Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/3138352e3231302e3136382e302f32332d3234203d3e20383334.roa
File: 3138352e3231302e3136382e302f32332d3234203d3e20383334.roa (raw, json)
Hash identifier: RQ/uL8UsJ/ViPU4JJGAxzpaVoEtQcBg901fUm5gCIec=
Subject key identifier: C0:AA:6C:45:1E:0B:53:99:3E:48:2A:45:5C:4D:8F:21:E0:D1:75:DB
Certificate issuer: /CN=22bfd4e021547d030ac10b0213535d4c6968eede
Certificate serial: 0CA3B26EEAC49848D9C335B2D7B885CB0854383F
Authority key identifier: 22:BF:D4:E0:21:54:7D:03:0A:C1:0B:02:13:53:5D:4C:69:68:EE:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/3138352e3231302e3136382e302f32332d3234203d3e20383334.roa
Signing time: Mon 02 Mar 2026 11:38:36 +0000
ROA not before: Mon 02 Mar 2026 11:33:36 +0000
ROA not after: Mon 01 Mar 2027 11:38:36 +0000
asID: 834
IP address blocks: 185.210.168.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.crl
rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 16:05:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:a3:b2:6e:ea:c4:98:48:d9:c3:35:b2:d7:b8:85:cb:08:54:38:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22bfd4e021547d030ac10b0213535d4c6968eede
Validity
Not Before: Mar 2 11:33:36 2026 GMT
Not After : Mar 1 11:38:36 2027 GMT
Subject: CN=C0AA6C451E0B53993E482A455C4D8F21E0D175DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ac:91:6c:6f:60:be:91:c8:82:ab:01:fb:d3:
e3:c0:fb:03:c8:23:e8:09:10:ba:1d:27:c2:4d:e0:
e1:b3:65:85:77:73:93:79:5c:74:22:76:b7:fb:f0:
f5:20:76:32:13:e9:8a:82:69:ca:04:c6:74:d7:ac:
9b:ad:39:f3:e1:49:5e:44:52:c9:18:ee:d8:36:3c:
e4:ab:02:7e:54:cf:c1:e5:ab:7f:b9:8f:16:b2:3e:
7a:2d:e9:2e:9f:6d:17:04:bc:95:f2:31:12:d7:d6:
db:35:dc:0c:ed:fd:30:a8:e2:5f:69:c6:c3:b3:63:
37:74:5f:88:32:39:4a:21:50:41:5f:3e:d1:5d:8d:
63:ca:f6:89:f2:4a:58:82:20:9c:f1:11:fe:59:b5:
c5:62:e5:92:1a:d9:f6:e2:17:2b:6e:f0:a1:c5:18:
85:7e:be:d6:2a:fc:1f:dd:35:bc:b0:d6:4f:41:2a:
69:9e:9f:e1:d0:f1:92:1a:8a:de:a4:99:66:d3:10:
34:5c:af:4d:87:11:3e:18:5c:50:a7:b2:de:a7:d8:
e6:1a:94:5f:a6:42:b9:6d:05:b5:fe:0d:e7:93:08:
ff:d9:93:83:c4:59:2f:bd:b0:b9:5f:25:fb:7b:4f:
c8:e5:9d:06:e0:44:5e:5a:8f:88:f5:44:27:b6:29:
3e:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:AA:6C:45:1E:0B:53:99:3E:48:2A:45:5C:4D:8F:21:E0:D1:75:DB
X509v3 Authority Key Identifier:
keyid:22:BF:D4:E0:21:54:7D:03:0A:C1:0B:02:13:53:5D:4C:69:68:EE:DE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/3138352e3231302e3136382e302f32332d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.168.0/23
Signature Algorithm: sha256WithRSAEncryption
78:b4:ef:5d:5c:9d:5a:04:59:dd:a3:0f:f5:9d:68:d7:d7:5a:
0c:b3:c5:9d:e2:a5:4b:a3:77:70:5f:02:8a:27:4b:4d:2e:d3:
09:c2:24:2c:ff:06:24:5f:f9:2b:d2:cb:14:02:0a:2c:17:b9:
e7:d8:79:30:66:61:3f:b7:e5:dd:48:eb:16:1b:b6:87:da:bf:
06:47:ad:83:a9:5c:14:12:bf:bb:db:83:9b:04:56:e0:6f:9d:
5a:08:cf:a8:5e:d1:2a:d6:d1:47:7a:fa:48:6e:09:7c:cc:a1:
db:f2:6c:0e:d8:d9:c9:aa:4d:97:30:1a:81:8b:4d:6f:6f:1d:
3b:c3:84:77:65:81:2b:65:95:ca:ca:b5:af:c0:e8:9e:5e:11:
dc:28:d0:a6:b5:ef:91:a4:17:a0:4c:d4:39:40:7c:d1:67:67:
02:4c:41:39:dc:41:4c:00:df:4a:c0:8f:78:85:c3:a6:15:8f:
44:c5:7e:f6:6d:16:e9:70:33:d3:e3:68:bc:0b:b0:a3:1b:5d:
e6:5d:d0:5d:d4:b5:27:d9:c9:3b:5c:85:e1:36:c4:26:4d:80:
26:e3:93:86:d2:ae:2b:cc:45:ae:9a:05:5c:d1:6c:28:4a:8d:
71:8e:47:97:45:f7:51:0b:c5:db:87:ad:31:84:a6:2e:05:c9:
a7:c9:6a:b1
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUDKOyburEmEjZwzWy17iFywhUOD8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjJiZmQ0ZTAyMTU0N2QwMzBhYzEwYjAyMTM1MzVkNGM2
OTY4ZWVkZTAeFw0yNjAzMDIxMTMzMzZaFw0yNzAzMDExMTM4MzZaMDMxMTAvBgNV
BAMTKEMwQUE2QzQ1MUUwQjUzOTkzRTQ4MkE0NTVDNEQ4RjIxRTBEMTc1REIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7rJFsb2C+kciCqwH70+PA+wPI
I+gJELodJ8JN4OGzZYV3c5N5XHQidrf78PUgdjIT6YqCacoExnTXrJutOfPhSV5E
UskY7tg2POSrAn5Uz8Hlq3+5jxayPnot6S6fbRcEvJXyMRLX1ts13Azt/TCo4l9p
xsOzYzd0X4gyOUohUEFfPtFdjWPK9onySliCIJzxEf5ZtcVi5ZIa2fbiFytu8KHF
GIV+vtYq/B/dNbyw1k9BKmmen+HQ8ZIait6kmWbTEDRcr02HET4YXFCnst6n2OYa
lF+mQrltBbX+DeeTCP/Zk4PEWS+9sLlfJft7T8jlnQbgRF5aj4j1RCe2KT7pAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUwKpsRR4LU5k+SCpFXE2PIeDRddswHwYDVR0j
BBgwFoAUIr/U4CFUfQMKwQsCE1NdTGlo7t4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNhYWNkMTctYmY5ZC00N2RiLTg2NGQtZjljN2MyYmUx
ODNhLzAvMjJCRkQ0RTAyMTU0N0QwMzBBQzEwQjAyMTM1MzVENEM2OTY4RUVERS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lyX1U0Q0ZVZlFNS3dRc0NFMU5kVEds
bzd0NC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjNhYWNkMTct
YmY5ZC00N2RiLTg2NGQtZjljN2MyYmUxODNhLzAvMzEzODM1MmUzMjMxMzAyZTMx
MzYzODJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbnS
qDANBgkqhkiG9w0BAQsFAAOCAQEAeLTvXVydWgRZ3aMP9Z1o19daDLPFneKlS6N3
cF8CiidLTS7TCcIkLP8GJF/5K9LLFAIKLBe559h5MGZhP7fl3UjrFhu2h9q/Bket
g6lcFBK/u9uDmwRW4G+dWgjPqF7RKtbRR3r6SG4JfMyh2/JsDtjZyapNlzAagYtN
b28dO8OEd2WBK2WVysq1r8Donl4R3CjQprXvkaQXoEzUOUB80WdnAkxBOdxBTADf
SsCPeIXDphWPRMV+9m0W6XAz0+NovAuwoxtd5l3QXdS1J9nJO1yF4TbEJk2AJuOT
htKuK8xFrpoFXNFsKEqNcY5Hl0X3UQvF24etMYSmLgXJp8lqsQ==
-----END CERTIFICATE-----
Generated at Thu Mar 5 23:32:41 2026 by rpki-client