Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234312e3134382e302f32342d3234203d3e20323035343839.roa
File: 3138352e3234312e3134382e302f32342d3234203d3e20323035343839.roa (raw, json)
Hash identifier: jZzcj3+nFJ88MfXUHTjz67NurkXo6DooXf9P2OQjYNs=
Subject key identifier: E1:CB:A5:83:0F:10:05:C4:54:1B:4E:70:0F:94:37:69:72:C1:10:EA
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0D55F6E489AA973281B386E3E3BD1ABA65ECE65C
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234312e3134382e302f32342d3234203d3e20323035343839.roa
Signing time: Tue 17 Mar 2026 13:27:51 +0000
ROA not before: Tue 17 Mar 2026 13:22:51 +0000
ROA not after: Tue 16 Mar 2027 13:27:51 +0000
asID: 205489
IP address blocks: 185.241.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:55:f6:e4:89:aa:97:32:81:b3:86:e3:e3:bd:1a:ba:65:ec:e6:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 17 13:22:51 2026 GMT
Not After : Mar 16 13:27:51 2027 GMT
Subject: CN=E1CBA5830F1005C4541B4E700F94376972C110EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:53:70:39:f7:f6:b1:a3:b8:47:a5:87:fa:c7:
85:90:13:77:8d:b3:75:f8:4a:96:68:c2:d5:df:c0:
8f:d9:6b:b1:a9:70:d1:0a:af:f7:4c:4a:97:9b:f5:
d9:76:72:75:0a:26:8a:9d:a8:a0:86:12:0b:07:0e:
18:3d:cc:af:9b:3b:48:b2:b8:8c:ae:30:85:55:13:
5e:a3:2d:59:87:0b:a6:67:cf:55:b0:91:fa:18:e9:
9a:fe:75:36:13:e5:3a:0c:96:e1:33:26:78:44:0b:
e1:73:17:b1:50:b5:3b:d7:ce:4c:03:ee:01:3f:d5:
59:53:89:79:47:b2:2e:a3:5a:5b:38:e2:62:85:c0:
cf:e1:ad:b8:e3:5d:46:cf:32:ff:69:54:6b:7c:9e:
22:d1:57:98:46:c4:64:71:3c:05:70:5b:f7:36:5f:
23:14:4f:c4:f1:bc:03:05:9a:35:a1:a0:b0:0b:2c:
4c:5c:0b:16:b1:6b:03:07:e8:63:b0:d5:aa:73:87:
e4:1a:46:b1:1c:a6:0c:23:11:63:9f:f8:71:fe:4e:
0e:0f:58:a9:ed:74:f3:ee:21:74:41:c4:67:7c:7a:
d4:7e:22:d8:97:4b:39:1e:9e:a0:25:69:c7:f3:54:
77:d6:8c:33:e8:04:08:e5:ec:40:94:0f:67:fa:25:
bc:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:CB:A5:83:0F:10:05:C4:54:1B:4E:70:0F:94:37:69:72:C1:10:EA
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234312e3134382e302f32342d3234203d3e20323035343839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.241.148.0/24
Signature Algorithm: sha256WithRSAEncryption
22:9e:66:be:e1:50:fb:7e:08:8d:db:d2:87:90:89:d2:a0:7f:
f5:fc:8d:11:bd:fb:62:04:32:31:6b:f6:ba:31:d7:73:96:57:
82:4a:96:37:28:a2:aa:d6:c6:77:12:68:48:a4:5b:48:97:c9:
c8:40:07:7b:2d:ca:df:bd:07:08:a0:1f:bc:5f:9b:93:c7:69:
fd:9a:22:a3:43:e2:0a:79:30:ed:f1:b8:6e:bf:cc:ec:30:62:
33:69:a8:0b:62:51:ce:59:32:a0:9b:bd:6d:9b:e8:4f:43:ad:
06:01:47:a2:1f:1a:1e:1c:fc:4c:9a:3b:9c:4b:e3:60:6b:fb:
29:b8:03:80:d5:ed:f2:7b:a2:72:41:a2:f8:c4:bc:62:c5:22:
a8:67:55:e0:16:38:fa:46:26:78:e8:72:f6:0a:bd:f5:3b:60:
8b:1c:b9:1b:51:47:86:57:cd:4e:f8:0d:94:a4:f0:35:9c:b6:
09:35:cd:24:a2:50:a0:2d:30:40:8c:65:3e:8c:6b:b1:b8:dd:
c5:87:83:ee:c1:16:c8:d3:3a:db:6e:fa:ca:1a:4d:a0:93:87:
37:bb:a7:e3:79:f8:99:92:5a:54:7d:1d:1e:e6:40:75:4d:2c:
f8:ec:ee:8f:32:4c:4a:6c:ea:ed:f4:af:8b:14:a7:ae:41:5f:
4b:bb:6a:71
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUDVX25ImqlzKBs4bj470aumXs5lwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMTcxMzIyNTFaFw0yNzAzMTYxMzI3NTFaMDMxMTAvBgNV
BAMTKEUxQ0JBNTgzMEYxMDA1QzQ1NDFCNEU3MDBGOTQzNzY5NzJDMTEwRUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYU3A59/axo7hHpYf6x4WQE3eN
s3X4SpZowtXfwI/Za7GpcNEKr/dMSpeb9dl2cnUKJoqdqKCGEgsHDhg9zK+bO0iy
uIyuMIVVE16jLVmHC6Znz1WwkfoY6Zr+dTYT5ToMluEzJnhEC+FzF7FQtTvXzkwD
7gE/1VlTiXlHsi6jWls44mKFwM/hrbjjXUbPMv9pVGt8niLRV5hGxGRxPAVwW/c2
XyMUT8TxvAMFmjWhoLALLExcCxaxawMH6GOw1apzh+QaRrEcpgwjEWOf+HH+Tg4P
WKntdPPuIXRBxGd8etR+ItiXSzkenqAlacfzVHfWjDPoBAjl7ECUD2f6JbxHAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU4culgw8QBcRUG05wD5Q3aXLBEOowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjM0MzEyZTMx
MzQzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNTM0MzgzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnxlDANBgkqhkiG9w0BAQsFAAOCAQEAIp5mvuFQ+34IjdvSh5CJ0qB/9fyN
Eb37YgQyMWv2ujHXc5ZXgkqWNyiiqtbGdxJoSKRbSJfJyEAHey3K370HCKAfvF+b
k8dp/Zoio0PiCnkw7fG4br/M7DBiM2moC2JRzlkyoJu9bZvoT0OtBgFHoh8aHhz8
TJo7nEvjYGv7KbgDgNXt8nuickGi+MS8YsUiqGdV4BY4+kYmeOhy9gq99Ttgixy5
G1FHhlfNTvgNlKTwNZy2CTXNJKJQoC0wQIxlPoxrsbjdxYeD7sEWyNM62276yhpN
oJOHN7un43n4mZJaVH0dHuZAdU0s+OzujzJMSmzq7fSvixSnrkFfS7tqcQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:13:47 2026 by rpki-client