Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3234382e302f32342d3234203d3e203231383539.roa
File: 3138352e3231332e3234382e302f32342d3234203d3e203231383539.roa (raw, json)
Hash identifier: l5LzFYeAYRpBxI6rZTLSPCbjfPY+STOvzGpAtsNNCfk=
Subject key identifier: E8:46:36:9D:F7:3F:A2:96:00:AB:0E:60:36:33:C3:73:A6:75:D3:BF
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 5949A750E83619E5FE76B5190D8052C9CA7707
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3234382e302f32342d3234203d3e203231383539.roa
Signing time: Tue 17 Mar 2026 11:16:26 +0000
ROA not before: Tue 17 Mar 2026 11:11:26 +0000
ROA not after: Tue 16 Mar 2027 11:16:26 +0000
asID: 21859
IP address blocks: 185.213.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 07:19:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:49:a7:50:e8:36:19:e5:fe:76:b5:19:0d:80:52:c9:ca:77:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Mar 17 11:11:26 2026 GMT
Not After : Mar 16 11:16:26 2027 GMT
Subject: CN=E846369DF73FA29600AB0E603633C373A675D3BF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b4:f9:dd:23:7d:1a:42:90:75:7b:fb:92:bc:
74:83:b1:75:8a:cf:79:6d:c4:e8:45:b2:53:06:eb:
09:71:f0:83:41:64:02:05:49:f7:b6:39:8e:5d:b5:
3f:15:b1:b0:76:31:4f:e9:48:e9:df:45:a4:b0:e2:
36:78:d3:38:6f:fe:59:91:15:c4:8c:37:f7:1f:d4:
22:ea:0f:19:75:12:59:73:06:c2:46:c8:3f:53:28:
29:64:fb:61:cb:a6:97:f8:35:91:bb:48:95:f9:fd:
b7:0c:61:44:d8:74:a8:b7:dd:62:ab:97:03:5a:eb:
48:8c:5d:39:f3:b8:7e:e5:f7:54:1b:ca:b2:70:13:
57:d5:0e:6c:2c:56:9a:b0:b5:29:77:72:2e:eb:dc:
4a:da:e9:50:68:1a:41:87:cd:06:e2:d7:d1:65:15:
62:20:3e:83:cb:72:d5:52:df:c1:05:f7:47:8c:5e:
78:08:dc:28:cd:86:dd:3d:5d:4e:18:a0:51:4a:c0:
d6:b0:97:00:b8:bc:27:b8:9d:ed:76:96:17:a1:7d:
43:c3:01:7f:4f:ee:04:fd:34:2d:97:8f:27:42:ae:
ad:90:49:38:77:72:a2:07:0a:d8:a9:ac:d5:4d:38:
9d:a0:63:30:d4:fb:0c:cd:a8:08:93:43:de:97:6b:
b9:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:46:36:9D:F7:3F:A2:96:00:AB:0E:60:36:33:C3:73:A6:75:D3:BF
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3234382e302f32342d3234203d3e203231383539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.248.0/24
Signature Algorithm: sha256WithRSAEncryption
28:39:09:43:e6:f9:71:df:47:1e:88:ed:52:0a:1d:a0:a1:26:
cc:21:1a:c6:b1:e3:af:d6:bd:60:07:6b:ae:75:23:94:69:3d:
82:69:e8:5a:67:8d:eb:55:ba:2a:9a:51:d9:aa:bf:98:ec:a1:
59:e9:a2:30:86:52:21:23:60:99:94:02:e2:fb:5b:c4:9b:ca:
d3:e2:6a:2c:21:fd:a0:8d:56:3a:72:2f:c5:07:d9:05:35:08:
29:c9:13:13:fa:44:15:7b:ce:32:99:b2:b0:d4:dc:fb:62:f2:
2e:c2:c1:58:50:20:8f:63:1b:6a:73:0f:92:c5:ea:1e:0a:50:
15:ea:a6:dd:3e:28:29:69:1a:22:d5:f6:36:15:7f:a1:e6:ae:
ae:a6:1f:67:4f:f6:c2:1f:84:36:b4:0c:18:c9:4b:ec:26:81:
04:12:58:ed:72:1e:50:60:b4:0d:f1:2e:e0:9c:33:3c:53:e5:
d4:21:73:79:35:e9:03:de:e0:b4:ee:2d:e1:5a:b0:0b:08:bc:
93:27:d4:76:22:53:7b:ae:1d:6c:29:07:3f:dd:c7:9e:a2:b8:
8f:30:ec:59:de:a8:a0:c1:ba:68:42:b6:ac:2f:82:52:89:8f:
94:d4:7b:cd:54:5e:6a:66:d0:d8:f9:f8:fb:6c:92:48:55:b4:
43:dd:9d:0c
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgITWUmnUOg2GeX+drUZDYBSycp3BzANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEygwZDdmZmFlMzAwZGVmMDg3NmJmODQ4OTBmYjZlYTE3YmU4
NDFhNGQzMB4XDTI2MDMxNzExMTEyNloXDTI3MDMxNjExMTYyNlowMzExMC8GA1UE
AxMoRTg0NjM2OURGNzNGQTI5NjAwQUIwRTYwMzYzM0MzNzNBNjc1RDNCRjCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKa0+d0jfRpCkHV7+5K8dIOxdYrP
eW3E6EWyUwbrCXHwg0FkAgVJ97Y5jl21PxWxsHYxT+lI6d9FpLDiNnjTOG/+WZEV
xIw39x/UIuoPGXUSWXMGwkbIP1MoKWT7Ycuml/g1kbtIlfn9twxhRNh0qLfdYquX
A1rrSIxdOfO4fuX3VBvKsnATV9UObCxWmrC1KXdyLuvcStrpUGgaQYfNBuLX0WUV
YiA+g8ty1VLfwQX3R4xeeAjcKM2G3T1dThigUUrA1rCXALi8J7id7XaWF6F9Q8MB
f0/uBP00LZePJ0KurZBJOHdyogcK2Kms1U04naBjMNT7DM2oCJND3pdruacCAwEA
AaOCAj8wggI7MB0GA1UdDgQWBBToRjad9z+ilgCrDmA2M8NzpnXTvzAfBgNVHSME
GDAWgBQNf/rjAN7wh2v4SJD7bqF76EGk0zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5u
ZXQvcmVwb3NpdG9yeS84MTEzZGRhNi03YWRlLTQ0NWQtOGM2ZS00NDhhNzhlNDhj
YTEvMS8wRDdGRkFFMzAwREVGMDg3NkJGODQ4OTBGQjZFQTE3QkU4NDFBNEQzLmNy
bDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvRFhfNjR3RGU4SWRyLUVpUS0yNmhlLWhC
cE5NLmNlcjCBrwYIKwYBBQUHAQsEgaIwgZ8wgZwGCCsGAQUFBzALhoGPcnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84MTEzZGRhNi03
YWRlLTQ0NWQtOGM2ZS00NDhhNzhlNDhjYTEvMS8zMTM4MzUyZTMyMzEzMzJlMzIz
NDM4MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM4MzUzOS5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ALnV+DANBgkqhkiG9w0BAQsFAAOCAQEAKDkJQ+b5cd9HHojtUgodoKEmzCEaxrHj
r9a9YAdrrnUjlGk9gmnoWmeN61W6KppR2aq/mOyhWemiMIZSISNgmZQC4vtbxJvK
0+JqLCH9oI1WOnIvxQfZBTUIKckTE/pEFXvOMpmysNTc+2LyLsLBWFAgj2MbanMP
ksXqHgpQFeqm3T4oKWkaItX2NhV/oeaurqYfZ0/2wh+ENrQMGMlL7CaBBBJY7XIe
UGC0DfEu4JwzPFPl1CFzeTXpA97gtO4t4VqwCwi8kyfUdiJTe64dbCkHP93HnqK4
jzDsWd6ooMG6aEK2rC+CUomPlNR7zVReambQ2Pn4+2ySSFW0Q92dDA==
-----END CERTIFICATE-----
Generated at Sat Mar 21 20:34:29 2026 by rpki-client