Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e3230352e3232322e302f32342d3234203d3e20383334.roa
File: 3138352e3230352e3232322e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: ajR+w+LkS8p3b2wN7BY7lvF3SB9FQ8Fr0JM3sfv9TmE=
Subject key identifier: 55:38:7A:E3:E9:75:D7:BF:5F:37:84:9E:6C:60:3B:9B:73:75:AE:77
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 511228CCC71F66938A3B6D321E6F2A79AE2C488F
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e3230352e3232322e302f32342d3234203d3e20383334.roa
Signing time: Fri 01 May 2026 12:00:07 +0000
ROA not before: Fri 01 May 2026 11:55:07 +0000
ROA not after: Fri 30 Apr 2027 12:00:07 +0000
asID: 834
IP address blocks: 185.205.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:12:28:cc:c7:1f:66:93:8a:3b:6d:32:1e:6f:2a:79:ae:2c:48:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: May 1 11:55:07 2026 GMT
Not After : Apr 30 12:00:07 2027 GMT
Subject: CN=55387AE3E975D7BF5F37849E6C603B9B7375AE77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:bf:86:c7:f3:aa:d8:28:17:3a:43:c6:b1:c2:
57:34:4c:6f:82:6a:18:d7:2a:aa:e1:10:29:25:bd:
7f:69:14:49:9d:9c:0c:fc:da:4c:30:cb:c3:58:92:
f4:31:21:12:a7:09:b2:21:93:4e:00:6d:f9:f6:bd:
07:a8:f9:ca:59:0d:1d:0d:82:fe:42:9f:13:44:4a:
1c:b4:29:2d:ca:af:26:3d:cd:cc:19:41:27:ba:a0:
3a:68:a6:6c:4c:4a:96:99:71:17:c5:9d:60:56:a3:
f2:f6:50:70:02:97:9e:07:d5:3f:67:ea:21:d9:44:
ad:25:bf:6a:44:af:39:49:62:2f:a3:ba:27:77:27:
90:2e:31:29:51:9d:dd:c3:fe:69:e7:3e:6d:b3:a7:
a7:d2:54:9b:d9:61:a8:30:4a:c7:c1:b8:ac:d7:cb:
e6:2d:4b:c2:00:7d:d5:ea:0a:5b:de:33:1d:47:71:
2c:54:42:40:b1:13:43:3a:ce:2f:3a:80:6a:47:99:
34:8e:af:89:b0:01:7c:7b:be:62:3e:60:57:8d:9d:
41:65:91:2b:7b:48:52:7e:de:4a:49:e4:5b:c8:a3:
14:10:d3:40:de:d9:11:0b:a3:2f:6e:de:02:03:0f:
0c:f5:1e:8c:f8:6f:05:d0:ef:35:7a:63:2b:60:8a:
67:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:38:7A:E3:E9:75:D7:BF:5F:37:84:9E:6C:60:3B:9B:73:75:AE:77
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e3230352e3232322e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.205.222.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:6c:f8:f8:29:30:c1:c3:7c:52:7c:63:65:79:8f:29:0a:80:
d6:22:9e:96:f9:9d:e8:3f:1f:d0:f4:2c:9f:fb:0c:75:4f:fc:
e6:02:f1:02:62:96:d5:8c:47:9d:27:a9:a4:99:55:51:14:a8:
c0:c5:28:7c:47:45:a8:a3:8a:0c:ab:57:10:8b:37:5e:7a:1a:
98:86:8c:b9:e8:da:35:20:f3:b4:45:b5:6a:73:69:5b:81:f8:
7d:16:9a:5b:ba:66:29:39:0e:cf:95:b8:b8:6f:a7:ef:f8:b1:
d0:97:dd:a6:13:fa:df:67:a5:d5:c0:dc:cf:95:56:f6:2d:aa:
a2:9f:c3:03:34:1a:49:38:e5:3b:a5:bd:b3:6d:19:bf:4f:2e:
37:55:13:b0:16:7f:7f:b7:c8:86:2a:be:a1:71:5d:36:15:bf:
66:3e:b1:51:48:2e:56:e0:b1:aa:c0:ea:fa:b5:4a:ee:d0:4e:
7a:23:b1:1a:d0:6c:24:31:f3:9c:e7:dc:0d:96:b7:47:9c:f2:
4f:11:48:09:f8:ee:a0:d0:3f:05:5f:35:24:75:d7:90:ca:a2:
af:3b:a8:a7:f3:03:f5:b6:7f:de:90:cf:e3:23:a9:c8:0f:b2:
2a:c6:ff:5e:ac:71:f1:67:a6:1f:e3:bc:64:59:bf:b5:57:3f:
18:e0:e5:3c
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUURIozMcfZpOKO20yHm8qea4sSI8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNjA1MDExMTU1MDdaFw0yNzA0MzAxMjAwMDdaMDMxMTAvBgNV
BAMTKDU1Mzg3QUUzRTk3NUQ3QkY1RjM3ODQ5RTZDNjAzQjlCNzM3NUFFNzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4v4bH86rYKBc6Q8axwlc0TG+C
ahjXKqrhECklvX9pFEmdnAz82kwwy8NYkvQxIRKnCbIhk04Abfn2vQeo+cpZDR0N
gv5CnxNEShy0KS3KryY9zcwZQSe6oDpopmxMSpaZcRfFnWBWo/L2UHACl54H1T9n
6iHZRK0lv2pErzlJYi+juid3J5AuMSlRnd3D/mnnPm2zp6fSVJvZYagwSsfBuKzX
y+YtS8IAfdXqClveMx1HcSxUQkCxE0M6zi86gGpHmTSOr4mwAXx7vmI+YFeNnUFl
kSt7SFJ+3kpJ5FvIoxQQ00De2RELoy9u3gIDDwz1Hoz4bwXQ7zV6YytgimfZAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUVTh64+l1179fN4SebGA7m3N1rncwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzODM1MmUzMjMwMzUyZTMy
MzIzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnN
3jANBgkqhkiG9w0BAQsFAAOCAQEAOmz4+CkwwcN8UnxjZXmPKQqA1iKelvmd6D8f
0PQsn/sMdU/85gLxAmKW1YxHnSeppJlVURSowMUofEdFqKOKDKtXEIs3XnoamIaM
uejaNSDztEW1anNpW4H4fRaaW7pmKTkOz5W4uG+n7/ix0JfdphP632el1cDcz5VW
9i2qop/DAzQaSTjlO6W9s20Zv08uN1UTsBZ/f7fIhiq+oXFdNhW/Zj6xUUguVuCx
qsDq+rVK7tBOeiOxGtBsJDHznOfcDZa3R5zyTxFICfjuoNA/BV81JHXXkMqirzuo
p/MD9bZ/3pDP4yOpyA+yKsb/Xqxx8WemH+O8ZFm/tVc/GODlPA==
-----END CERTIFICATE-----
Generated at Wed May 13 01:27:37 2026 by rpki-client