Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3138332e3138322e302f32342d3234203d3e2033313730.roa
File: 3138352e3138332e3138322e302f32342d3234203d3e2033313730.roa (raw, json)
Hash identifier: dyOpFMIv2anpEhJ/BIX1NHPK4ldnkglJwgn0YruQS+w=
Subject key identifier: E2:C5:F3:36:9F:49:BD:1D:F4:19:CD:B0:01:19:E0:B5:92:94:29:2E
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 03CBCAC8C646FF0875FD76201BBE28784F68263F
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3138332e3138322e302f32342d3234203d3e2033313730.roa
Signing time: Tue 24 Mar 2026 17:39:13 +0000
ROA not before: Tue 24 Mar 2026 17:34:13 +0000
ROA not after: Tue 23 Mar 2027 17:39:13 +0000
asID: 3170
IP address blocks: 185.183.182.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:cb:ca:c8:c6:46:ff:08:75:fd:76:20:1b:be:28:78:4f:68:26:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Mar 24 17:34:13 2026 GMT
Not After : Mar 23 17:39:13 2027 GMT
Subject: CN=E2C5F3369F49BD1DF419CDB00119E0B59294292E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:1e:ea:20:d0:ac:42:43:51:1b:10:3d:0d:bf:
32:88:9e:66:15:a8:f8:82:c3:ed:72:15:14:0e:92:
bb:1b:50:c9:ed:67:11:be:bc:89:e5:63:9e:a0:c6:
d6:cd:52:d7:0c:9d:a3:3b:0c:72:66:2f:68:e7:2e:
c7:1c:aa:ac:ab:f9:0d:52:ab:7e:61:db:6b:e3:52:
77:ae:14:5c:4f:70:2d:82:1f:ee:7b:c6:5a:b5:56:
0d:ae:0a:5e:bf:c7:93:9a:43:e6:21:41:86:0f:57:
bc:de:26:45:9f:1b:96:d2:f0:08:d2:44:37:a4:ea:
ee:70:2f:53:3e:cf:b1:16:49:63:59:48:88:ee:a3:
50:7e:2b:0f:9e:fc:f4:0e:60:e0:d6:f1:ce:43:43:
61:3b:b2:c1:0c:e4:ed:da:63:2a:c4:41:60:24:ca:
bf:57:ec:3e:dd:20:26:4e:17:04:27:03:5b:c6:e5:
25:58:fa:aa:97:d8:a5:2b:6c:f7:52:70:77:50:ee:
3d:63:da:91:61:8c:c0:eb:99:9f:cf:93:2e:2a:e5:
f4:e1:64:e0:32:10:f1:a4:f7:37:ec:4c:55:09:45:
56:f7:ed:33:7d:1d:c6:7a:b6:a7:c0:fd:25:91:be:
9a:b1:ab:70:a1:07:cf:5a:14:b4:7d:c7:df:d5:d5:
cc:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:C5:F3:36:9F:49:BD:1D:F4:19:CD:B0:01:19:E0:B5:92:94:29:2E
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3138332e3138322e302f32342d3234203d3e2033313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.183.182.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:a1:00:5f:e6:44:a7:09:04:e7:9a:28:37:95:e3:0b:5b:fd:
bf:d5:16:7a:85:04:b8:f7:5d:90:bc:d6:08:95:1d:a5:5c:7d:
de:cc:99:5e:a3:a6:d7:70:c8:53:e9:3f:a4:c9:13:07:e0:18:
47:43:24:01:41:65:2a:7d:57:b9:b7:5b:64:9d:23:f5:57:b3:
b3:52:1d:d7:29:6a:27:0f:ea:38:f5:90:2c:7c:d1:9e:22:55:
fd:6a:0b:4d:67:69:b1:de:c3:67:bc:97:8c:3a:f3:e3:43:11:
40:82:e0:15:4a:59:94:89:8d:5c:1a:e9:74:b6:63:42:81:ae:
37:e0:0c:c2:c2:ee:a1:33:5c:e8:ab:56:ef:f0:b4:48:c0:56:
01:22:4b:ce:33:7d:0c:4c:1c:95:cc:df:f2:44:dd:08:af:f7:
b9:54:fc:96:4d:1d:1a:b8:23:37:ef:75:71:0f:6f:03:53:5d:
4d:ed:57:d9:8e:bf:7a:b8:b1:8d:b1:e1:e5:1f:f1:bc:a9:6f:
3e:7c:b3:a9:0d:2a:61:76:a7:ca:69:03:bd:3e:9b:8b:43:0d:
96:7a:a7:87:e7:a8:33:c9:33:9e:f8:cb:b0:26:79:69:6a:cc:
a4:ff:a2:ba:dc:6e:3e:3c:37:a7:02:14:b9:6b:c1:8f:74:4a:
79:19:33:a5
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUA8vKyMZG/wh1/XYgG74oeE9oJj8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNjAzMjQxNzM0MTNaFw0yNzAzMjMxNzM5MTNaMDMxMTAvBgNV
BAMTKEUyQzVGMzM2OUY0OUJEMURGNDE5Q0RCMDAxMTlFMEI1OTI5NDI5MkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgHuog0KxCQ1EbED0NvzKInmYV
qPiCw+1yFRQOkrsbUMntZxG+vInlY56gxtbNUtcMnaM7DHJmL2jnLsccqqyr+Q1S
q35h22vjUneuFFxPcC2CH+57xlq1Vg2uCl6/x5OaQ+YhQYYPV7zeJkWfG5bS8AjS
RDek6u5wL1M+z7EWSWNZSIjuo1B+Kw+e/PQOYODW8c5DQ2E7ssEM5O3aYyrEQWAk
yr9X7D7dICZOFwQnA1vG5SVY+qqX2KUrbPdScHdQ7j1j2pFhjMDrmZ/Pky4q5fTh
ZOAyEPGk9zfsTFUJRVb37TN9HcZ6tqfA/SWRvpqxq3ChB89aFLR9x9/V1cyrAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU4sXzNp9JvR30Gc2wARngtZKUKS4wHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzODM1MmUzMTM4MzMyZTMx
MzgzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzEzNzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ube2MA0GCSqGSIb3DQEBCwUAA4IBAQA7oQBf5kSnCQTnmig3leMLW/2/1RZ6hQS4
912QvNYIlR2lXH3ezJleo6bXcMhT6T+kyRMH4BhHQyQBQWUqfVe5t1tknSP1V7Oz
Uh3XKWonD+o49ZAsfNGeIlX9agtNZ2mx3sNnvJeMOvPjQxFAguAVSlmUiY1cGul0
tmNCga434AzCwu6hM1zoq1bv8LRIwFYBIkvOM30MTByVzN/yRN0Ir/e5VPyWTR0a
uCM373VxD28DU11N7VfZjr96uLGNseHlH/G8qW8+fLOpDSphdqfKaQO9PpuLQw2W
eqeH56gzyTOe+MuwJnlpasyk/6K63G4+PDenAhS5a8GPdEp5GTOl
-----END CERTIFICATE-----
Generated at Wed Mar 25 21:27:07 2026 by rpki-client