Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3234382e302f32342d3234203d3e2037353336.roa
File: 3138352e3231332e3234382e302f32342d3234203d3e2037353336.roa (raw, json)
Hash identifier: 3Ow4dhqcQd/FeupsTtXE+3P69G/MvUe02J04AXHX428=
Subject key identifier: FC:A4:F5:09:83:AE:49:7F:DF:47:58:B4:51:FD:B6:7A:02:28:5B:70
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 2B9863333FDCF5FFDE4C4B8738CAC1D8925DC591
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3234382e302f32342d3234203d3e2037353336.roa
Signing time: Fri 13 Mar 2026 14:38:39 +0000
ROA not before: Fri 13 Mar 2026 14:33:39 +0000
ROA not after: Fri 12 Mar 2027 14:38:39 +0000
asID: 7536
IP address blocks: 185.213.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 07:19:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:98:63:33:3f:dc:f5:ff:de:4c:4b:87:38:ca:c1:d8:92:5d:c5:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Mar 13 14:33:39 2026 GMT
Not After : Mar 12 14:38:39 2027 GMT
Subject: CN=FCA4F50983AE497FDF4758B451FDB67A02285B70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:1e:c6:61:fc:cf:35:5e:c3:39:e1:aa:2a:59:
50:79:82:dd:25:71:8c:45:f2:10:6a:b3:f2:5b:25:
9e:f2:3e:5a:16:04:70:8b:65:c8:49:e8:1f:01:32:
c2:cf:1f:a0:14:e0:41:e9:79:44:72:f1:6b:3e:30:
d9:b6:7e:7e:b7:71:d9:a6:5e:e4:79:22:a3:1e:fe:
33:0e:a6:21:e8:94:74:f7:62:84:3d:9a:22:07:3e:
70:e2:d9:60:8e:31:cc:5d:12:e5:de:3e:2f:12:91:
df:db:a0:c0:c3:c9:44:cd:9c:f5:2d:c1:cc:17:96:
7b:cc:ca:93:a6:b4:bd:fe:de:13:0f:47:55:88:c6:
7f:84:fd:01:d8:30:21:a5:17:4b:37:a3:41:77:b2:
e8:e5:45:74:46:95:b2:8a:2d:25:98:77:ef:5a:c4:
01:cd:dc:35:9f:e3:ca:67:4c:a0:19:66:36:1a:57:
08:a6:a5:75:33:c5:04:46:47:9a:9f:6c:c7:fa:d0:
8b:35:45:9e:a4:e4:bd:47:18:af:cf:e3:3b:08:ad:
76:45:58:b7:26:4b:46:56:fe:29:da:dc:85:14:68:
8a:02:79:55:ea:6a:b8:02:38:06:f5:ea:c2:b7:dd:
f4:52:5e:0e:38:35:84:dd:a4:13:6e:e7:ee:c2:b1:
ba:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:A4:F5:09:83:AE:49:7F:DF:47:58:B4:51:FD:B6:7A:02:28:5B:70
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3234382e302f32342d3234203d3e2037353336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.248.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:8c:92:87:7d:be:7d:18:0e:d6:7b:64:f4:2c:94:be:e3:d4:
ce:ca:bc:03:8e:13:de:fe:84:27:d5:5a:56:9c:c0:24:ca:fd:
25:18:c8:c7:68:18:ec:f7:bb:b2:c6:1a:fc:45:36:5b:de:27:
c9:c6:d6:be:e2:bd:dd:dd:4f:3a:c5:e4:d9:8b:fe:e5:8a:18:
de:1a:c2:92:f9:d1:c7:32:50:0d:35:a5:26:5f:ef:67:c8:f5:
b6:1a:6e:76:ef:3b:3c:59:32:34:c9:12:21:f9:be:0f:0f:13:
c7:95:96:8c:a8:d9:e2:d8:75:7a:86:be:e5:91:a8:02:13:3b:
c3:04:2e:0d:66:59:d6:1a:0c:b8:b8:47:d6:0c:70:34:b6:3a:
d6:f5:2a:29:d4:11:ad:87:cd:c7:a3:c9:97:3a:3e:6f:4f:66:
66:80:e3:c1:5d:2d:1e:88:29:cb:9c:16:b0:3c:ef:1a:bd:e5:
56:b8:41:1b:e2:33:da:1a:82:20:4f:8b:0f:d3:2e:d3:57:d5:
4b:ff:a0:b0:34:6f:fe:6d:da:83:a7:19:56:5e:1d:f5:3e:24:
5e:8e:4e:c0:87:8e:b5:ea:7f:f0:c6:92:27:97:b0:bb:d1:8b:
0f:fa:3c:4f:2b:99:ec:fa:04:45:34:19:4a:77:2f:54:5a:a1:
1d:f4:37:c5
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUK5hjMz/c9f/eTEuHOMrB2JJdxZEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjAzMTMxNDMzMzlaFw0yNzAzMTIxNDM4MzlaMDMxMTAvBgNV
BAMTKEZDQTRGNTA5ODNBRTQ5N0ZERjQ3NThCNDUxRkRCNjdBMDIyODVCNzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHHsZh/M81XsM54aoqWVB5gt0l
cYxF8hBqs/JbJZ7yPloWBHCLZchJ6B8BMsLPH6AU4EHpeURy8Ws+MNm2fn63cdmm
XuR5IqMe/jMOpiHolHT3YoQ9miIHPnDi2WCOMcxdEuXePi8Skd/boMDDyUTNnPUt
wcwXlnvMypOmtL3+3hMPR1WIxn+E/QHYMCGlF0s3o0F3sujlRXRGlbKKLSWYd+9a
xAHN3DWf48pnTKAZZjYaVwimpXUzxQRGR5qfbMf60Is1RZ6k5L1HGK/P4zsIrXZF
WLcmS0ZW/ina3IUUaIoCeVXqargCOAb16sK33fRSXg44NYTdpBNu5+7CsbqxAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU/KT1CYOuSX/fR1i0Uf22egIoW3AwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzODM1MmUzMjMxMzMyZTMy
MzQzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM3MzUzMzM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
udX4MA0GCSqGSIb3DQEBCwUAA4IBAQAfjJKHfb59GA7We2T0LJS+49TOyrwDjhPe
/oQn1VpWnMAkyv0lGMjHaBjs97uyxhr8RTZb3ifJxta+4r3d3U86xeTZi/7lihje
GsKS+dHHMlANNaUmX+9nyPW2Gm527zs8WTI0yRIh+b4PDxPHlZaMqNni2HV6hr7l
kagCEzvDBC4NZlnWGgy4uEfWDHA0tjrW9Sop1BGth83Ho8mXOj5vT2ZmgOPBXS0e
iCnLnBawPO8aveVWuEEb4jPaGoIgT4sP0y7TV9VL/6CwNG/+bdqDpxlWXh31PiRe
jk7Ah4616n/wxpInl7C70YsP+jxPK5ns+gRFNBlKdy9UWqEd9DfF
-----END CERTIFICATE-----
Generated at Sat Mar 21 20:31:51 2026 by rpki-client