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjJiZmQ0ZTAyMTU0N2QwMzBhYzEwYjAyMTM1MzVkNGM2
OTY4ZWVkZTAeFw0yNjAzMjMxNzM0MTRaFw0yNzAzMjIxNzM5MTRaMDMxMTAvBgNV
BAMTKDVCOUZEMDhEMUNENUY1QURBMTkzRUZGRTY0OEJCQjBGNEE1QTlBOTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7SKyzgLJfzSi6SxTE9LrBNmV4
0VIN/wh9/cpVFEOeZLkgxAh1CJjyvxzfl63oCXH8BUO8UgoqlStQTOgN1acgT/e/
4LkR2qbXg+fFhk0ZDWf68rRYuqg7VGz6oO7OKRXDffDqqWxrFr/aXnm0gUpnhqna
n8Pe5oLS/I/5Y+rt9iWBNL41k0lY/uKEZor/iIqqTLlouPjD9WVqQSkBj7AAo9NG
dqx7TLeGJVWqIbRpL5dDq3Ve55++G0YGtXqUkB4T5CmI3DZjTXJTUikIt+VauCsI
9w19p35lcqPSjj+W5/g5Ii2QE9krPaGDDDL9ZdvhfcSbdP/zfhA58FbDN1CnAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUW5/QjRzV9a2hk+/+ZIu7D0pampMwHwYDVR0j
BBgwFoAUIr/U4CFUfQMKwQsCE1NdTGlo7t4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNhYWNkMTctYmY5ZC00N2RiLTg2NGQtZjljN2MyYmUx
ODNhLzAvMjJCRkQ0RTAyMTU0N0QwMzBBQzEwQjAyMTM1MzVENEM2OTY4RUVERS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lyX1U0Q0ZVZlFNS3dRc0NFMU5kVEds
bzd0NC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjNhYWNkMTct
YmY5ZC00N2RiLTg2NGQtZjljN2MyYmUxODNhLzAvMzEzODM1MmUzMjMxMzAyZTMx
MzYzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzkzNjMzMzUzNi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnSqTANBgkqhkiG9w0BAQsFAAOCAQEALaIu49o2beo3J7i7Iz2fUKq0c5CO
7scYklldU6MkiSL/JxsFz8BkjyIcRwP6H5R8hz5MFd8aWeEoF+jZXpxaiXkA3Sdu
CR0wLejjIq3dQBjr9/h6FKOZco2XuXWew5DBs0cyh8uwS21wVX7ytVFcYZgrgGmX
wwEzoSyq8uy/kquTEWC5M/+SEnWOWfDtxjgHD+1EmGqylWW9lpz6Gh4FAhaUZhd2
Otjzlvms5+gjK1zv1GB0wqFP6m1Mfy/5M0mAxPApeghzzxmbF4qx7t/Db+NPUH6i
FnT+d/3FJhqkF9GIGrwl4O+Wo4Z1hpjajfooFV/+YPndnHLJ1hib90LbcQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:46:36 2026 by rpki-client