Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3138352e32392e3136352e302f32342d3234203d3e20313335343032.roa
File: 3138352e32392e3136352e302f32342d3234203d3e20313335343032.roa (raw, json)
Hash identifier: BjCR3qPl6GbToLBSXX6jX/MCvZ+F0S2AnPUgTWJAHVk=
Subject key identifier: 0F:D6:04:72:9D:CF:E1:5A:E3:8C:07:C9:3B:83:8D:66:F2:AB:C7:6D
Certificate issuer: /CN=048af665bf8b186b70220759d26c578f40b5f3e3
Certificate serial: 3009BE9273BA4BB6C9F072507C0E99F17AD09187
Authority key identifier: 04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3138352e32392e3136352e302f32342d3234203d3e20313335343032.roa
Signing time: Wed 06 May 2026 13:47:11 +0000
ROA not before: Wed 06 May 2026 13:42:11 +0000
ROA not after: Wed 05 May 2027 13:47:11 +0000
asID: 135402
IP address blocks: 185.29.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.mft
rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 03:32:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:09:be:92:73:ba:4b:b6:c9:f0:72:50:7c:0e:99:f1:7a:d0:91:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048af665bf8b186b70220759d26c578f40b5f3e3
Validity
Not Before: May 6 13:42:11 2026 GMT
Not After : May 5 13:47:11 2027 GMT
Subject: CN=0FD604729DCFE15AE38C07C93B838D66F2ABC76D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c7:45:49:d0:37:75:5a:8f:7e:ae:9d:a8:f4:
e3:d8:b8:6c:48:2d:00:e7:87:fd:2b:b5:bb:0e:a4:
51:a5:ee:ce:71:f3:ac:ab:32:3f:03:84:5a:37:82:
18:98:b4:f4:30:31:3b:fa:a8:35:98:5b:1f:ac:08:
ea:54:50:3e:1c:08:5e:3c:54:b3:4d:42:11:93:fa:
a4:03:93:d6:af:7c:a9:39:51:20:03:11:79:ea:42:
3a:81:3a:c0:78:04:e4:60:58:90:6d:92:8a:c6:f3:
30:e6:85:1a:ce:d3:b5:62:2e:51:05:30:c8:81:fb:
63:0f:b4:b6:e7:48:29:2e:7c:f0:3e:9a:30:14:e0:
d1:c9:f8:ea:aa:19:bd:ba:9a:c6:9a:52:a9:59:f4:
43:d7:96:ec:07:1b:39:ec:c3:08:40:ed:7d:75:c6:
0b:61:3c:02:89:cf:03:00:78:2a:68:e0:00:1c:60:
09:19:35:52:06:11:fc:e6:0e:ce:93:67:48:a9:73:
b1:6d:68:66:a6:dc:c7:cc:2b:ca:06:64:a0:1d:f9:
ea:78:4f:65:0b:df:6d:a5:37:cb:71:08:6e:4f:17:
84:2b:a3:a0:7c:bf:3c:91:de:05:54:f0:a5:74:bd:
31:4f:e7:1a:81:04:b4:53:d5:69:ca:33:e1:1e:b1:
7d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:D6:04:72:9D:CF:E1:5A:E3:8C:07:C9:3B:83:8D:66:F2:AB:C7:6D
X509v3 Authority Key Identifier:
keyid:04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3138352e32392e3136352e302f32342d3234203d3e20313335343032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.29.165.0/24
Signature Algorithm: sha256WithRSAEncryption
17:56:17:f5:b9:3b:14:4e:8f:3d:1c:fa:4b:bf:db:9c:2b:1a:
08:76:6c:98:f9:8f:d2:8e:6b:5e:5b:bd:2f:cc:36:18:a0:6b:
df:16:46:91:5a:81:59:a5:37:3a:f4:35:bd:13:58:0a:6b:94:
b5:2b:74:f2:34:28:0c:d4:e1:5b:b0:06:05:c9:b5:14:b3:8f:
f7:e9:8e:95:cf:47:e6:5b:de:d7:9e:03:15:72:26:7d:22:fd:
33:c3:22:c0:4d:96:ae:3d:f6:6e:f7:31:00:17:09:db:7d:c2:
98:0e:6d:88:35:ff:83:14:8d:03:4e:dc:46:19:3a:b0:85:7c:
1f:38:50:60:fa:60:8d:37:a5:fd:6b:04:bb:dd:81:8b:1b:b3:
e4:8a:39:0b:48:a8:16:17:c8:93:11:e6:7a:c2:8b:50:e1:15:
83:4b:b6:af:59:27:93:11:03:ea:8d:48:fd:8b:22:ac:2d:c9:
c3:3c:27:52:a8:b0:80:75:19:ce:b4:d8:a7:90:73:dd:d6:88:
0b:44:e3:05:99:1e:4a:fc:bf:54:b4:6b:c8:73:81:84:0f:e0:
b1:dc:f1:58:21:b9:54:a3:14:8c:3c:b2:81:55:ca:55:85:af:
41:6b:2a:55:17:c5:5b:cd:ab:93:12:0b:7b:de:5c:60:7a:a5:
8d:9e:91:e1
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMAm+knO6S7bJ8HJQfA6Z8XrQkYcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDQ4YWY2NjViZjhiMTg2YjcwMjIwNzU5ZDI2YzU3OGY0
MGI1ZjNlMzAeFw0yNjA1MDYxMzQyMTFaFw0yNzA1MDUxMzQ3MTFaMDMxMTAvBgNV
BAMTKDBGRDYwNDcyOURDRkUxNUFFMzhDMDdDOTNCODM4RDY2RjJBQkM3NkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqx0VJ0Dd1Wo9+rp2o9OPYuGxI
LQDnh/0rtbsOpFGl7s5x86yrMj8DhFo3ghiYtPQwMTv6qDWYWx+sCOpUUD4cCF48
VLNNQhGT+qQDk9avfKk5USADEXnqQjqBOsB4BORgWJBtkorG8zDmhRrO07ViLlEF
MMiB+2MPtLbnSCkufPA+mjAU4NHJ+OqqGb26msaaUqlZ9EPXluwHGznswwhA7X11
xgthPAKJzwMAeCpo4AAcYAkZNVIGEfzmDs6TZ0ipc7FtaGam3MfMK8oGZKAd+ep4
T2UL322lN8txCG5PF4Qro6B8vzyR3gVU8KV0vTFP5xqBBLRT1WnKM+EesX0zAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUD9YEcp3P4VrjjAfJO4ONZvKrx20wHwYDVR0j
BBgwFoAUBIr2Zb+LGGtwIgdZ0mxXj0C18+MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODJhOWJmNWItMzljMS00MDUwLWIwNzMtNDgwNzViODYx
ZDg3LzAvMDQ4QUY2NjVCRjhCMTg2QjcwMjIwNzU5RDI2QzU3OEY0MEI1RjNFMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0JJcjJaYi1MR0d0d0lnZFowbXhYajBD
MTgtTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODJhOWJmNWIt
MzljMS00MDUwLWIwNzMtNDgwNzViODYxZDg3LzAvMzEzODM1MmUzMjM5MmUzMTM2
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzUzNDMwMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5HaUwDQYJKoZIhvcNAQELBQADggEBABdWF/W5OxROjz0c+ku/25wrGgh2bJj5
j9KOa15bvS/MNhiga98WRpFagVmlNzr0Nb0TWAprlLUrdPI0KAzU4VuwBgXJtRSz
j/fpjpXPR+Zb3teeAxVyJn0i/TPDIsBNlq499m73MQAXCdt9wpgObYg1/4MUjQNO
3EYZOrCFfB84UGD6YI03pf1rBLvdgYsbs+SKOQtIqBYXyJMR5nrCi1DhFYNLtq9Z
J5MRA+qNSP2LIqwtycM8J1KosIB1Gc602KeQc93WiAtE4wWZHkr8v1S0a8hzgYQP
4LHc8VghuVSjFIw8soFVylWFr0FrKlUXxVvNq5MSC3veXGB6pY2ekeE=
-----END CERTIFICATE-----
Generated at Wed May 13 11:33:51 2026 by rpki-client