Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/3138352e3139302e3232382e302f32332d3234203d3e203634323637.roa
File: 3138352e3139302e3232382e302f32332d3234203d3e203634323637.roa (raw, json)
Hash identifier: 2kT+9B/A73HgiDRsVM67yiwhxTHl0CNzJa5JlwqD97w=
Subject key identifier: C7:3D:EF:42:CC:D5:68:11:12:4C:43:96:5E:88:20:D5:71:C9:FD:09
Certificate issuer: /CN=78d65d4a22df705beed7b3432fbe48a356597724
Certificate serial: 65BD876B2B8FB0809324812307158488185A44FC
Authority key identifier: 78:D6:5D:4A:22:DF:70:5B:EE:D7:B3:43:2F:BE:48:A3:56:59:77:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eNZdSiLfcFvu17NDL75Io1ZZdyQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/3138352e3139302e3232382e302f32332d3234203d3e203634323637.roa
Signing time: Thu 12 Feb 2026 14:39:26 +0000
ROA not before: Thu 12 Feb 2026 14:34:26 +0000
ROA not after: Thu 11 Feb 2027 14:39:26 +0000
asID: 64267
IP address blocks: 185.190.228.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/78D65D4A22DF705BEED7B3432FBE48A356597724.crl
rsync://rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/78D65D4A22DF705BEED7B3432FBE48A356597724.mft
rsync://rpki.ripe.net/repository/DEFAULT/eNZdSiLfcFvu17NDL75Io1ZZdyQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Feb 2026 06:35:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:bd:87:6b:2b:8f:b0:80:93:24:81:23:07:15:84:88:18:5a:44:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78d65d4a22df705beed7b3432fbe48a356597724
Validity
Not Before: Feb 12 14:34:26 2026 GMT
Not After : Feb 11 14:39:26 2027 GMT
Subject: CN=C73DEF42CCD56811124C43965E8820D571C9FD09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:9c:1f:35:ce:72:98:40:da:05:7a:d5:dc:f4:
4b:b4:b4:ae:09:0e:08:dc:4c:cb:b0:49:6c:4e:93:
16:1b:b4:78:46:82:84:96:45:74:53:76:26:61:1c:
72:94:36:3c:ca:d5:cd:e3:5c:fa:a1:6a:84:04:75:
7c:f1:c8:68:ae:78:93:fc:f9:49:92:c2:d2:92:4d:
7e:da:46:35:4d:2c:58:c3:b5:7e:d5:46:12:5a:d4:
0a:ea:93:8c:03:f2:f7:b9:95:fc:aa:7a:ce:f4:2f:
07:3d:8a:3a:fe:d2:3f:e6:49:2e:78:58:ed:b7:38:
c0:8f:8c:46:dc:d7:2d:1f:a8:03:c0:d1:7d:2a:9f:
17:08:2b:17:80:4c:f9:43:de:e8:f6:58:5d:0b:ee:
69:14:4f:fc:68:d8:1c:0d:23:db:59:3b:ae:3b:d4:
57:ba:3a:3b:45:2a:b5:7f:13:f6:b6:78:67:0a:c3:
64:35:ad:66:85:0f:22:e1:74:65:cc:4d:0d:21:cd:
d6:16:6d:4c:2c:b7:b9:15:44:32:8c:0b:07:41:c8:
0a:11:2c:ae:32:dd:6a:6b:c8:ce:db:55:c4:3d:5b:
e1:5c:80:ff:84:fa:1b:61:41:e8:b9:83:31:91:cd:
4d:94:b3:e3:76:ba:b1:37:21:e4:c3:9b:79:e9:8d:
3c:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:3D:EF:42:CC:D5:68:11:12:4C:43:96:5E:88:20:D5:71:C9:FD:09
X509v3 Authority Key Identifier:
keyid:78:D6:5D:4A:22:DF:70:5B:EE:D7:B3:43:2F:BE:48:A3:56:59:77:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/78D65D4A22DF705BEED7B3432FBE48A356597724.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eNZdSiLfcFvu17NDL75Io1ZZdyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/3138352e3139302e3232382e302f32332d3234203d3e203634323637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.228.0/23
Signature Algorithm: sha256WithRSAEncryption
39:48:32:66:f8:53:44:a1:34:70:2b:f9:c2:66:ee:fd:b6:73:
ec:43:16:f7:dc:ae:c9:f6:3d:62:2d:8a:2d:b1:6b:e3:d0:0b:
15:c7:ff:46:0f:4f:53:64:bd:3f:ba:22:75:17:08:b6:c1:50:
e6:59:6a:cd:05:5a:02:44:3f:e7:cb:e8:9c:98:34:32:b3:66:
70:6f:42:f8:6f:fe:68:e1:5a:50:be:91:c1:35:2f:ab:80:aa:
1d:df:ff:35:ff:0e:e6:2a:56:71:23:f6:f9:79:87:08:fb:d1:
fc:d2:17:dd:ed:79:01:23:8e:ac:cd:63:72:80:6b:99:49:2f:
c0:07:ff:72:af:c8:a9:e5:d3:2c:37:70:72:42:64:fd:ce:ba:
02:3a:35:b8:67:bf:31:06:d2:16:52:15:47:42:2a:52:34:3d:
6a:c1:03:9c:ac:43:81:c5:43:01:6b:80:e5:e9:ff:f8:03:51:
6f:01:1f:cd:8d:e2:ac:62:3d:66:a5:30:cd:ec:7e:62:64:64:
dc:b6:07:c5:c2:d3:6c:dc:9e:a6:a4:41:c3:e1:04:93:9c:63:
44:5f:93:1d:cd:31:ad:c4:cf:b6:39:3f:67:13:60:6f:01:37:
06:a9:1c:74:c8:ef:85:6a:e3:a1:69:dd:10:86:9a:94:5b:86:
c9:fb:13:01
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZb2HayuPsICTJIEjBxWEiBhaRPwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzhkNjVkNGEyMmRmNzA1YmVlZDdiMzQzMmZiZTQ4YTM1
NjU5NzcyNDAeFw0yNjAyMTIxNDM0MjZaFw0yNzAyMTExNDM5MjZaMDMxMTAvBgNV
BAMTKEM3M0RFRjQyQ0NENTY4MTExMjRDNDM5NjVFODgyMEQ1NzFDOUZEMDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/nB81znKYQNoFetXc9Eu0tK4J
DgjcTMuwSWxOkxYbtHhGgoSWRXRTdiZhHHKUNjzK1c3jXPqhaoQEdXzxyGiueJP8
+UmSwtKSTX7aRjVNLFjDtX7VRhJa1Arqk4wD8ve5lfyqes70Lwc9ijr+0j/mSS54
WO23OMCPjEbc1y0fqAPA0X0qnxcIKxeATPlD3uj2WF0L7mkUT/xo2BwNI9tZO647
1Fe6OjtFKrV/E/a2eGcKw2Q1rWaFDyLhdGXMTQ0hzdYWbUwst7kVRDKMCwdByAoR
LK4y3WpryM7bVcQ9W+FcgP+E+hthQei5gzGRzU2Us+N2urE3IeTDm3npjTx/AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUxz3vQszVaBESTEOWXogg1XHJ/QkwHwYDVR0j
BBgwFoAUeNZdSiLfcFvu17NDL75Io1ZZdyQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNWFkMTUtYWYwYi00NWNkLWI4ODMtMWEwNThmYTBl
YmExLzAvNzhENjVENEEyMkRGNzA1QkVFRDdCMzQzMkZCRTQ4QTM1NjU5NzcyNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2VOWmRTaUxmY0Z2dTE3TkRMNzVJbzFa
WmR5US5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNWFkMTUt
YWYwYi00NWNkLWI4ODMtMWEwNThmYTBlYmExLzAvMzEzODM1MmUzMTM5MzAyZTMy
MzIzODJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDM2MzQzMjM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG5vuQwDQYJKoZIhvcNAQELBQADggEBADlIMmb4U0ShNHAr+cJm7v22c+xDFvfc
rsn2PWItii2xa+PQCxXH/0YPT1NkvT+6InUXCLbBUOZZas0FWgJEP+fL6JyYNDKz
ZnBvQvhv/mjhWlC+kcE1L6uAqh3f/zX/DuYqVnEj9vl5hwj70fzSF93teQEjjqzN
Y3KAa5lJL8AH/3KvyKnl0yw3cHJCZP3OugI6NbhnvzEG0hZSFUdCKlI0PWrBA5ys
Q4HFQwFrgOXp//gDUW8BH82N4qxiPWalMM3sfmJkZNy2B8XC02zcnqakQcPhBJOc
Y0Rfkx3NMa3Ez7Y5P2cTYG8BNwapHHTI74Vq46Fp3RCGmpRbhsn7EwE=
-----END CERTIFICATE-----
Generated at Sat Feb 21 18:56:28 2026 by rpki-client