Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/3138352e3133392e32342e302f32342d3234203d3e20313335343032.roa
File: 3138352e3133392e32342e302f32342d3234203d3e20313335343032.roa (raw, json)
Hash identifier: qKHEKx89oxWc70oRy2IjWEei68E1D0x94OSjCYQdN3g=
Subject key identifier: 4E:2A:83:28:CA:EC:73:B9:47:3B:A2:0D:01:43:E8:AA:77:4F:FA:78
Certificate issuer: /CN=aff6f26ea1f10da4a16cad9c7a6510856fbabb8d
Certificate serial: 75F5F8DA412B88FC4799CF7037B542A80181C923
Authority key identifier: AF:F6:F2:6E:A1:F1:0D:A4:A1:6C:AD:9C:7A:65:10:85:6F:BA:BB:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_bybqHxDaShbK2cemUQhW-6u40.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/3138352e3133392e32342e302f32342d3234203d3e20313335343032.roa
Signing time: Thu 19 Mar 2026 01:20:33 +0000
ROA not before: Thu 19 Mar 2026 01:15:33 +0000
ROA not after: Thu 18 Mar 2027 01:20:33 +0000
asID: 135402
IP address blocks: 185.139.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/AFF6F26EA1F10DA4A16CAD9C7A6510856FBABB8D.crl
rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/AFF6F26EA1F10DA4A16CAD9C7A6510856FBABB8D.mft
rsync://rpki.ripe.net/repository/DEFAULT/r_bybqHxDaShbK2cemUQhW-6u40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 02:18:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:f5:f8:da:41:2b:88:fc:47:99:cf:70:37:b5:42:a8:01:81:c9:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aff6f26ea1f10da4a16cad9c7a6510856fbabb8d
Validity
Not Before: Mar 19 01:15:33 2026 GMT
Not After : Mar 18 01:20:33 2027 GMT
Subject: CN=4E2A8328CAEC73B9473BA20D0143E8AA774FFA78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ea:94:71:8c:b1:94:88:23:2f:a1:83:c5:76:
82:99:66:55:4f:86:ef:7b:5e:8b:bf:b8:c9:92:41:
17:38:22:2a:5f:93:e5:a7:a3:f7:9d:72:04:e7:ad:
50:05:0f:d6:04:86:70:e6:db:89:4b:70:0c:98:eb:
21:8a:67:48:b1:32:58:36:7a:57:44:ca:31:76:69:
72:c0:43:65:61:b5:df:92:2f:80:81:57:d7:1d:fe:
54:88:0f:a9:f1:83:c6:46:44:5d:fa:83:50:87:0f:
c2:c1:35:2b:b4:55:3d:cf:cc:7c:e7:62:65:86:73:
83:85:8f:f2:4a:58:aa:e1:bb:9e:c4:3e:ad:e7:f6:
21:77:96:21:b2:36:b2:c1:df:1f:c6:67:8a:ef:0d:
8d:2d:91:59:fa:e0:0f:c0:a3:22:50:84:e2:55:89:
be:a2:05:82:f1:00:a3:d1:e8:3d:04:9b:42:0a:dd:
c4:ba:8e:53:47:ec:b5:3e:3a:b4:5e:18:df:20:99:
b7:6c:b3:52:5b:95:6c:fa:fc:4a:1b:d1:5b:ed:14:
8d:0b:2b:ed:a3:ac:75:4a:d2:b9:b3:40:61:33:af:
1f:a8:6b:64:40:ec:a5:66:9a:01:4a:71:8d:4a:4f:
06:21:8c:27:1c:1c:ac:72:cb:e7:e8:8a:6a:b7:af:
e2:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:2A:83:28:CA:EC:73:B9:47:3B:A2:0D:01:43:E8:AA:77:4F:FA:78
X509v3 Authority Key Identifier:
keyid:AF:F6:F2:6E:A1:F1:0D:A4:A1:6C:AD:9C:7A:65:10:85:6F:BA:BB:8D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/AFF6F26EA1F10DA4A16CAD9C7A6510856FBABB8D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_bybqHxDaShbK2cemUQhW-6u40.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/3138352e3133392e32342e302f32342d3234203d3e20313335343032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.139.24.0/24
Signature Algorithm: sha256WithRSAEncryption
85:17:1b:cb:58:34:29:82:16:a3:b3:b4:84:b6:9e:2a:c2:ee:
4f:9a:8b:36:a9:85:fc:2f:bf:c4:ab:b5:18:b4:65:0c:d9:2e:
4a:70:66:cb:ee:97:18:7f:a0:89:d4:30:77:db:21:e2:42:6a:
fb:ce:08:0a:f7:e6:5d:c0:c6:33:d9:47:b2:ad:ea:36:80:9f:
d4:15:22:4b:ca:58:72:a3:4b:08:81:2d:37:88:fe:5a:39:f8:
b0:41:c5:9d:75:c5:c5:ad:e5:7c:09:41:ab:03:83:e1:fc:cd:
12:e7:96:44:11:ff:94:3e:ea:64:49:c3:5d:8d:3c:d0:5b:ac:
c1:3f:5f:47:56:9c:ff:32:ee:f2:ec:71:1a:cf:c1:00:9c:71:
29:ab:3c:3f:2d:6d:e7:de:13:05:7f:0d:d7:56:19:3b:aa:23:
67:ce:db:db:cc:b2:ed:a8:53:17:35:d2:96:de:02:7d:7f:22:
f9:a2:86:2b:cd:41:42:e2:60:1b:2a:25:a6:25:6e:39:53:c3:
28:e6:88:39:da:aa:34:8b:10:ed:10:51:ee:e6:ab:60:82:f4:
cc:3d:8f:fe:19:b1:1c:37:e0:a0:75:1c:ec:dc:d6:a7:2f:fe:
86:b3:49:c0:bd:a2:d4:65:6e:33:0d:0b:4b:30:b3:bc:55:98:
57:ed:c3:f6
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUdfX42kEriPxHmc9wN7VCqAGBySMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWZmNmYyNmVhMWYxMGRhNGExNmNhZDljN2E2NTEwODU2
ZmJhYmI4ZDAeFw0yNjAzMTkwMTE1MzNaFw0yNzAzMTgwMTIwMzNaMDMxMTAvBgNV
BAMTKDRFMkE4MzI4Q0FFQzczQjk0NzNCQTIwRDAxNDNFOEFBNzc0RkZBNzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCl6pRxjLGUiCMvoYPFdoKZZlVP
hu97Xou/uMmSQRc4Iipfk+Wno/edcgTnrVAFD9YEhnDm24lLcAyY6yGKZ0ixMlg2
eldEyjF2aXLAQ2Vhtd+SL4CBV9cd/lSID6nxg8ZGRF36g1CHD8LBNSu0VT3PzHzn
YmWGc4OFj/JKWKrhu57EPq3n9iF3liGyNrLB3x/GZ4rvDY0tkVn64A/AoyJQhOJV
ib6iBYLxAKPR6D0Em0IK3cS6jlNH7LU+OrReGN8gmbdss1JblWz6/Eob0VvtFI0L
K+2jrHVK0rmzQGEzrx+oa2RA7KVmmgFKcY1KTwYhjCccHKxyy+foimq3r+KfAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUTiqDKMrsc7lHO6INAUPoqndP+ngwHwYDVR0j
BBgwFoAUr/bybqHxDaShbK2cemUQhW+6u40wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWI5ZjU0OTctMmI5NS00YTQyLTgwZDAtNWM0MWY4MDdi
NjFmLzAvQUZGNkYyNkVBMUYxMERBNEExNkNBRDlDN0E2NTEwODU2RkJBQkI4RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3JfYnlicUh4RGFTaGJLMmNlbVVRaFct
NnU0MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWI5ZjU0OTct
MmI5NS00YTQyLTgwZDAtNWM0MWY4MDdiNjFmLzAvMzEzODM1MmUzMTMzMzkyZTMy
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzUzNDMwMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5ixgwDQYJKoZIhvcNAQELBQADggEBAIUXG8tYNCmCFqOztIS2nirC7k+aizap
hfwvv8SrtRi0ZQzZLkpwZsvulxh/oInUMHfbIeJCavvOCAr35l3AxjPZR7Kt6jaA
n9QVIkvKWHKjSwiBLTeI/lo5+LBBxZ11xcWt5XwJQasDg+H8zRLnlkQR/5Q+6mRJ
w12NPNBbrME/X0dWnP8y7vLscRrPwQCccSmrPD8tbefeEwV/DddWGTuqI2fO29vM
su2oUxc10pbeAn1/IvmihivNQULiYBsqJaYlbjlTwyjmiDnaqjSLEO0QUe7mq2CC
9Mw9j/4ZsRw34KB1HOzc1qcv/oazScC9otRlbjMNC0sws7xVmFftw/Y=
-----END CERTIFICATE-----
Generated at Sat Mar 21 09:35:21 2026 by rpki-client