Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e3232322e3138362e302f32332d3234203d3e20333939393535.roa
File: 3138352e3232322e3138362e302f32332d3234203d3e20333939393535.roa (raw, json)
Hash identifier: NAyHNmLLlPJGEljC9NAb1PZK24dYLEXTmYndpdGqBUo=
Subject key identifier: 43:20:CC:B2:57:90:E6:7C:DA:83:C1:E5:7C:7F:3B:31:5D:70:E7:49
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 7D001C03E2FF72EB1E90A6F6B18AF72A91E7883C
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e3232322e3138362e302f32332d3234203d3e20333939393535.roa
Signing time: Thu 23 Apr 2026 23:20:15 +0000
ROA not before: Thu 23 Apr 2026 23:15:15 +0000
ROA not after: Thu 22 Apr 2027 23:20:15 +0000
asID: 399955
IP address blocks: 185.222.186.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:00:1c:03:e2:ff:72:eb:1e:90:a6:f6:b1:8a:f7:2a:91:e7:88:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Apr 23 23:15:15 2026 GMT
Not After : Apr 22 23:20:15 2027 GMT
Subject: CN=4320CCB25790E67CDA83C1E57C7F3B315D70E749
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:47:76:70:be:f3:59:33:a0:1d:71:4e:47:19:
ab:62:cc:9d:25:2b:9d:0e:8c:4b:54:40:f2:d8:62:
29:f1:cb:21:2c:d0:9b:17:5c:65:03:ce:71:fc:4e:
39:5f:b1:da:16:44:30:40:57:69:be:1f:4a:e2:d5:
cf:bd:c3:1e:1d:92:4b:52:7e:ac:a1:92:d0:75:e8:
d6:93:59:3c:0c:4a:05:0c:17:5b:b0:e2:c5:ae:cb:
98:be:cf:4b:26:0b:25:43:40:91:11:30:12:c4:3b:
5f:98:72:02:7a:14:c6:a0:c6:e1:33:f4:a1:21:d7:
6a:83:c9:4d:c6:c2:53:f9:fd:c8:80:85:f0:af:af:
3c:5b:10:58:81:6d:01:28:1c:57:bc:dd:cd:d1:1e:
7a:10:0f:ea:59:32:c0:ac:bd:3d:75:48:c8:5d:d5:
3c:e5:f0:62:3e:67:96:33:59:c5:a9:8d:bf:74:2b:
20:cd:ed:e5:eb:ee:dd:87:6b:f3:b7:6b:37:83:0a:
b0:66:80:74:bd:ff:ba:d4:e8:36:e3:c8:65:40:8e:
69:bf:76:13:2a:ad:09:dd:90:27:40:eb:16:fe:4e:
59:6d:9e:fe:35:ea:ca:c9:ef:60:38:88:fa:cd:20:
ce:7a:8a:6a:d5:17:1c:a9:86:f3:f2:0c:d1:69:ea:
45:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:20:CC:B2:57:90:E6:7C:DA:83:C1:E5:7C:7F:3B:31:5D:70:E7:49
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e3232322e3138362e302f32332d3234203d3e20333939393535.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.186.0/23
Signature Algorithm: sha256WithRSAEncryption
98:44:dd:d8:37:6d:5a:86:11:a4:5b:dc:55:f4:2c:41:5a:48:
f3:77:ae:f5:92:90:32:46:0f:79:72:17:f4:ee:1f:e1:1d:f9:
54:4a:57:c4:9a:01:f8:56:e7:3d:32:ed:31:18:ed:ff:47:24:
3d:5c:fc:00:ee:86:ed:59:16:7c:b5:da:f6:b1:2f:7d:22:5b:
98:5f:fd:a4:bf:c0:f1:1a:f5:94:3e:03:95:60:b1:4a:e2:43:
cf:73:1f:ab:83:57:d6:56:9b:57:6f:b9:aa:8f:3d:1b:a0:fc:
09:42:9d:32:17:fb:e9:a1:7c:f7:90:77:b7:fe:29:35:95:0a:
0a:31:cc:a7:10:d7:c3:cf:28:bb:7e:7e:09:d2:1f:82:15:5b:
b9:59:93:11:ee:4c:12:da:0f:f8:03:81:a7:dd:ec:3a:47:27:
53:0c:38:65:e2:55:3c:a9:63:69:ff:43:24:94:03:cb:87:27:
b0:cb:2e:a5:1e:ce:ef:a7:ab:b2:d0:f2:0f:02:ef:e1:0a:bf:
72:7d:de:0c:27:ab:ac:e1:3f:ed:e3:90:b9:6c:56:79:15:9b:
4b:b2:8a:50:4e:74:2c:92:c5:63:3a:4a:dc:b9:b1:b8:e5:20:
c3:cd:44:04:8a:81:4d:43:01:d0:c2:4d:18:c9:82:12:37:ae:
7f:51:4c:7d
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUfQAcA+L/cusekKb2sYr3KpHniDwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNjA0MjMyMzE1MTVaFw0yNzA0MjIyMzIwMTVaMDMxMTAvBgNV
BAMTKDQzMjBDQ0IyNTc5MEU2N0NEQTgzQzFFNTdDN0YzQjMxNUQ3MEU3NDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZR3ZwvvNZM6AdcU5HGatizJ0l
K50OjEtUQPLYYinxyyEs0JsXXGUDznH8TjlfsdoWRDBAV2m+H0ri1c+9wx4dkktS
fqyhktB16NaTWTwMSgUMF1uw4sWuy5i+z0smCyVDQJERMBLEO1+YcgJ6FMagxuEz
9KEh12qDyU3GwlP5/ciAhfCvrzxbEFiBbQEoHFe83c3RHnoQD+pZMsCsvT11SMhd
1Tzl8GI+Z5YzWcWpjb90KyDN7eXr7t2Ha/O3azeDCrBmgHS9/7rU6DbjyGVAjmm/
dhMqrQndkCdA6xb+Tlltnv416srJ72A4iPrNIM56imrVFxyphvPyDNFp6kWfAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUQyDMsleQ5nzag8HlfH87MV1w50kwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzODM1MmUzMjMyMzIyZTMx
MzgzNjJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDMzMzkzOTM5MzUzNS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAbneujANBgkqhkiG9w0BAQsFAAOCAQEAmETd2DdtWoYRpFvcVfQsQVpI83eu
9ZKQMkYPeXIX9O4f4R35VEpXxJoB+FbnPTLtMRjt/0ckPVz8AO6G7VkWfLXa9rEv
fSJbmF/9pL/A8Rr1lD4DlWCxSuJDz3Mfq4NX1labV2+5qo89G6D8CUKdMhf76aF8
95B3t/4pNZUKCjHMpxDXw88ou35+CdIfghVbuVmTEe5MEtoP+AOBp93sOkcnUww4
ZeJVPKljaf9DJJQDy4cnsMsupR7O76erstDyDwLv4Qq/cn3eDCerrOE/7eOQuWxW
eRWbS7KKUE50LJLFYzpK3LmxuOUgw81EBIqBTUMB0MJNGMmCEjeuf1FMfQ==
-----END CERTIFICATE-----
Generated at Wed May 13 03:55:11 2026 by rpki-client