Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3138352e31332e3232342e302f32342d3234203d3e20313337323335.roa
File: 3138352e31332e3232342e302f32342d3234203d3e20313337323335.roa (raw, json)
Hash identifier: jnZiGfbEu8z6NlJ5TJoew5fxaWLyymqCZpmvsdzl5qs=
Subject key identifier: 57:3A:40:80:51:7B:07:CF:59:E5:EC:9C:BD:CD:AF:D4:80:04:72:57
Certificate issuer: /CN=4c189e42f35c944d463d9ea6501f093eb62ba785
Certificate serial: 5A6C14C81DB13D40EEA2EB3178BBE92C5B5983F3
Authority key identifier: 4C:18:9E:42:F3:5C:94:4D:46:3D:9E:A6:50:1F:09:3E:B6:2B:A7:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3138352e31332e3232342e302f32342d3234203d3e20313337323335.roa
Signing time: Thu 19 Mar 2026 01:19:48 +0000
ROA not before: Thu 19 Mar 2026 01:14:48 +0000
ROA not after: Thu 18 Mar 2027 01:19:48 +0000
asID: 137235
IP address blocks: 185.13.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.crl
rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.mft
rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 21:05:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:6c:14:c8:1d:b1:3d:40:ee:a2:eb:31:78:bb:e9:2c:5b:59:83:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c189e42f35c944d463d9ea6501f093eb62ba785
Validity
Not Before: Mar 19 01:14:48 2026 GMT
Not After : Mar 18 01:19:48 2027 GMT
Subject: CN=573A4080517B07CF59E5EC9CBDCDAFD480047257
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:8e:a3:34:62:64:d5:a2:91:c9:1e:50:4a:67:
a1:0f:16:0e:b5:df:3a:ed:05:4b:59:2f:38:64:f8:
fd:63:38:9f:ba:16:c4:a6:a6:3e:b7:13:e2:30:ae:
b3:cc:36:8b:6c:90:0f:a7:33:53:6f:d8:05:77:2b:
fc:04:bf:f4:5a:00:03:43:58:ac:28:47:9c:d0:99:
dc:33:8d:16:a0:7d:09:1c:e6:ea:3e:ef:ee:a9:9c:
03:2a:49:48:75:ef:3a:7d:fe:dd:e8:83:7b:fa:ca:
e4:87:7b:81:4a:b6:c8:12:ac:50:ef:a7:d2:28:d7:
3b:19:37:d8:d7:b6:0f:7a:0f:50:c4:19:30:3e:7c:
ff:43:5a:9f:09:a9:45:27:c2:4f:7d:d3:22:90:5d:
34:ab:5c:14:61:11:7d:f0:02:e0:1e:f0:06:1e:a8:
58:87:a6:5f:90:3e:8d:ac:eb:b6:31:64:da:af:0d:
a8:18:0a:a2:f3:09:a2:4a:5c:b2:b5:3d:3c:d2:49:
91:c2:8c:c6:5f:e1:51:03:3b:55:4d:d3:40:e6:77:
22:1f:d6:66:3c:7a:19:51:cc:aa:6c:8c:4c:97:a6:
21:a3:bc:e6:21:15:76:0a:98:79:38:97:6f:c4:a7:
c9:0c:2b:c9:e9:c5:b4:51:76:6a:e3:0a:76:ca:39:
65:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:3A:40:80:51:7B:07:CF:59:E5:EC:9C:BD:CD:AF:D4:80:04:72:57
X509v3 Authority Key Identifier:
keyid:4C:18:9E:42:F3:5C:94:4D:46:3D:9E:A6:50:1F:09:3E:B6:2B:A7:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3138352e31332e3232342e302f32342d3234203d3e20313337323335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.13.224.0/24
Signature Algorithm: sha256WithRSAEncryption
91:03:31:ef:c5:ef:d7:dd:6c:86:2c:4a:75:fb:75:03:0f:93:
53:30:ee:3c:b7:b7:34:9e:92:73:10:0f:8b:c7:3e:d9:31:2b:
50:27:30:b0:7e:aa:ff:58:fd:7d:60:eb:64:28:14:02:97:ae:
a1:a9:b1:eb:c8:77:9b:a9:72:12:17:ba:d3:db:d8:f5:a5:eb:
dc:99:62:9d:10:e2:40:76:4a:16:bd:80:4c:79:3f:5e:8b:aa:
0c:a6:8b:ba:dc:10:f7:d1:cb:32:ca:52:50:be:fc:df:5e:ef:
cd:e9:7b:79:f3:d4:21:1b:50:c4:a1:1d:5e:e0:70:3f:35:1d:
3b:81:45:f7:0c:5b:44:3b:76:59:80:4a:0e:79:31:9b:97:70:
be:c3:8c:94:93:b1:5c:25:10:55:31:76:66:b8:17:50:3c:97:
12:32:54:ae:de:a9:30:74:bf:d3:15:62:e3:b3:aa:f6:0f:f0:
d7:d5:29:b7:7c:d6:eb:cb:2d:15:6a:6c:84:ea:28:10:85:ba:
68:ae:37:cf:5a:01:57:f3:1b:27:7a:7a:08:d4:aa:cc:77:bc:
7a:89:a2:ac:2d:d3:08:87:e9:b2:f0:67:08:0f:ac:5f:3b:57:
e6:5f:2c:d1:94:6f:98:39:3f:fe:df:11:f2:e4:96:68:b0:af:
ce:bc:6a:b5
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUWmwUyB2xPUDuousxeLvpLFtZg/MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGMxODllNDJmMzVjOTQ0ZDQ2M2Q5ZWE2NTAxZjA5M2Vi
NjJiYTc4NTAeFw0yNjAzMTkwMTE0NDhaFw0yNzAzMTgwMTE5NDhaMDMxMTAvBgNV
BAMTKDU3M0E0MDgwNTE3QjA3Q0Y1OUU1RUM5Q0JEQ0RBRkQ0ODAwNDcyNTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCejqM0YmTVopHJHlBKZ6EPFg61
3zrtBUtZLzhk+P1jOJ+6FsSmpj63E+IwrrPMNotskA+nM1Nv2AV3K/wEv/RaAAND
WKwoR5zQmdwzjRagfQkc5uo+7+6pnAMqSUh17zp9/t3og3v6yuSHe4FKtsgSrFDv
p9Io1zsZN9jXtg96D1DEGTA+fP9DWp8JqUUnwk990yKQXTSrXBRhEX3wAuAe8AYe
qFiHpl+QPo2s67YxZNqvDagYCqLzCaJKXLK1PTzSSZHCjMZf4VEDO1VN00DmdyIf
1mY8ehlRzKpsjEyXpiGjvOYhFXYKmHk4l2/Ep8kMK8npxbRRdmrjCnbKOWXJAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUVzpAgFF7B89Z5eycvc2v1IAEclcwHwYDVR0j
BBgwFoAUTBieQvNclE1GPZ6mUB8JPrYrp4UwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2U1MTBlMTctMzFmYS00MTRiLTk4OWUtMDI2ZGJiNmZk
ZjUxLzAvNEMxODlFNDJGMzVDOTQ0RDQ2M0Q5RUE2NTAxRjA5M0VCNjJCQTc4NS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RCaWVRdk5jbEUxR1BaNm1VQjhKUHJZ
cnA0VS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2U1MTBlMTct
MzFmYS00MTRiLTk4OWUtMDI2ZGJiNmZkZjUxLzAvMzEzODM1MmUzMTMzMmUzMjMy
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzczMjMzMzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5DeAwDQYJKoZIhvcNAQELBQADggEBAJEDMe/F79fdbIYsSnX7dQMPk1Mw7jy3
tzSeknMQD4vHPtkxK1AnMLB+qv9Y/X1g62QoFAKXrqGpsevId5upchIXutPb2PWl
69yZYp0Q4kB2Sha9gEx5P16Lqgymi7rcEPfRyzLKUlC+/N9e783pe3nz1CEbUMSh
HV7gcD81HTuBRfcMW0Q7dlmASg55MZuXcL7DjJSTsVwlEFUxdma4F1A8lxIyVK7e
qTB0v9MVYuOzqvYP8NfVKbd81uvLLRVqbITqKBCFumiuN89aAVfzGyd6egjUqsx3
vHqJoqwt0wiH6bLwZwgPrF87V+ZfLNGUb5g5P/7fEfLklmiwr868arU=
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:44:55 2026 by rpki-client