Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/3138352e3133302e38382e302f32342d3234203d3e203431373230.roa
File: 3138352e3133302e38382e302f32342d3234203d3e203431373230.roa (raw, json)
Hash identifier: Q6SwM6coh0lhmv2Gg85VRe+9HM4FBsO6keE2v7Y1R3c=
Subject key identifier: 41:EA:A2:C3:CB:C4:9D:B8:82:83:49:A4:5C:D6:3F:A7:47:D8:94:A6
Certificate issuer: /CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Certificate serial: 2B70B3291C1C2C358286DCE5F6C08FB00AB50211
Authority key identifier: 88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/3138352e3133302e38382e302f32342d3234203d3e203431373230.roa
Signing time: Sat 02 May 2026 07:21:29 +0000
ROA not before: Sat 02 May 2026 07:16:29 +0000
ROA not after: Sat 01 May 2027 07:21:29 +0000
asID: 41720
IP address blocks: 185.130.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.mft
rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 03:58:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:70:b3:29:1c:1c:2c:35:82:86:dc:e5:f6:c0:8f:b0:0a:b5:02:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Validity
Not Before: May 2 07:16:29 2026 GMT
Not After : May 1 07:21:29 2027 GMT
Subject: CN=41EAA2C3CBC49DB8828349A45CD63FA747D894A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:4f:7f:eb:06:49:4b:d9:7e:13:87:34:03:df:
5e:a9:34:b8:4a:bd:38:b8:1a:b6:9a:5c:d0:32:25:
75:04:34:7e:ee:d9:b9:ea:a0:1a:26:74:92:6e:97:
74:d0:2b:a4:17:6c:f1:90:e1:05:96:df:2b:e9:3a:
d1:fd:9b:74:7f:36:0a:76:ab:12:51:86:82:db:a7:
f3:9e:73:52:03:89:d1:12:f5:f9:4c:45:b9:a6:61:
06:ed:4a:7a:e1:a5:2f:ef:66:e9:d1:47:1f:b7:41:
4c:72:01:ed:96:cb:42:6a:58:99:e9:b1:4a:92:17:
c1:22:66:2e:a9:62:24:31:5b:91:27:fe:89:16:3e:
77:45:79:ee:8d:8e:82:a5:2c:8d:5f:25:b7:0d:d1:
55:32:28:d0:5c:4b:7e:4c:47:4f:c3:c4:df:80:68:
83:a2:3a:37:27:7c:04:90:bc:01:26:de:dc:e2:54:
75:4a:64:22:fe:dd:4c:9d:b1:7f:52:3c:3b:cf:e5:
32:35:62:f1:5d:bc:5c:2b:31:93:4c:6d:64:4f:70:
14:6a:bb:07:ac:85:38:21:ea:c2:cf:fd:51:eb:b7:
11:27:a3:ad:5e:f6:be:bb:65:02:56:66:46:04:f7:
e0:c8:73:48:f2:f5:d8:a6:40:47:73:69:b1:4d:c6:
20:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:EA:A2:C3:CB:C4:9D:B8:82:83:49:A4:5C:D6:3F:A7:47:D8:94:A6
X509v3 Authority Key Identifier:
keyid:88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/3138352e3133302e38382e302f32342d3234203d3e203431373230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.130.88.0/24
Signature Algorithm: sha256WithRSAEncryption
af:60:da:8a:96:e6:5a:97:87:c2:ff:2f:c1:98:2c:97:db:fb:
e9:fe:d6:2a:2d:69:7a:91:a3:c7:49:e2:d5:55:dc:e2:dd:83:
3b:4c:f9:61:41:4e:c7:5b:73:6c:32:93:e1:dd:ea:70:eb:dc:
f1:82:d8:81:ce:76:6f:70:d7:ac:fa:d8:ff:e8:a0:45:2a:9b:
e0:4d:9a:36:4f:11:e1:1e:8a:49:1e:03:fd:45:42:7d:cb:cb:
9a:ef:a3:8e:33:15:7b:45:76:4c:ff:56:b6:dc:e9:6d:27:c5:
e6:47:64:d6:56:d1:ed:a6:12:db:2c:d1:56:8f:22:ff:3f:8a:
e0:e9:38:12:c3:fe:c9:e4:57:52:67:04:36:2b:f9:c5:ec:e2:
75:6e:d7:e6:52:e3:4c:c2:62:dc:12:9f:ed:e8:30:da:2c:e0:
c6:0b:5e:bb:03:88:22:5a:4b:62:c1:b1:f8:30:3d:e0:0d:9c:
aa:5e:06:9c:28:1c:d5:26:60:81:6e:f8:02:c5:07:e8:e3:00:
e0:70:fb:b2:d0:e8:3a:f9:66:04:c2:9a:f3:a3:f0:af:19:60:
6e:56:b1:85:75:a0:45:00:5d:eb:e2:27:6e:3c:8c:0d:82:4f:
ab:78:3c:a8:dd:d3:c1:2c:9d:d3:22:e5:f4:f4:5c:62:9c:f0:
fe:37:5b:9a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUK3CzKRwcLDWChtzl9sCPsAq1AhEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjZGQ5YzE5M2RhOTE4NWE0YWMxNWIyYWRlODc1ZmU5
N2I2ZjQ5MTAeFw0yNjA1MDIwNzE2MjlaFw0yNzA1MDEwNzIxMjlaMDMxMTAvBgNV
BAMTKDQxRUFBMkMzQ0JDNDlEQjg4MjgzNDlBNDVDRDYzRkE3NDdEODk0QTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2T3/rBklL2X4ThzQD316pNLhK
vTi4GraaXNAyJXUENH7u2bnqoBomdJJul3TQK6QXbPGQ4QWW3yvpOtH9m3R/Ngp2
qxJRhoLbp/Oec1IDidES9flMRbmmYQbtSnrhpS/vZunRRx+3QUxyAe2Wy0JqWJnp
sUqSF8EiZi6pYiQxW5En/okWPndFee6NjoKlLI1fJbcN0VUyKNBcS35MR0/DxN+A
aIOiOjcnfASQvAEm3tziVHVKZCL+3UydsX9SPDvP5TI1YvFdvFwrMZNMbWRPcBRq
uweshTgh6sLP/VHrtxEno61e9r67ZQJWZkYE9+DIc0jy9dimQEdzabFNxiBvAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUQeqiw8vEnbiCg0mkXNY/p0fYlKYwHwYDVR0j
BBgwFoAUiM3ZwZPakYWkrBWyreh1/pe29JEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQtNjFjNS00MjkwLThhNmQtNWYyYjkwMjcz
MjJmLzAvODhDREQ5QzE5M0RBOTE4NUE0QUMxNUIyQURFODc1RkU5N0I2RjQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNM1p3WlBha1lXa3JCV3lyZWgxX3Bl
MjlKRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQt
NjFjNS00MjkwLThhNmQtNWYyYjkwMjczMjJmLzAvMzEzODM1MmUzMTMzMzAyZTM4
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMxMzczMjMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uYJYMA0GCSqGSIb3DQEBCwUAA4IBAQCvYNqKluZal4fC/y/BmCyX2/vp/tYqLWl6
kaPHSeLVVdzi3YM7TPlhQU7HW3NsMpPh3epw69zxgtiBznZvcNes+tj/6KBFKpvg
TZo2TxHhHopJHgP9RUJ9y8ua76OOMxV7RXZM/1a23OltJ8XmR2TWVtHtphLbLNFW
jyL/P4rg6TgSw/7J5FdSZwQ2K/nF7OJ1btfmUuNMwmLcEp/t6DDaLODGC167A4gi
WktiwbH4MD3gDZyqXgacKBzVJmCBbvgCxQfo4wDgcPuy0Og6+WYEwprzo/CvGWBu
VrGFdaBFAF3r4iduPIwNgk+reDyo3dPBLJ3TIuX09FxinPD+N1ua
-----END CERTIFICATE-----
Generated at Tue May 12 21:32:47 2026 by rpki-client