Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/3138352e32312e3132392e302f32342d3234203d3e203431373230.roa
File: 3138352e32312e3132392e302f32342d3234203d3e203431373230.roa (raw, json)
Hash identifier: X00xehiC09J74nSsF8Ko+/NFcQ+tlis5g8MfH1Xa6kg=
Subject key identifier: 8F:23:DB:88:EB:37:70:E1:E7:BF:C5:0F:BE:B2:79:C2:8F:1F:82:07
Certificate issuer: /CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Certificate serial: 498D156AA9945A5CA542F21D88832D8FAC6523DF
Authority key identifier: 88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/3138352e32312e3132392e302f32342d3234203d3e203431373230.roa
Signing time: Sat 02 May 2026 07:21:23 +0000
ROA not before: Sat 02 May 2026 07:16:23 +0000
ROA not after: Sat 01 May 2027 07:21:23 +0000
asID: 41720
IP address blocks: 185.21.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.mft
rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:22:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:8d:15:6a:a9:94:5a:5c:a5:42:f2:1d:88:83:2d:8f:ac:65:23:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88cdd9c193da9185a4ac15b2ade875fe97b6f491
Validity
Not Before: May 2 07:16:23 2026 GMT
Not After : May 1 07:21:23 2027 GMT
Subject: CN=8F23DB88EB3770E1E7BFC50FBEB279C28F1F8207
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1c:38:a0:2c:03:b4:0c:50:18:a5:f7:ea:84:
d4:03:c8:da:ab:83:fa:da:55:bc:d4:8b:78:03:82:
74:9c:82:6a:b5:bc:86:8e:e6:77:61:0e:15:0e:46:
0e:52:66:74:79:ab:f7:a5:dc:ca:95:57:c3:0b:be:
bd:54:b2:e3:21:14:a3:e3:fa:84:29:94:13:eb:15:
24:cc:45:6a:5e:c6:e1:63:4b:c6:1e:89:21:9e:87:
41:0b:8c:89:03:6c:e0:44:f3:75:bc:4e:0f:81:c0:
9a:96:63:aa:d9:8c:d4:2b:a9:f8:9b:bd:b4:82:48:
99:af:cf:39:45:a0:fe:a8:6d:a2:76:cc:12:d2:9d:
17:64:2e:5f:63:4d:99:bd:d8:92:a6:90:f2:d4:ed:
09:44:44:fa:e8:b9:f6:c2:55:ef:b3:04:b4:b4:8c:
06:60:58:0d:a5:5b:c2:4c:60:2b:15:78:80:53:34:
e5:fe:b8:d7:29:62:fd:81:2c:ef:58:99:66:c1:1a:
54:5b:f4:97:38:de:f4:9b:ed:40:a8:d7:b5:7c:8c:
11:a6:19:71:70:9c:4d:26:c7:f6:58:88:c8:8f:b3:
41:01:5f:29:08:e1:cf:83:2f:62:9d:98:c4:3d:41:
a0:58:9b:21:0f:5d:6c:db:6c:8e:e2:91:5b:33:6e:
69:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:23:DB:88:EB:37:70:E1:E7:BF:C5:0F:BE:B2:79:C2:8F:1F:82:07
X509v3 Authority Key Identifier:
keyid:88:CD:D9:C1:93:DA:91:85:A4:AC:15:B2:AD:E8:75:FE:97:B6:F4:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/88CDD9C193DA9185A4AC15B2ADE875FE97B6F491.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iM3ZwZPakYWkrBWyreh1_pe29JE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e6aff234-61c5-4290-8a6d-5f2b9027322f/0/3138352e32312e3132392e302f32342d3234203d3e203431373230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.129.0/24
Signature Algorithm: sha256WithRSAEncryption
24:a9:3d:6d:81:b3:dd:8e:c7:6e:06:eb:6d:d9:68:91:ab:aa:
e1:67:f1:b1:fd:e8:eb:f4:7f:23:b9:10:ed:39:a3:b8:8e:5e:
6c:19:08:fa:70:ad:20:fd:b8:bd:b1:1e:0c:d8:f0:21:52:87:
b4:c5:3d:b4:ee:08:06:a8:06:18:b0:29:22:ef:a0:58:dc:d1:
46:b6:a5:07:31:34:66:22:40:45:9c:a5:34:46:40:08:f3:f7:
3f:38:d3:fd:fb:29:87:d9:7d:44:17:79:fd:43:99:d6:ab:1f:
df:27:b5:61:39:5e:c0:b7:09:cc:fe:03:30:79:9d:a6:47:95:
3a:14:04:1d:bc:a9:0a:fd:1f:e8:dd:7c:11:a6:06:39:0e:bf:
20:84:a1:46:3f:f0:4e:b5:78:53:68:6d:6e:97:40:78:56:ac:
27:fb:8b:4e:63:d0:ed:31:06:bc:6e:4f:c5:11:c5:0b:36:6a:
df:d3:b5:ff:95:ae:62:ab:b6:6f:c8:8b:24:a2:fd:c6:2c:a9:
d4:fb:d9:ae:1b:f7:e8:b7:33:e5:53:05:e0:c3:98:8e:8f:cf:
2a:34:df:63:92:e9:54:18:54:ea:ae:d5:94:63:9f:8a:ab:20:
c6:ff:a0:de:bc:52:be:73:67:17:8c:51:14:73:1a:88:c0:b1:
84:55:f3:93
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUSY0VaqmUWlylQvIdiIMtj6xlI98wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjZGQ5YzE5M2RhOTE4NWE0YWMxNWIyYWRlODc1ZmU5
N2I2ZjQ5MTAeFw0yNjA1MDIwNzE2MjNaFw0yNzA1MDEwNzIxMjNaMDMxMTAvBgNV
BAMTKDhGMjNEQjg4RUIzNzcwRTFFN0JGQzUwRkJFQjI3OUMyOEYxRjgyMDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2HDigLAO0DFAYpffqhNQDyNqr
g/raVbzUi3gDgnScgmq1vIaO5ndhDhUORg5SZnR5q/el3MqVV8MLvr1UsuMhFKPj
+oQplBPrFSTMRWpexuFjS8YeiSGeh0ELjIkDbOBE83W8Tg+BwJqWY6rZjNQrqfib
vbSCSJmvzzlFoP6obaJ2zBLSnRdkLl9jTZm92JKmkPLU7QlERProufbCVe+zBLS0
jAZgWA2lW8JMYCsVeIBTNOX+uNcpYv2BLO9YmWbBGlRb9Jc43vSb7UCo17V8jBGm
GXFwnE0mx/ZYiMiPs0EBXykI4c+DL2KdmMQ9QaBYmyEPXWzbbI7ikVszbmnTAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUjyPbiOs3cOHnv8UPvrJ5wo8fggcwHwYDVR0j
BBgwFoAUiM3ZwZPakYWkrBWyreh1/pe29JEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQtNjFjNS00MjkwLThhNmQtNWYyYjkwMjcz
MjJmLzAvODhDREQ5QzE5M0RBOTE4NUE0QUMxNUIyQURFODc1RkU5N0I2RjQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNM1p3WlBha1lXa3JCV3lyZWgxX3Bl
MjlKRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTZhZmYyMzQt
NjFjNS00MjkwLThhNmQtNWYyYjkwMjczMjJmLzAvMzEzODM1MmUzMjMxMmUzMTMy
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMxMzczMjMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uRWBMA0GCSqGSIb3DQEBCwUAA4IBAQAkqT1tgbPdjsduButt2WiRq6rhZ/Gx/ejr
9H8juRDtOaO4jl5sGQj6cK0g/bi9sR4M2PAhUoe0xT207ggGqAYYsCki76BY3NFG
tqUHMTRmIkBFnKU0RkAI8/c/ONP9+ymH2X1EF3n9Q5nWqx/fJ7VhOV7AtwnM/gMw
eZ2mR5U6FAQdvKkK/R/o3XwRpgY5Dr8ghKFGP/BOtXhTaG1ul0B4Vqwn+4tOY9Dt
MQa8bk/FEcULNmrf07X/la5iq7ZvyIskov3GLKnU+9muG/fotzPlUwXgw5iOj88q
NN9jkulUGFTqrtWUY5+KqyDG/6DevFK+c2cXjFEUcxqIwLGEVfOT
-----END CERTIFICATE-----
Generated at Wed May 13 05:36:45 2026 by rpki-client