Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/3138352e3130302e3231352e302f32342d3234203d3e20323735363430.roa
File: 3138352e3130302e3231352e302f32342d3234203d3e20323735363430.roa (raw, json)
Hash identifier: 5JehB1n8V/o3yJ6fLsWRJvgV0tLv9dHPsO+eeJ4vQy8=
Subject key identifier: C7:4B:CA:36:B6:6D:44:ED:25:E5:3D:EC:72:FD:3B:89:F3:7F:E7:46
Certificate issuer: /CN=aff6f26ea1f10da4a16cad9c7a6510856fbabb8d
Certificate serial: 09657E11F2902455D211CB748E5921D3AFFC6C0A
Authority key identifier: AF:F6:F2:6E:A1:F1:0D:A4:A1:6C:AD:9C:7A:65:10:85:6F:BA:BB:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_bybqHxDaShbK2cemUQhW-6u40.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/3138352e3130302e3231352e302f32342d3234203d3e20323735363430.roa
Signing time: Wed 11 Mar 2026 13:31:07 +0000
ROA not before: Wed 11 Mar 2026 13:26:07 +0000
ROA not after: Wed 10 Mar 2027 13:31:07 +0000
asID: 275640
IP address blocks: 185.100.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/AFF6F26EA1F10DA4A16CAD9C7A6510856FBABB8D.crl
rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/AFF6F26EA1F10DA4A16CAD9C7A6510856FBABB8D.mft
rsync://rpki.ripe.net/repository/DEFAULT/r_bybqHxDaShbK2cemUQhW-6u40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 02:18:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:65:7e:11:f2:90:24:55:d2:11:cb:74:8e:59:21:d3:af:fc:6c:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aff6f26ea1f10da4a16cad9c7a6510856fbabb8d
Validity
Not Before: Mar 11 13:26:07 2026 GMT
Not After : Mar 10 13:31:07 2027 GMT
Subject: CN=C74BCA36B66D44ED25E53DEC72FD3B89F37FE746
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ba:aa:dc:94:2b:c6:b1:c7:ac:59:1a:ad:85:
cc:49:24:11:ff:1b:ff:89:bf:58:ec:19:cf:00:4c:
a7:f6:d5:e9:c1:af:81:ee:5f:79:58:2f:f4:55:92:
cb:73:98:05:ac:92:2a:cd:93:12:1c:56:55:8e:83:
dd:8e:2d:ff:ba:cf:3d:85:4c:02:5d:f0:d7:bc:63:
3e:51:b4:6d:44:8e:a6:15:87:8e:ec:05:e0:22:d9:
51:4e:56:31:46:60:7b:0f:f7:6b:10:20:74:80:d3:
3c:e8:43:2a:0e:d6:d9:d6:ee:3d:6b:26:ce:41:13:
55:99:a9:e5:67:57:a0:db:9c:4e:50:41:0b:3c:8c:
02:ba:9a:9c:b4:e0:91:f1:53:5f:d8:6f:e0:cf:e7:
71:d0:74:c5:53:43:4d:b2:1f:94:ac:75:09:3d:3c:
5a:43:b2:c1:d6:f4:1f:b3:10:b1:12:56:f7:c5:1d:
54:bf:33:eb:6c:d0:5a:72:8c:f3:4a:55:94:d6:73:
0f:1b:a4:ef:04:5a:c0:14:7d:c9:fe:72:b8:26:b0:
04:f3:75:16:e9:ae:92:79:7c:00:ac:10:59:55:55:
a9:7b:21:7f:dd:9d:5a:96:3c:d9:fa:06:3b:d8:1c:
c7:1a:99:41:3d:b8:47:ac:9c:7c:f5:e2:9c:d3:1a:
56:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:4B:CA:36:B6:6D:44:ED:25:E5:3D:EC:72:FD:3B:89:F3:7F:E7:46
X509v3 Authority Key Identifier:
keyid:AF:F6:F2:6E:A1:F1:0D:A4:A1:6C:AD:9C:7A:65:10:85:6F:BA:BB:8D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/AFF6F26EA1F10DA4A16CAD9C7A6510856FBABB8D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_bybqHxDaShbK2cemUQhW-6u40.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/3138352e3130302e3231352e302f32342d3234203d3e20323735363430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.215.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:7c:57:5c:b4:66:4e:72:6e:84:db:e4:7f:60:4f:b2:7e:99:
55:2a:6c:f7:26:8f:d9:3f:d4:c1:08:af:da:49:1a:93:38:ca:
8a:d1:04:5b:50:51:3f:2b:be:37:a1:ca:f5:6d:3d:0f:db:71:
45:68:f4:2c:74:11:01:16:b7:e4:a8:34:df:55:cd:b5:7e:bb:
d2:f7:9c:e8:02:a4:1a:68:00:6e:4a:b7:18:3f:2e:d3:97:19:
6c:24:e7:9d:35:16:f5:3f:a5:e9:e7:64:bd:01:59:68:0e:a9:
f7:5f:33:59:15:c9:97:45:b4:a7:94:42:58:b3:e2:11:5f:2e:
da:86:ea:7f:7a:9c:4c:5c:22:a0:55:90:a9:a1:28:ac:65:77:
bd:e0:7e:3c:09:51:43:6d:aa:82:67:e5:35:94:bd:49:99:8c:
12:79:36:35:6f:87:c1:54:63:69:10:f6:50:24:d7:44:95:bf:
94:b4:f4:93:fd:1b:69:af:24:d4:44:c2:cb:54:8c:d2:ee:f8:
77:aa:e9:b2:1a:9d:70:01:fc:50:95:c2:a5:5d:d0:df:f1:d9:
03:14:0b:dd:01:6a:2a:54:e6:95:cd:55:84:db:2c:7d:67:80:
7e:62:f8:21:d7:b4:68:e5:53:f2:ef:e4:7f:ce:98:85:74:95:
d3:00:c6:ec
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUCWV+EfKQJFXSEct0jlkh06/8bAowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWZmNmYyNmVhMWYxMGRhNGExNmNhZDljN2E2NTEwODU2
ZmJhYmI4ZDAeFw0yNjAzMTExMzI2MDdaFw0yNzAzMTAxMzMxMDdaMDMxMTAvBgNV
BAMTKEM3NEJDQTM2QjY2RDQ0RUQyNUU1M0RFQzcyRkQzQjg5RjM3RkU3NDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbuqrclCvGscesWRqthcxJJBH/
G/+Jv1jsGc8ATKf21enBr4HuX3lYL/RVkstzmAWskirNkxIcVlWOg92OLf+6zz2F
TAJd8Ne8Yz5RtG1EjqYVh47sBeAi2VFOVjFGYHsP92sQIHSA0zzoQyoO1tnW7j1r
Js5BE1WZqeVnV6DbnE5QQQs8jAK6mpy04JHxU1/Yb+DP53HQdMVTQ02yH5SsdQk9
PFpDssHW9B+zELESVvfFHVS/M+ts0FpyjPNKVZTWcw8bpO8EWsAUfcn+crgmsATz
dRbprpJ5fACsEFlVVal7IX/dnVqWPNn6BjvYHMcamUE9uEesnHz14pzTGla/AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUx0vKNrZtRO0l5T3scv07ifN/50YwHwYDVR0j
BBgwFoAUr/bybqHxDaShbK2cemUQhW+6u40wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWI5ZjU0OTctMmI5NS00YTQyLTgwZDAtNWM0MWY4MDdi
NjFmLzAvQUZGNkYyNkVBMUYxMERBNEExNkNBRDlDN0E2NTEwODU2RkJBQkI4RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3JfYnlicUh4RGFTaGJLMmNlbVVRaFct
NnU0MC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWI5ZjU0OTct
MmI5NS00YTQyLTgwZDAtNWM0MWY4MDdiNjFmLzAvMzEzODM1MmUzMTMwMzAyZTMy
MzEzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzczNTM2MzQzMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALlk1zANBgkqhkiG9w0BAQsFAAOCAQEADnxXXLRmTnJuhNvkf2BPsn6ZVSps
9yaP2T/UwQiv2kkakzjKitEEW1BRPyu+N6HK9W09D9txRWj0LHQRARa35Kg031XN
tX670vec6AKkGmgAbkq3GD8u05cZbCTnnTUW9T+l6edkvQFZaA6p918zWRXJl0W0
p5RCWLPiEV8u2obqf3qcTFwioFWQqaEorGV3veB+PAlRQ22qgmflNZS9SZmMEnk2
NW+HwVRjaRD2UCTXRJW/lLT0k/0baa8k1ETCy1SM0u74d6rpshqdcAH8UJXCpV3Q
3/HZAxQL3QFqKlTmlc1VhNssfWeAfmL4Ide0aOVT8u/kf86YhXSV0wDG7A==
-----END CERTIFICATE-----
Generated at Sat Mar 21 09:34:08 2026 by rpki-client