Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e3132332e3135382e302f32342d3234203d3e203239383032.roa
File: 3138352e3132332e3135382e302f32342d3234203d3e203239383032.roa (raw, json)
Hash identifier: KKez0Khb6IZPJMlNfqEbtFW6uvUHl2oV9Icm6KoeU2I=
Subject key identifier: 75:88:9B:B8:99:FF:FF:69:97:5A:91:AE:37:BA:02:DB:81:34:2D:23
Certificate issuer: /CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Certificate serial: 191997783C3C0F2D40B353D4CE86A58EB507CEA1
Authority key identifier: E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e3132332e3135382e302f32342d3234203d3e203239383032.roa
Signing time: Wed 06 May 2026 13:47:11 +0000
ROA not before: Wed 06 May 2026 13:42:11 +0000
ROA not after: Wed 05 May 2027 13:47:11 +0000
asID: 29802
IP address blocks: 185.123.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.mft
rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 15:57:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:19:97:78:3c:3c:0f:2d:40:b3:53:d4:ce:86:a5:8e:b5:07:ce:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Validity
Not Before: May 6 13:42:11 2026 GMT
Not After : May 5 13:47:11 2027 GMT
Subject: CN=75889BB899FFFF69975A91AE37BA02DB81342D23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:5b:c8:8d:9e:5e:24:eb:33:e1:cf:3f:4f:00:
25:00:28:ef:af:46:af:d1:7a:71:ac:6e:ac:5c:2b:
35:00:0e:6e:93:39:48:86:fd:0d:ec:49:ab:d7:b8:
a8:d2:10:21:db:c2:ae:92:6f:5d:68:a9:14:3f:a2:
c6:6f:7c:15:6a:24:e2:e6:40:5c:90:dd:ea:7c:53:
19:7c:cc:29:36:ab:98:cb:99:9e:65:3e:10:af:bd:
63:de:bd:30:a4:e7:c3:b5:34:97:99:37:9e:8c:dc:
eb:db:6b:9a:a7:18:55:79:76:6f:a4:90:45:87:d2:
30:5d:38:5d:89:f2:6d:1d:44:b0:9c:32:ba:b9:96:
96:17:1b:bd:b3:80:b6:df:df:57:52:2a:d6:a6:b3:
4b:2c:27:a5:42:a0:36:79:c5:39:19:4c:44:eb:ef:
42:78:75:82:d6:b2:2f:3f:3e:2d:82:78:5f:68:43:
65:6a:e5:50:61:b3:7b:95:b9:92:92:b4:72:69:ed:
b7:96:d2:91:81:8f:60:20:44:1f:b8:c9:0b:bd:97:
2a:0c:97:5d:a5:cc:07:7e:45:1b:2c:aa:61:e3:c6:
84:da:7f:4e:b5:57:d5:38:2a:cc:20:d7:af:cd:46:
f9:5b:58:fc:37:ea:ed:e9:a4:70:f3:bc:cc:a5:3d:
d5:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:88:9B:B8:99:FF:FF:69:97:5A:91:AE:37:BA:02:DB:81:34:2D:23
X509v3 Authority Key Identifier:
keyid:E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e3132332e3135382e302f32342d3234203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.158.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:62:d3:c6:f8:ab:de:82:7c:6a:60:4b:8e:1e:50:ed:ce:46:
f7:27:30:25:c2:1f:d2:1d:8b:cf:7d:47:31:e0:90:e7:7e:20:
af:ca:4d:85:10:91:bf:77:1d:e3:b0:ae:86:99:be:7e:ed:b1:
e0:2d:a5:44:5b:ad:1b:f5:20:3b:3b:6c:a2:c1:cd:5e:a3:e8:
90:43:c4:33:68:be:17:b4:6b:64:c2:ad:be:5f:a1:9f:6b:07:
65:9d:2d:b8:51:e8:df:d4:0f:8d:0e:f7:46:ca:67:23:5d:12:
2c:b0:68:a8:26:aa:09:8a:93:b3:38:79:3e:9d:d2:11:03:ea:
92:ec:3a:17:7c:f1:23:14:e1:c5:2a:f0:b5:3d:bb:d3:c3:b2:
4f:62:66:52:a2:72:79:ac:e5:de:4b:e7:cf:2b:de:82:2c:33:
8f:93:40:26:ba:1b:21:2f:05:87:65:57:ae:26:bc:a1:d7:78:
09:cd:34:9d:9b:b9:9a:83:74:05:8e:39:a2:38:44:d1:5f:35:
75:2d:a7:7b:4a:f4:d1:30:06:80:10:43:31:33:1d:b0:ad:39:
08:c9:f9:f4:d6:0b:55:5c:09:56:dc:93:87:74:72:5a:a3:34:
05:d3:49:ea:7a:01:8b:5d:3e:61:15:9d:66:9d:b9:4c:5f:a1:
c6:24:1d:dd
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUGRmXeDw8Dy1As1PUzoaljrUHzqEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTFmMzUxMmY1MWRjNDJiYjllYjEyYWJjMGJiNTI5NjY4
YjJlZGVlNDAeFw0yNjA1MDYxMzQyMTFaFw0yNzA1MDUxMzQ3MTFaMDMxMTAvBgNV
BAMTKDc1ODg5QkI4OTlGRkZGNjk5NzVBOTFBRTM3QkEwMkRCODEzNDJEMjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNW8iNnl4k6zPhzz9PACUAKO+v
Rq/RenGsbqxcKzUADm6TOUiG/Q3sSavXuKjSECHbwq6Sb11oqRQ/osZvfBVqJOLm
QFyQ3ep8Uxl8zCk2q5jLmZ5lPhCvvWPevTCk58O1NJeZN56M3Ovba5qnGFV5dm+k
kEWH0jBdOF2J8m0dRLCcMrq5lpYXG72zgLbf31dSKtams0ssJ6VCoDZ5xTkZTETr
70J4dYLWsi8/Pi2CeF9oQ2Vq5VBhs3uVuZKStHJp7beW0pGBj2AgRB+4yQu9lyoM
l12lzAd+RRssqmHjxoTaf061V9U4Kswg16/NRvlbWPw36u3ppHDzvMylPdWFAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUdYibuJn//2mXWpGuN7oC24E0LSMwHwYDVR0j
BBgwFoAU4fNRL1HcQruesSq8C7UpZosu3uQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgtZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3
OWE3LzAvRTFGMzUxMkY1MURDNDJCQjlFQjEyQUJDMEJCNTI5NjY4QjJFREVFNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRmTlJMMUhjUXJ1ZXNTcThDN1VwWm9z
dTN1US5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgt
ZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3OWE3LzAvMzEzODM1MmUzMTMyMzMyZTMx
MzUzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzkzODMwMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5e54wDQYJKoZIhvcNAQELBQADggEBAH1i08b4q96CfGpgS44eUO3ORvcnMCXC
H9Idi899RzHgkOd+IK/KTYUQkb93HeOwroaZvn7tseAtpURbrRv1IDs7bKLBzV6j
6JBDxDNovhe0a2TCrb5foZ9rB2WdLbhR6N/UD40O90bKZyNdEiywaKgmqgmKk7M4
eT6d0hED6pLsOhd88SMU4cUq8LU9u9PDsk9iZlKicnms5d5L588r3oIsM4+TQCa6
GyEvBYdlV64mvKHXeAnNNJ2buZqDdAWOOaI4RNFfNXUtp3tK9NEwBoAQQzEzHbCt
OQjJ+fTWC1VcCVbck4d0clqjNAXTSep6AYtdPmEVnWaduUxfocYkHd0=
-----END CERTIFICATE-----
Generated at Wed May 13 04:13:25 2026 by rpki-client