Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/3138352e34342e38302e302f32342d3234203d3e203339343231.roa
File: 3138352e34342e38302e302f32342d3234203d3e203339343231.roa (raw, json)
Hash identifier: ui7QKYg+guZI+bYNZAwG90lgCWvZCxM3MQfixRLuV8o=
Subject key identifier: 48:4D:CB:57:29:7B:35:22:4E:95:4F:E6:C2:92:0E:F4:EC:98:CB:01
Certificate issuer: /CN=fac4708d7e265db1044f9bb0ee8728587f48b484
Certificate serial: 550FD2347DC31BDE571B289E71C2113A0DA9DAC7
Authority key identifier: FA:C4:70:8D:7E:26:5D:B1:04:4F:9B:B0:EE:87:28:58:7F:48:B4:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/3138352e34342e38302e302f32342d3234203d3e203339343231.roa
Signing time: Wed 06 May 2026 22:13:48 +0000
ROA not before: Wed 06 May 2026 22:08:48 +0000
ROA not after: Wed 05 May 2027 22:13:48 +0000
asID: 39421
IP address blocks: 185.44.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.crl
rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 11:25:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:0f:d2:34:7d:c3:1b:de:57:1b:28:9e:71:c2:11:3a:0d:a9:da:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fac4708d7e265db1044f9bb0ee8728587f48b484
Validity
Not Before: May 6 22:08:48 2026 GMT
Not After : May 5 22:13:48 2027 GMT
Subject: CN=484DCB57297B35224E954FE6C2920EF4EC98CB01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:fb:fb:74:b0:5f:4d:f9:6d:68:03:80:2a:5a:
d1:97:3e:e2:0d:51:45:d7:f3:20:bd:2a:f6:64:c6:
f4:81:39:db:81:0b:84:94:33:d7:39:20:40:ed:d8:
7f:98:a5:64:9a:ce:02:09:bc:a7:fc:89:46:ee:b9:
24:a4:75:ba:b5:d1:e6:3d:47:4f:fb:15:cb:43:a6:
42:76:16:c0:b2:d2:7b:ca:ab:e3:a7:42:e1:5b:4c:
dc:f0:6e:84:2d:19:7f:f2:eb:9d:d3:92:37:cc:aa:
7a:d3:97:36:16:f7:6d:8c:70:43:3a:c4:ed:00:34:
8d:63:33:d5:40:a9:fb:c2:3f:bc:15:d0:df:29:36:
7d:ee:08:41:38:a7:35:3c:bd:cd:cf:e9:ec:55:06:
9b:18:ab:8a:c4:5a:1b:d2:be:76:4c:cc:eb:e4:56:
f9:bd:d5:53:b6:fa:68:6c:2d:c7:33:50:2f:d6:54:
3a:c4:3a:a5:55:97:10:9b:47:b3:d3:f7:85:8b:55:
eb:06:13:8d:1a:68:25:86:8d:46:41:8f:a5:86:a2:
4c:a9:39:d9:bb:bf:78:fa:82:23:cc:12:ba:a6:9d:
be:11:82:f2:7d:18:98:d1:e7:89:e7:be:95:72:e2:
74:c6:7e:2e:71:e8:09:e7:a8:e0:f7:fe:54:45:bd:
99:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:4D:CB:57:29:7B:35:22:4E:95:4F:E6:C2:92:0E:F4:EC:98:CB:01
X509v3 Authority Key Identifier:
keyid:FA:C4:70:8D:7E:26:5D:B1:04:4F:9B:B0:EE:87:28:58:7F:48:B4:84
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/3138352e34342e38302e302f32342d3234203d3e203339343231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.44.80.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:1d:46:12:64:ac:42:62:47:b8:e5:90:93:49:ac:f5:c9:6b:
84:18:95:7e:b7:34:d6:41:5f:43:a5:f2:6b:83:e1:1c:88:23:
af:e1:50:55:cb:55:5a:59:df:7f:08:35:59:35:e1:ec:7f:dd:
c3:fb:cb:05:2e:0f:48:20:16:f3:93:8e:75:95:d5:66:f2:4a:
b5:3f:f2:c6:21:fd:01:a8:96:ce:37:36:f5:a6:9b:18:8b:c5:
72:4e:e4:67:72:75:21:b6:3a:8c:19:9a:f5:eb:e7:ff:be:31:
d5:2c:4c:53:f1:38:d2:3e:d3:bd:75:53:a9:a4:83:eb:b4:d4:
b9:a2:e1:d0:52:49:ea:84:b7:2b:f2:11:74:38:b1:e5:5d:fe:
e8:2c:ba:24:09:59:4d:32:35:d3:91:47:53:33:16:e9:ad:72:
8b:a3:9d:43:90:a6:ba:83:56:c2:61:cf:b7:16:d5:1b:d6:0d:
be:0b:f9:3c:13:1c:95:70:a4:8b:4c:a4:fc:c6:06:34:91:0a:
da:9c:b1:d0:c1:e1:47:23:2d:dc:f3:07:2c:17:3d:f3:4b:27:
bf:68:05:ba:22:4c:42:8a:e1:78:97:08:ca:3e:cf:56:21:42:
53:9a:bd:27:24:81:9f:b2:06:bd:15:61:13:aa:3e:9a:5f:54:
c9:f6:8a:09
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUVQ/SNH3DG95XGyieccIROg2p2scwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmFjNDcwOGQ3ZTI2NWRiMTA0NGY5YmIwZWU4NzI4NTg3
ZjQ4YjQ4NDAeFw0yNjA1MDYyMjA4NDhaFw0yNzA1MDUyMjEzNDhaMDMxMTAvBgNV
BAMTKDQ4NERDQjU3Mjk3QjM1MjI0RTk1NEZFNkMyOTIwRUY0RUM5OENCMDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCd+/t0sF9N+W1oA4AqWtGXPuIN
UUXX8yC9KvZkxvSBOduBC4SUM9c5IEDt2H+YpWSazgIJvKf8iUbuuSSkdbq10eY9
R0/7FctDpkJ2FsCy0nvKq+OnQuFbTNzwboQtGX/y653TkjfMqnrTlzYW922McEM6
xO0ANI1jM9VAqfvCP7wV0N8pNn3uCEE4pzU8vc3P6exVBpsYq4rEWhvSvnZMzOvk
Vvm91VO2+mhsLcczUC/WVDrEOqVVlxCbR7PT94WLVesGE40aaCWGjUZBj6WGokyp
Odm7v3j6giPMErqmnb4RgvJ9GJjR54nnvpVy4nTGfi5x6AnnqOD3/lRFvZlDAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUSE3LVyl7NSJOlU/mwpIO9OyYywEwHwYDVR0j
BBgwFoAU+sRwjX4mXbEET5uw7ocoWH9ItIQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNWI1OGU2NDYtZTdhMi00NjVjLTg3YzUtNDNjMzU5YWQ5
MzY5LzAvRkFDNDcwOEQ3RTI2NURCMTA0NEY5QkIwRUU4NzI4NTg3RjQ4QjQ4NC5j
cmwwZQYIKwYBBQUHAQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEtc1J3alg0bVhiRUVUNXV3N29jb1dI
OUl0SVEuY2VyMIGrBggrBgEFBQcBCwSBnjCBmzCBmAYIKwYBBQUHMAuGgYtyc3lu
YzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzViNThlNjQ2
LWU3YTItNDY1Yy04N2M1LTQzYzM1OWFkOTM2OS8wLzMxMzgzNTJlMzQzNDJlMzgz
MDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzkzNDMyMzEucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC5
LFAwDQYJKoZIhvcNAQELBQADggEBAKkdRhJkrEJiR7jlkJNJrPXJa4QYlX63NNZB
X0Ol8muD4RyII6/hUFXLVVpZ338INVk14ex/3cP7ywUuD0ggFvOTjnWV1WbySrU/
8sYh/QGols43NvWmmxiLxXJO5GdydSG2OowZmvXr5/++MdUsTFPxONI+0711U6mk
g+u01Lmi4dBSSeqEtyvyEXQ4seVd/ugsuiQJWU0yNdORR1MzFumtcoujnUOQprqD
VsJhz7cW1RvWDb4L+TwTHJVwpItMpPzGBjSRCtqcsdDB4UcjLdzzBywXPfNLJ79o
BboiTEKK4XiXCMo+z1YhQlOavSckgZ+yBr0VYROqPppfVMn2igk=
-----END CERTIFICATE-----
Generated at Wed May 13 03:54:18 2026 by rpki-client