Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3138352e322e35302e302f32342d3234203d3e203632303832.roa
File: 3138352e322e35302e302f32342d3234203d3e203632303832.roa (raw, json)
Hash identifier: iWTNH7HFu3qX6yQvSB2dWbrepXMWTItPVH8yTFaEnVE=
Subject key identifier: 6C:3D:9F:54:0E:48:18:C3:3B:91:71:BD:3A:C6:A5:AB:0A:E3:9B:80
Certificate issuer: /CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Certificate serial: 2F5AA2E4D4B133513E75896AA2D7B9E0750A141B
Authority key identifier: A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3138352e322e35302e302f32342d3234203d3e203632303832.roa
Signing time: Mon 11 May 2026 06:30:50 +0000
ROA not before: Mon 11 May 2026 06:25:50 +0000
ROA not after: Mon 10 May 2027 06:30:50 +0000
asID: 62082
IP address blocks: 185.2.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.mft
rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 19:13:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:5a:a2:e4:d4:b1:33:51:3e:75:89:6a:a2:d7:b9:e0:75:0a:14:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Validity
Not Before: May 11 06:25:50 2026 GMT
Not After : May 10 06:30:50 2027 GMT
Subject: CN=6C3D9F540E4818C33B9171BD3AC6A5AB0AE39B80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a4:32:a6:a2:47:77:ed:95:66:c0:d5:af:75:
b3:cf:0a:f9:19:c2:70:3f:dc:3d:46:97:1e:e1:85:
8d:d9:b5:6f:df:b9:d7:9b:9c:b4:62:8f:36:47:27:
08:3b:23:fd:11:37:ea:62:79:32:8a:ef:8a:ba:aa:
96:45:37:f1:47:52:c1:60:f7:06:04:a9:48:c7:49:
c0:6f:25:c1:9a:09:74:a7:ca:b7:50:a9:24:80:dd:
a4:ba:6b:f2:31:04:18:74:36:62:3c:40:5f:99:86:
57:4c:61:b2:81:e0:9c:c3:81:1e:a6:61:34:14:8e:
32:50:25:5f:f5:14:7a:a7:99:c8:77:d4:2e:55:71:
b1:af:18:9a:88:92:d1:84:39:63:a7:a2:57:5c:6d:
78:20:f1:39:16:9a:0f:13:b4:e4:7a:a5:e7:dc:e3:
d5:4d:62:72:41:e5:3d:91:92:7b:6e:bf:09:3e:89:
47:94:0d:a4:da:be:f1:30:17:1a:cc:41:7d:b4:87:
a3:f1:7b:84:25:7a:ea:33:ca:a9:4d:c5:9f:75:29:
d1:e6:0e:03:57:5e:34:0a:cd:ce:9e:87:2a:84:27:
c6:5d:a5:58:40:c5:f5:5c:13:c5:7d:33:9f:f2:c2:
60:42:55:37:2f:72:8f:b5:5f:54:01:5d:bf:68:2b:
29:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:3D:9F:54:0E:48:18:C3:3B:91:71:BD:3A:C6:A5:AB:0A:E3:9B:80
X509v3 Authority Key Identifier:
keyid:A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3138352e322e35302e302f32342d3234203d3e203632303832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.50.0/24
Signature Algorithm: sha256WithRSAEncryption
88:43:1d:ea:97:d9:e4:57:1a:20:28:e6:73:41:38:8b:80:d7:
8f:86:03:72:37:4a:8d:1c:88:fb:1d:ad:ac:f0:0a:12:f2:f6:
9a:1a:12:df:19:4d:8d:58:13:91:c6:9e:bd:b5:00:ec:82:0a:
ad:5f:68:b4:b2:ea:3e:68:c3:7f:49:01:12:fb:31:94:ad:71:
61:3b:6a:1e:6c:71:9f:74:d4:f3:f5:3a:29:16:71:e4:95:39:
65:19:0f:ff:83:94:4c:58:cd:18:90:eb:34:ac:59:ce:5a:21:
22:1c:17:0c:45:36:05:60:bf:2a:15:d9:57:31:43:d1:6e:92:
9a:7d:d6:f6:ce:7f:94:b4:89:c5:dc:2d:2e:e2:e7:8a:5d:c2:
11:04:d9:97:f0:ec:65:91:f5:69:87:09:09:69:c2:cb:2e:74:
01:6c:23:05:77:8e:6f:a4:d8:eb:96:26:74:60:30:a1:9a:f3:
cc:83:50:5a:15:40:f9:0a:3d:22:56:0c:aa:a5:b0:a3:c6:93:
c6:8d:fc:4b:ea:8c:09:2f:9f:95:d0:3f:07:d6:31:cd:a3:58:
72:9e:1e:75:3f:72:27:08:5a:77:f1:e0:26:96:c8:e6:8c:c1:
b7:6d:2d:2b:61:dd:47:02:96:82:e5:15:d2:16:f6:2e:22:8a:
07:5c:f1:d4
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUL1qi5NSxM1E+dYlqote54HUKFBswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTI5ZWYyMWMxMzk3YWI0YjJmMDg3NzgzMDVhMzdmZmQx
Y2MyNWM0ZTAeFw0yNjA1MTEwNjI1NTBaFw0yNzA1MTAwNjMwNTBaMDMxMTAvBgNV
BAMTKDZDM0Q5RjU0MEU0ODE4QzMzQjkxNzFCRDNBQzZBNUFCMEFFMzlCODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCupDKmokd37ZVmwNWvdbPPCvkZ
wnA/3D1Glx7hhY3ZtW/fudebnLRijzZHJwg7I/0RN+pieTKK74q6qpZFN/FHUsFg
9wYEqUjHScBvJcGaCXSnyrdQqSSA3aS6a/IxBBh0NmI8QF+ZhldMYbKB4JzDgR6m
YTQUjjJQJV/1FHqnmch31C5VcbGvGJqIktGEOWOnoldcbXgg8TkWmg8TtOR6pefc
49VNYnJB5T2Rkntuvwk+iUeUDaTavvEwFxrMQX20h6Pxe4QleuozyqlNxZ91KdHm
DgNXXjQKzc6ehyqEJ8ZdpVhAxfVcE8V9M5/ywmBCVTcvco+1X1QBXb9oKyk3AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUbD2fVA5IGMM7kXG9Osalqwrjm4AwHwYDVR0j
BBgwFoAUop7yHBOXq0svCHeDBaN//RzCXE4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYtNzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1
NmI2LzIvQTI5RUYyMUMxMzk3QUI0QjJGMDg3NzgzMDVBMzdGRkQxQ0MyNUM0RS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL29wN3lIQk9YcTBzdkNIZURCYU5fX1J6
Q1hFNC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYt
NzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1NmI2LzIvMzEzODM1MmUzMjJlMzUzMDJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzIzMDM4MzIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC5AjIw
DQYJKoZIhvcNAQELBQADggEBAIhDHeqX2eRXGiAo5nNBOIuA14+GA3I3So0ciPsd
razwChLy9poaEt8ZTY1YE5HGnr21AOyCCq1faLSy6j5ow39JARL7MZStcWE7ah5s
cZ901PP1OikWceSVOWUZD/+DlExYzRiQ6zSsWc5aISIcFwxFNgVgvyoV2VcxQ9Fu
kpp91vbOf5S0icXcLS7i54pdwhEE2Zfw7GWR9WmHCQlpwssudAFsIwV3jm+k2OuW
JnRgMKGa88yDUFoVQPkKPSJWDKqlsKPGk8aN/EvqjAkvn5XQPwfWMc2jWHKeHnU/
cicIWnfx4CaWyOaMwbdtLSth3UcCloLlFdIW9i4iigdc8dQ=
-----END CERTIFICATE-----
Generated at Wed May 13 04:17:20 2026 by rpki-client