Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3138392e32372e302f32342d3234203d3e20323031303032.roa
File: 3138352e3138392e32372e302f32342d3234203d3e20323031303032.roa (raw, json)
Hash identifier: q2Zd9v8T3EzyPS5Z2Tg9aa9Wxddto2Gy+OVkv99nEDY=
Subject key identifier: 99:E7:78:7D:EA:10:19:9A:DB:68:71:EE:AB:D0:1A:35:88:58:E7:DB
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 23D75EB54FD0576E5022A8E1E0542FBF47CA10CA
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3138392e32372e302f32342d3234203d3e20323031303032.roa
Signing time: Sat 21 Mar 2026 08:00:37 +0000
ROA not before: Sat 21 Mar 2026 07:55:37 +0000
ROA not after: Sat 20 Mar 2027 08:00:37 +0000
asID: 201002
IP address blocks: 185.189.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:d7:5e:b5:4f:d0:57:6e:50:22:a8:e1:e0:54:2f:bf:47:ca:10:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Mar 21 07:55:37 2026 GMT
Not After : Mar 20 08:00:37 2027 GMT
Subject: CN=99E7787DEA10199ADB6871EEABD01A358858E7DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:62:79:b0:11:e5:6e:8c:8b:32:1b:66:f5:8a:
ba:a4:d7:02:06:12:0c:8d:87:5a:ed:86:0c:ed:fd:
b8:9c:cb:53:33:86:d4:7b:23:06:41:7f:81:5a:d9:
67:b2:f6:0e:f6:8c:af:4e:07:ab:17:09:f1:73:eb:
6e:7e:f4:7c:53:fa:28:c4:c8:61:62:98:4c:eb:db:
96:c4:e4:b6:8a:84:94:60:a8:d9:e9:6d:61:b0:9d:
37:6d:4d:c1:74:36:5f:cf:48:49:e6:67:83:94:8d:
88:b1:84:e4:ea:d4:ec:03:53:8c:3f:a3:12:01:33:
53:d0:9c:41:3e:5b:7d:14:8b:cc:f2:a8:c8:a7:64:
d0:46:8c:89:a0:47:b5:a1:25:59:85:77:26:9b:90:
15:fb:56:8f:eb:2f:21:5a:f9:54:78:2b:4f:8d:e4:
2c:bb:cf:84:cc:61:ca:e2:2f:e7:d8:fd:f8:20:31:
5b:c9:09:0f:d0:22:79:66:fa:db:d7:65:ca:7b:e3:
03:f5:5d:1e:f4:35:ae:79:10:bd:b3:f3:9e:d0:1c:
d1:97:1a:d0:ac:9c:81:c9:fc:17:b9:a5:c2:33:d6:
c3:39:e1:cc:be:32:dc:6d:6c:99:ca:8d:21:31:bb:
8d:00:07:6c:c4:a0:b1:c7:ef:23:85:80:72:84:68:
0e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:E7:78:7D:EA:10:19:9A:DB:68:71:EE:AB:D0:1A:35:88:58:E7:DB
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3138392e32372e302f32342d3234203d3e20323031303032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.27.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:1c:84:dc:4b:8f:17:c5:4a:42:4e:e5:d1:4c:36:ab:aa:78:
19:8a:bb:96:91:86:bf:cc:8b:3b:b2:11:da:1d:8f:09:ba:cf:
63:9c:b7:d6:23:f0:9b:8e:d1:b2:7b:ab:4e:6a:2f:64:f5:ca:
a1:44:f9:95:3a:da:a6:a4:6e:1a:ef:21:76:83:d8:cc:12:e5:
61:b2:c4:5f:78:9d:e5:ec:ba:91:f5:b7:be:7d:27:c6:27:c3:
2b:80:9f:d5:9c:d0:a1:2a:62:fc:46:74:6e:d6:1f:04:fc:9f:
a7:30:3f:4f:ba:f0:70:d0:5b:5a:46:f3:7b:a3:10:6d:02:43:
b2:26:02:29:8a:6e:28:23:25:31:a6:78:c6:b8:31:b8:3b:d6:
16:a3:47:09:80:47:e4:e6:b2:f2:71:03:c5:3c:6c:22:f3:21:
a5:6a:89:f9:88:83:5c:f3:a9:4b:df:a4:c1:47:26:c6:ea:e8:
af:6a:d6:4e:a3:38:e4:a8:5c:47:1c:ca:dd:ef:94:cb:ef:d4:
9c:d4:d6:a1:f0:cd:10:2c:77:65:c8:0c:7d:9d:1e:45:59:ff:
ee:3c:30:d9:a6:8b:e9:b3:0e:cf:c7:97:a9:17:1c:98:03:5b:
27:4f:bc:5f:08:d4:51:52:da:43:a3:39:37:9a:5e:60:e2:05:
4f:73:2a:f5
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUI9detU/QV25QIqjh4FQvv0fKEMowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNjAzMjEwNzU1MzdaFw0yNzAzMjAwODAwMzdaMDMxMTAvBgNV
BAMTKDk5RTc3ODdERUExMDE5OUFEQjY4NzFFRUFCRDAxQTM1ODg1OEU3REIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvYnmwEeVujIsyG2b1irqk1wIG
EgyNh1rthgzt/bicy1MzhtR7IwZBf4Fa2Wey9g72jK9OB6sXCfFz625+9HxT+ijE
yGFimEzr25bE5LaKhJRgqNnpbWGwnTdtTcF0Nl/PSEnmZ4OUjYixhOTq1OwDU4w/
oxIBM1PQnEE+W30Ui8zyqMinZNBGjImgR7WhJVmFdyabkBX7Vo/rLyFa+VR4K0+N
5Cy7z4TMYcriL+fY/fggMVvJCQ/QInlm+tvXZcp74wP1XR70Na55EL2z857QHNGX
GtCsnIHJ/Be5pcIz1sM54cy+MtxtbJnKjSExu40AB2zEoLHH7yOFgHKEaA5fAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUmed4feoQGZrbaHHuq9AaNYhY59swHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzODM1MmUzMTM4MzkyZTMy
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzEzMDMwMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5vRswDQYJKoZIhvcNAQELBQADggEBAKwchNxLjxfFSkJO5dFMNquqeBmKu5aR
hr/MizuyEdodjwm6z2Oct9Yj8JuO0bJ7q05qL2T1yqFE+ZU62qakbhrvIXaD2MwS
5WGyxF94neXsupH1t759J8YnwyuAn9Wc0KEqYvxGdG7WHwT8n6cwP0+68HDQW1pG
83ujEG0CQ7ImAimKbigjJTGmeMa4Mbg71hajRwmAR+TmsvJxA8U8bCLzIaVqifmI
g1zzqUvfpMFHJsbq6K9q1k6jOOSoXEccyt3vlMvv1JzU1qHwzRAsd2XIDH2dHkVZ
/+48MNmmi+mzDs/Hl6kXHJgDWydPvF8I1FFS2kOjOTeaXmDiBU9zKvU=
-----END CERTIFICATE-----
Generated at Wed Mar 25 23:53:52 2026 by rpki-client