Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/3138352e3130302e3231332e302f32342d3234203d3e20383334.roa
File: 3138352e3130302e3231332e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: qg9N4DC/0RDVCtl9Aj15MicxQoxQbCWUodUYSfwwgS8=
Subject key identifier: 96:B4:7B:7C:84:5D:9D:B0:6E:DA:51:94:0A:8A:09:E6:D8:38:BD:E4
Certificate issuer: /CN=aff6f26ea1f10da4a16cad9c7a6510856fbabb8d
Certificate serial: 7AAE5FBEE0B26BF25C4F8BEBAC531C232153D4BF
Authority key identifier: AF:F6:F2:6E:A1:F1:0D:A4:A1:6C:AD:9C:7A:65:10:85:6F:BA:BB:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_bybqHxDaShbK2cemUQhW-6u40.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/3138352e3130302e3231332e302f32342d3234203d3e20383334.roa
Signing time: Mon 20 Apr 2026 00:02:33 +0000
ROA not before: Sun 19 Apr 2026 23:57:33 +0000
ROA not after: Mon 19 Apr 2027 00:02:33 +0000
asID: 834
IP address blocks: 185.100.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/AFF6F26EA1F10DA4A16CAD9C7A6510856FBABB8D.crl
rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/AFF6F26EA1F10DA4A16CAD9C7A6510856FBABB8D.mft
rsync://rpki.ripe.net/repository/DEFAULT/r_bybqHxDaShbK2cemUQhW-6u40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 09:49:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:ae:5f:be:e0:b2:6b:f2:5c:4f:8b:eb:ac:53:1c:23:21:53:d4:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aff6f26ea1f10da4a16cad9c7a6510856fbabb8d
Validity
Not Before: Apr 19 23:57:33 2026 GMT
Not After : Apr 19 00:02:33 2027 GMT
Subject: CN=96B47B7C845D9DB06EDA51940A8A09E6D838BDE4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:f7:0f:44:10:58:2d:1e:6d:55:07:0d:c4:b9:
48:25:d3:b8:4e:00:77:cd:20:c4:7c:ea:60:15:39:
f9:10:1c:85:5f:d4:ad:1a:54:7c:b1:88:d5:3d:fe:
fd:07:20:20:81:64:35:74:b8:ce:ee:0b:b6:7e:1b:
cb:06:80:e1:40:be:77:7a:47:2c:d9:fb:cf:3b:6e:
bf:c6:1c:f0:57:0a:4c:1b:26:cc:28:dd:04:05:58:
a4:1c:d3:a1:76:2a:35:7e:f1:5a:39:7e:44:3c:43:
78:02:9b:ad:1d:ff:a0:02:78:16:61:58:a6:d3:12:
12:20:a8:a4:4f:40:1b:d6:c6:2a:f2:80:fb:24:93:
0a:62:5d:67:79:be:ad:e5:9f:1f:62:72:b0:1f:28:
51:d2:cc:84:1e:66:d5:79:25:e2:d0:78:af:b8:c2:
d1:e6:6f:6e:68:d2:66:51:bb:82:42:51:17:92:d8:
1b:79:1d:ea:e3:b7:40:8d:2f:bb:4b:81:1a:27:ca:
7f:26:49:c6:91:66:36:5c:ab:31:38:42:4b:c0:86:
c6:34:25:42:69:1d:fd:f9:f1:95:3a:c6:cd:f2:2d:
57:57:78:a3:60:32:e4:2c:f6:6e:20:c7:91:42:ee:
89:c7:52:71:05:d9:fa:d0:e7:6b:24:4f:25:f6:b7:
20:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:B4:7B:7C:84:5D:9D:B0:6E:DA:51:94:0A:8A:09:E6:D8:38:BD:E4
X509v3 Authority Key Identifier:
keyid:AF:F6:F2:6E:A1:F1:0D:A4:A1:6C:AD:9C:7A:65:10:85:6F:BA:BB:8D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/AFF6F26EA1F10DA4A16CAD9C7A6510856FBABB8D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_bybqHxDaShbK2cemUQhW-6u40.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/3138352e3130302e3231332e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.213.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:c7:6f:e8:32:38:89:57:1c:50:8f:de:f9:7c:29:50:b8:45:
2d:a6:3a:7e:95:6d:5e:b1:6e:82:a3:39:a3:1f:42:37:cf:5d:
18:0a:77:13:cf:4b:15:ea:d9:18:46:f3:20:aa:ae:2f:95:8a:
1d:ea:6e:e7:61:a1:ae:ac:b1:be:6c:fc:22:72:dd:3a:cf:40:
23:19:67:81:f1:2d:bb:fa:6d:97:e3:90:a8:5c:d2:e2:5a:16:
a6:2e:5f:c5:b5:ea:d5:cf:3f:20:34:9a:a0:0c:eb:22:42:07:
72:f1:46:84:05:21:a1:a3:36:54:c5:b9:a6:23:e5:b3:3c:2c:
d8:4b:f6:cd:77:f3:74:e1:32:e6:2f:b7:71:36:23:d7:85:29:
6e:d4:a3:8d:22:a9:7c:2e:0f:ea:7a:3b:56:76:d7:57:0b:c3:
0b:28:36:86:12:fb:20:fb:0f:c4:08:2e:55:cc:38:58:c3:ea:
67:46:ad:fd:8f:07:4b:45:29:77:46:7b:9c:a2:f7:7c:85:d7:
cd:c6:11:76:a9:9e:52:92:9a:c4:42:b0:02:49:92:c3:c0:92:
61:2c:b1:3f:3d:b5:4b:8a:fc:c2:85:e4:7a:30:43:06:e8:0b:
fa:06:15:29:f1:5e:f4:0c:d8:4f:28:88:c5:0e:bb:11:18:b5:
49:80:b0:00
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUeq5fvuCya/JcT4vrrFMcIyFT1L8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWZmNmYyNmVhMWYxMGRhNGExNmNhZDljN2E2NTEwODU2
ZmJhYmI4ZDAeFw0yNjA0MTkyMzU3MzNaFw0yNzA0MTkwMDAyMzNaMDMxMTAvBgNV
BAMTKDk2QjQ3QjdDODQ1RDlEQjA2RURBNTE5NDBBOEEwOUU2RDgzOEJERTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDa9w9EEFgtHm1VBw3EuUgl07hO
AHfNIMR86mAVOfkQHIVf1K0aVHyxiNU9/v0HICCBZDV0uM7uC7Z+G8sGgOFAvnd6
RyzZ+887br/GHPBXCkwbJswo3QQFWKQc06F2KjV+8Vo5fkQ8Q3gCm60d/6ACeBZh
WKbTEhIgqKRPQBvWxirygPskkwpiXWd5vq3lnx9icrAfKFHSzIQeZtV5JeLQeK+4
wtHmb25o0mZRu4JCUReS2Bt5Herjt0CNL7tLgRonyn8mScaRZjZcqzE4QkvAhsY0
JUJpHf358ZU6xs3yLVdXeKNgMuQs9m4gx5FC7onHUnEF2frQ52skTyX2tyBvAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUlrR7fIRdnbBu2lGUCooJ5tg4veQwHwYDVR0j
BBgwFoAUr/bybqHxDaShbK2cemUQhW+6u40wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWI5ZjU0OTctMmI5NS00YTQyLTgwZDAtNWM0MWY4MDdi
NjFmLzAvQUZGNkYyNkVBMUYxMERBNEExNkNBRDlDN0E2NTEwODU2RkJBQkI4RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3JfYnlicUh4RGFTaGJLMmNlbVVRaFct
NnU0MC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWI5ZjU0OTct
MmI5NS00YTQyLTgwZDAtNWM0MWY4MDdiNjFmLzAvMzEzODM1MmUzMTMwMzAyZTMy
MzEzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALlk
1TANBgkqhkiG9w0BAQsFAAOCAQEAW8dv6DI4iVccUI/e+XwpULhFLaY6fpVtXrFu
gqM5ox9CN89dGAp3E89LFerZGEbzIKquL5WKHepu52Ghrqyxvmz8InLdOs9AIxln
gfEtu/ptl+OQqFzS4loWpi5fxbXq1c8/IDSaoAzrIkIHcvFGhAUhoaM2VMW5piPl
szws2Ev2zXfzdOEy5i+3cTYj14UpbtSjjSKpfC4P6no7VnbXVwvDCyg2hhL7IPsP
xAguVcw4WMPqZ0at/Y8HS0Upd0Z7nKL3fIXXzcYRdqmeUpKaxEKwAkmSw8CSYSyx
Pz21S4r8woXkejBDBugL+gYVKfFe9AzYTyiIxQ67ERi1SYCwAA==
-----END CERTIFICATE-----
Generated at Wed May 6 01:11:52 2026 by rpki-client