Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3138352e3132362e302f32342d3234203d3e20323031303032.roa
File: 3138352e3138352e3132362e302f32342d3234203d3e20323031303032.roa (raw, json)
Hash identifier: sPKj23gRVj9bIOxmMue41SBseaYqblKQAumeZe7kuzQ=
Subject key identifier: FA:76:4E:D6:49:A5:B6:43:19:A9:0B:5D:90:06:1F:16:AE:3E:ED:74
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 256A5FB703782AAEA5FD7F43A6151293FB00C948
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3138352e3132362e302f32342d3234203d3e20323031303032.roa
Signing time: Sat 21 Mar 2026 08:00:23 +0000
ROA not before: Sat 21 Mar 2026 07:55:23 +0000
ROA not after: Sat 20 Mar 2027 08:00:23 +0000
asID: 201002
IP address blocks: 185.185.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:6a:5f:b7:03:78:2a:ae:a5:fd:7f:43:a6:15:12:93:fb:00:c9:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Mar 21 07:55:23 2026 GMT
Not After : Mar 20 08:00:23 2027 GMT
Subject: CN=FA764ED649A5B64319A90B5D90061F16AE3EED74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:f9:87:cb:7f:87:eb:41:1f:bd:12:1f:5d:c3:
c7:03:f8:8d:b3:0c:8a:31:6d:fd:5b:25:d6:2f:b7:
f5:df:f5:62:89:84:b6:c0:79:73:ca:a0:d7:a4:3e:
bf:b0:73:ed:30:8f:28:84:d4:5c:ef:39:60:9f:f5:
8f:3e:d9:9a:70:80:77:e7:0f:0f:63:1a:09:60:90:
28:7a:97:09:6e:20:4c:42:32:d9:6f:b1:bd:41:63:
40:9c:02:fa:a5:4b:35:38:98:1e:b5:85:8e:7a:1f:
31:4e:c3:3a:b6:8f:7f:46:50:d6:f7:7a:71:3d:a5:
78:90:9b:35:e1:ae:af:83:8f:65:61:9a:57:3e:df:
3e:f6:0a:c3:36:83:97:37:10:d2:97:89:9c:78:b3:
a2:5c:13:00:2d:c0:71:29:a0:d6:a9:4d:86:a5:6e:
7c:2e:e9:84:03:e5:bc:4e:7e:b1:53:45:fa:6a:70:
94:89:50:eb:fa:4d:7e:37:8f:8c:e6:68:05:1c:31:
a9:29:97:3b:da:46:bd:1d:1a:ca:aa:7a:3e:3b:88:
08:46:8d:7f:7d:f2:2f:91:97:65:64:d2:66:ec:21:
e7:64:81:b3:8c:a8:a1:cb:15:b8:7e:40:0c:c7:13:
9c:93:90:86:83:68:7a:8b:8d:00:9d:91:ab:d4:ef:
1a:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:76:4E:D6:49:A5:B6:43:19:A9:0B:5D:90:06:1F:16:AE:3E:ED:74
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3138352e3132362e302f32342d3234203d3e20323031303032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.185.126.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:39:7f:df:5d:db:5e:86:55:ec:51:e4:05:47:9b:f5:81:0b:
8d:b9:b1:6e:94:0c:13:2d:f9:43:95:05:14:16:9a:20:fe:53:
2e:6d:f3:8b:60:d1:6f:f8:21:09:c1:65:f7:92:b9:37:71:57:
8a:96:3b:7e:0f:62:ab:2e:28:61:ac:16:67:54:5b:a1:2e:93:
42:10:9d:8e:45:47:1d:1e:e5:79:1c:e5:26:20:58:04:04:ad:
af:d6:32:51:3f:43:7e:16:ea:98:8f:97:f8:dc:dc:05:77:4f:
6e:43:d5:c0:b5:33:54:43:3c:4b:e0:40:9b:58:89:87:3e:e2:
13:97:89:b1:1a:b1:be:1f:dc:d4:68:81:fd:6c:3c:2a:a0:fd:
3d:88:63:d9:eb:87:09:50:a3:c8:37:d8:2e:aa:dd:dd:d5:df:
49:98:aa:0e:cd:77:cc:75:1a:e2:bc:3e:89:ea:6a:09:91:c8:
3d:e9:f1:6d:4c:f2:78:b0:f0:c2:c3:86:73:38:a9:08:e6:65:
7a:af:ca:ad:74:6c:d5:97:4b:2f:9a:d8:cd:cd:2b:99:83:67:
f5:c0:d3:bb:79:1d:44:98:3d:56:53:40:82:99:f1:9c:89:bf:
86:dc:56:bc:75:03:55:94:80:01:35:9b:8a:a6:6b:d4:f0:1e:
91:50:9d:25
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUJWpftwN4Kq6l/X9DphUSk/sAyUgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNjAzMjEwNzU1MjNaFw0yNzAzMjAwODAwMjNaMDMxMTAvBgNV
BAMTKEZBNzY0RUQ2NDlBNUI2NDMxOUE5MEI1RDkwMDYxRjE2QUUzRUVENzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDR+YfLf4frQR+9Eh9dw8cD+I2z
DIoxbf1bJdYvt/Xf9WKJhLbAeXPKoNekPr+wc+0wjyiE1FzvOWCf9Y8+2ZpwgHfn
Dw9jGglgkCh6lwluIExCMtlvsb1BY0CcAvqlSzU4mB61hY56HzFOwzq2j39GUNb3
enE9pXiQmzXhrq+Dj2Vhmlc+3z72CsM2g5c3ENKXiZx4s6JcEwAtwHEpoNapTYal
bnwu6YQD5bxOfrFTRfpqcJSJUOv6TX43j4zmaAUcMakplzvaRr0dGsqqej47iAhG
jX998i+Rl2Vk0mbsIedkgbOMqKHLFbh+QAzHE5yTkIaDaHqLjQCdkavU7xr7AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU+nZO1kmltkMZqQtdkAYfFq4+7XQwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzODM1MmUzMTM4MzUyZTMx
MzIzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMTMwMzAzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALm5fjANBgkqhkiG9w0BAQsFAAOCAQEATjl/313bXoZV7FHkBUeb9YELjbmx
bpQMEy35Q5UFFBaaIP5TLm3zi2DRb/ghCcFl95K5N3FXipY7fg9iqy4oYawWZ1Rb
oS6TQhCdjkVHHR7leRzlJiBYBAStr9YyUT9DfhbqmI+X+NzcBXdPbkPVwLUzVEM8
S+BAm1iJhz7iE5eJsRqxvh/c1GiB/Ww8KqD9PYhj2euHCVCjyDfYLqrd3dXfSZiq
Ds13zHUa4rw+iepqCZHIPenxbUzyeLDwwsOGczipCOZleq/KrXRs1ZdLL5rYzc0r
mYNn9cDTu3kdRJg9VlNAgpnxnIm/htxWvHUDVZSAATWbiqZr1PAekVCdJQ==
-----END CERTIFICATE-----
Generated at Wed Mar 25 23:53:51 2026 by rpki-client