Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e3132332e3135372e302f32342d3234203d3e20323136343735.roa
File: 3138352e3132332e3135372e302f32342d3234203d3e20323136343735.roa (raw, json)
Hash identifier: itYG2GwbUfv2aVLVfTQU5Cj2qGDvAV+mpJgT54TYfWk=
Subject key identifier: AF:AF:4B:FD:E4:EC:05:7D:D3:84:46:D0:52:C0:45:A6:95:52:07:21
Certificate issuer: /CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Certificate serial: 152E77BF36CD0569923B4E45AA0FB3B0BFD0AAA1
Authority key identifier: E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e3132332e3135372e302f32342d3234203d3e20323136343735.roa
Signing time: Mon 23 Mar 2026 12:27:01 +0000
ROA not before: Mon 23 Mar 2026 12:22:01 +0000
ROA not after: Mon 22 Mar 2027 12:27:01 +0000
asID: 216475
IP address blocks: 185.123.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.mft
rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:2e:77:bf:36:cd:05:69:92:3b:4e:45:aa:0f:b3:b0:bf:d0:aa:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Validity
Not Before: Mar 23 12:22:01 2026 GMT
Not After : Mar 22 12:27:01 2027 GMT
Subject: CN=AFAF4BFDE4EC057DD38446D052C045A695520721
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:12:69:8f:71:ee:94:86:c9:21:93:aa:cc:83:
23:29:51:e5:4a:b0:b7:1d:2d:79:d9:fd:e0:08:f6:
49:f4:81:f9:db:7b:78:03:2c:be:0f:97:23:03:7f:
b5:dc:29:80:84:fb:12:9e:a9:4f:31:7c:05:80:a0:
2c:9e:12:c8:e1:d7:5c:a3:a8:32:9d:f2:0c:cd:94:
c9:dc:17:dc:da:ec:b5:be:64:03:93:cf:f4:f0:22:
cc:0c:c1:7e:dd:41:85:65:d1:14:6d:dc:1f:63:37:
e0:7a:33:80:6f:75:1c:8a:a7:61:a1:c7:0f:63:f1:
ca:a2:9d:73:99:b1:d8:7e:3a:dc:79:27:0b:e6:88:
06:4c:be:35:a1:7c:ca:e2:de:1f:52:6b:d9:59:c0:
af:a9:ad:5d:1e:da:ed:05:56:94:17:35:ec:7b:27:
bb:80:5e:e9:ee:e1:3c:0a:e3:f7:be:a8:27:36:da:
fb:ec:28:0d:cf:21:32:18:35:a9:81:e3:81:29:bc:
28:96:db:97:03:ca:ff:05:5d:2f:7d:a6:78:45:37:
d0:58:31:8c:a7:a5:4e:02:7b:b4:ec:11:ed:cd:42:
15:95:f2:e9:ff:24:ad:6f:0a:f6:83:af:a6:e0:e8:
88:a6:5b:60:0f:63:98:27:38:7b:f4:dc:92:3e:c1:
2c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:AF:4B:FD:E4:EC:05:7D:D3:84:46:D0:52:C0:45:A6:95:52:07:21
X509v3 Authority Key Identifier:
keyid:E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e3132332e3135372e302f32342d3234203d3e20323136343735.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.157.0/24
Signature Algorithm: sha256WithRSAEncryption
02:c7:e8:8c:5b:8f:ed:04:23:7d:fe:d4:19:18:2c:b8:ba:c0:
88:92:ae:9d:ed:ba:23:e4:90:c5:20:91:b2:86:08:0a:2e:82:
79:94:a7:91:6f:d5:2a:5d:ff:35:ba:e5:64:d5:32:42:a0:60:
e4:39:a5:a4:7e:4f:2a:fc:58:10:5e:37:c0:60:e4:ab:03:13:
c0:8a:de:45:93:08:b4:54:46:64:8d:b5:1f:a1:23:ad:54:1d:
ad:ae:9b:5a:73:74:ee:55:7c:a2:64:d3:10:35:c3:0a:36:f3:
88:d5:16:f2:5d:34:38:ce:0c:59:ad:69:53:27:c6:51:e5:95:
cd:af:ef:2d:7b:ae:15:0d:7b:a4:32:23:84:ef:63:86:72:32:
0d:89:fc:5b:b0:a9:5e:af:db:ac:f8:a9:26:1a:b4:69:32:02:
39:54:c5:f2:7a:01:42:39:da:19:8c:ef:85:b1:f0:e6:de:34:
26:98:42:0e:7a:96:af:e4:35:e9:f0:ac:79:7a:fd:a9:0b:d2:
a8:47:d6:e9:18:25:14:85:ed:8c:88:26:7f:2d:29:a3:4d:87:
d4:ab:99:90:14:3d:da:bf:01:b0:db:31:34:73:ce:18:38:54:
3b:05:49:3f:e9:26:fa:24:90:b4:f5:73:8f:bf:60:29:c2:87:
49:ee:73:9f
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUFS53vzbNBWmSO05Fqg+zsL/QqqEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTFmMzUxMmY1MWRjNDJiYjllYjEyYWJjMGJiNTI5NjY4
YjJlZGVlNDAeFw0yNjAzMjMxMjIyMDFaFw0yNzAzMjIxMjI3MDFaMDMxMTAvBgNV
BAMTKEFGQUY0QkZERTRFQzA1N0REMzg0NDZEMDUyQzA0NUE2OTU1MjA3MjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWEmmPce6Uhskhk6rMgyMpUeVK
sLcdLXnZ/eAI9kn0gfnbe3gDLL4PlyMDf7XcKYCE+xKeqU8xfAWAoCyeEsjh11yj
qDKd8gzNlMncF9za7LW+ZAOTz/TwIswMwX7dQYVl0RRt3B9jN+B6M4BvdRyKp2Gh
xw9j8cqinXOZsdh+Otx5JwvmiAZMvjWhfMri3h9Sa9lZwK+prV0e2u0FVpQXNex7
J7uAXunu4TwK4/e+qCc22vvsKA3PITIYNamB44EpvCiW25cDyv8FXS99pnhFN9BY
MYynpU4Ce7TsEe3NQhWV8un/JK1vCvaDr6bg6IimW2APY5gnOHv03JI+wSwvAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUr69L/eTsBX3ThEbQUsBFppVSByEwHwYDVR0j
BBgwFoAU4fNRL1HcQruesSq8C7UpZosu3uQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgtZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3
OWE3LzAvRTFGMzUxMkY1MURDNDJCQjlFQjEyQUJDMEJCNTI5NjY4QjJFREVFNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRmTlJMMUhjUXJ1ZXNTcThDN1VwWm9z
dTN1US5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgt
ZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3OWE3LzAvMzEzODM1MmUzMTMyMzMyZTMx
MzUzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNjM0MzczNS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALl7nTANBgkqhkiG9w0BAQsFAAOCAQEAAsfojFuP7QQjff7UGRgsuLrAiJKu
ne26I+SQxSCRsoYICi6CeZSnkW/VKl3/NbrlZNUyQqBg5DmlpH5PKvxYEF43wGDk
qwMTwIreRZMItFRGZI21H6EjrVQdra6bWnN07lV8omTTEDXDCjbziNUW8l00OM4M
Wa1pUyfGUeWVza/vLXuuFQ17pDIjhO9jhnIyDYn8W7CpXq/brPipJhq0aTICOVTF
8noBQjnaGYzvhbHw5t40JphCDnqWr+Q16fCseXr9qQvSqEfW6RglFIXtjIgmfy0p
o02H1KuZkBQ92r8BsNsxNHPOGDhUOwVJP+km+iSQtPVzj79gKcKHSe5znw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 13:15:35 2026 by rpki-client