Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3233302e302f32342d3234203d3e203138313836.roa
File: 38352e3230392e3233302e302f32342d3234203d3e203138313836.roa (raw, json)
Hash identifier: wLYhvbcU/etiFzebOUkFMR3b0g4xeh82nSHNvUEIAsY=
Subject key identifier: 0E:1B:1B:47:96:48:12:CC:B7:AD:63:C4:94:BC:3C:BA:AC:A8:7E:7C
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 0BF8655E6586BAEA85215CB655C080746B17F1C0
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3233302e302f32342d3234203d3e203138313836.roa
Signing time: Tue 28 Apr 2026 12:47:07 +0000
ROA not before: Tue 28 Apr 2026 12:42:07 +0000
ROA not after: Tue 27 Apr 2027 12:47:07 +0000
asID: 18186
IP address blocks: 85.209.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 22:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:f8:65:5e:65:86:ba:ea:85:21:5c:b6:55:c0:80:74:6b:17:f1:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Apr 28 12:42:07 2026 GMT
Not After : Apr 27 12:47:07 2027 GMT
Subject: CN=0E1B1B47964812CCB7AD63C494BC3CBAACA87E7C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:6f:d4:0f:18:06:92:c5:15:b5:8f:72:40:ef:
be:ef:8a:71:54:8f:af:e4:15:3b:80:22:a3:cd:2b:
50:5b:e4:6c:9b:20:e3:66:67:d0:bf:2d:31:59:4c:
14:66:4d:73:bd:6b:13:d0:76:e0:83:4e:a8:52:33:
7f:7d:76:ce:6f:8a:00:6e:e2:53:ad:01:4c:a3:0a:
e7:01:66:dc:e6:7a:06:ce:a1:92:4f:ae:61:fd:34:
4c:66:ff:33:ab:99:4b:a9:94:45:94:24:72:d0:3c:
90:00:33:d6:4b:84:6a:c5:22:df:31:84:1b:9d:5a:
96:6f:10:6c:4b:6b:5b:75:b2:d8:3d:f6:a2:30:c0:
18:f7:4f:fc:6a:5e:b8:d3:8e:95:52:3d:94:25:a2:
7d:dc:ae:e8:0d:b7:a9:2f:13:4f:c9:0c:2c:0c:03:
31:de:a8:56:f6:72:ba:03:95:4a:83:8b:56:d3:9e:
cf:67:01:23:a1:9b:e2:62:b3:5b:75:d6:e8:69:d3:
38:cf:92:f9:c9:c6:df:8a:7d:24:67:7a:c2:46:69:
fa:90:52:0b:07:8a:92:6e:ce:13:78:3d:5b:28:ae:
d8:cd:65:50:bc:9d:b7:73:14:3a:61:4b:d8:06:79:
ef:67:e4:1b:68:ac:4a:b2:37:13:f1:d7:ed:69:73:
38:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:1B:1B:47:96:48:12:CC:B7:AD:63:C4:94:BC:3C:BA:AC:A8:7E:7C
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3233302e302f32342d3234203d3e203138313836.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.230.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:f0:b8:36:aa:bd:67:d5:81:3c:e9:61:e3:95:eb:fb:42:1e:
d6:ea:6c:43:70:8e:6e:bb:68:5d:55:de:fd:f9:d1:0e:3a:cf:
5d:65:19:9d:5f:25:3d:83:d6:ee:37:1f:02:39:13:4b:b0:b2:
86:42:86:d7:9c:ef:5c:0a:d6:3e:ed:79:0a:80:ae:35:ab:ca:
5f:66:a5:6b:e6:74:ae:6d:6c:b0:c4:94:12:4c:6d:d2:b7:cb:
82:e0:42:fb:0c:97:a9:87:8f:12:a0:b9:b2:a0:62:7a:a0:f7:
b7:b3:8f:74:dd:3c:25:1b:88:f2:ff:c4:69:50:17:e1:8f:57:
b1:02:26:67:6d:72:89:f9:a8:ff:03:84:ee:6b:1f:47:92:c9:
3d:13:0f:a9:9a:aa:37:1d:9c:b2:20:02:5d:7e:42:43:7e:80:
89:b0:df:a3:10:b6:3a:b1:eb:ea:76:aa:eb:0f:54:95:93:9f:
da:86:72:86:20:db:79:79:0b:7c:89:8c:eb:0d:d6:e9:87:29:
0b:a1:8e:b7:17:d5:33:83:d0:78:24:79:04:dc:b3:6f:9e:34:
dd:fa:e1:98:7b:a4:43:a9:1d:8d:ff:7a:9e:62:57:43:0c:9e:
60:8d:a7:f5:cd:dc:25:8c:ba:64:0d:fb:0e:7b:45:bf:22:1f:
fe:3b:a2:ee
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUC/hlXmWGuuqFIVy2VcCAdGsX8cAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNjA0MjgxMjQyMDdaFw0yNzA0MjcxMjQ3MDdaMDMxMTAvBgNV
BAMTKDBFMUIxQjQ3OTY0ODEyQ0NCN0FENjNDNDk0QkMzQ0JBQUNBODdFN0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdb9QPGAaSxRW1j3JA777vinFU
j6/kFTuAIqPNK1Bb5GybIONmZ9C/LTFZTBRmTXO9axPQduCDTqhSM399ds5vigBu
4lOtAUyjCucBZtzmegbOoZJPrmH9NExm/zOrmUuplEWUJHLQPJAAM9ZLhGrFIt8x
hBudWpZvEGxLa1t1stg99qIwwBj3T/xqXrjTjpVSPZQlon3crugNt6kvE0/JDCwM
AzHeqFb2croDlUqDi1bTns9nASOhm+Jis1t11uhp0zjPkvnJxt+KfSRnesJGafqQ
UgsHipJuzhN4PVsortjNZVC8nbdzFDphS9gGee9n5BtorEqyNxPx1+1pczjJAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUDhsbR5ZIEsy3rWPElLw8uqyofnwwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzgzNTJlMzIzMDM5MmUzMjMz
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM4MzEzODM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
VdHmMA0GCSqGSIb3DQEBCwUAA4IBAQAe8Lg2qr1n1YE86WHjlev7Qh7W6mxDcI5u
u2hdVd79+dEOOs9dZRmdXyU9g9buNx8CORNLsLKGQobXnO9cCtY+7XkKgK41q8pf
ZqVr5nSubWywxJQSTG3St8uC4EL7DJeph48SoLmyoGJ6oPe3s4903TwlG4jy/8Rp
UBfhj1exAiZnbXKJ+aj/A4Tuax9Hksk9Ew+pmqo3HZyyIAJdfkJDfoCJsN+jELY6
sevqdqrrD1SVk5/ahnKGINt5eQt8iYzrDdbphykLoY63F9Uzg9B4JHkE3LNvnjTd
+uGYe6RDqR2N/3qeYldDDJ5gjaf1zdwljLpkDfsOe0W/Ih/+O6Lu
-----END CERTIFICATE-----
Generated at Wed May 6 07:17:15 2026 by rpki-client