Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/3138352e39332e33332e302f32342d3234203d3e20323032373539.roa
File: 3138352e39332e33332e302f32342d3234203d3e20323032373539.roa (raw, json)
Hash identifier: G4zEX4PGfW7YVrDIMcceSVP1pRO5EiJ0iq043TK1uvs=
Subject key identifier: 5D:2A:25:A7:90:B0:97:8B:1E:3C:A2:59:F7:26:A3:88:E5:C6:B3:17
Certificate issuer: /CN=aff6f26ea1f10da4a16cad9c7a6510856fbabb8d
Certificate serial: 2F6444A958E1F2715B64C9C002F33137A292BB2D
Authority key identifier: AF:F6:F2:6E:A1:F1:0D:A4:A1:6C:AD:9C:7A:65:10:85:6F:BA:BB:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_bybqHxDaShbK2cemUQhW-6u40.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/3138352e39332e33332e302f32342d3234203d3e20323032373539.roa
Signing time: Fri 19 Jun 2026 06:17:15 +0000
ROA not before: Fri 19 Jun 2026 06:12:15 +0000
ROA not after: Fri 18 Jun 2027 06:17:15 +0000
asID: 202759
IP address blocks: 185.93.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/AFF6F26EA1F10DA4A16CAD9C7A6510856FBABB8D.crl
rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/AFF6F26EA1F10DA4A16CAD9C7A6510856FBABB8D.mft
rsync://rpki.ripe.net/repository/DEFAULT/r_bybqHxDaShbK2cemUQhW-6u40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Jun 2026 10:15:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:64:44:a9:58:e1:f2:71:5b:64:c9:c0:02:f3:31:37:a2:92:bb:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aff6f26ea1f10da4a16cad9c7a6510856fbabb8d
Validity
Not Before: Jun 19 06:12:15 2026 GMT
Not After : Jun 18 06:17:15 2027 GMT
Subject: CN=5D2A25A790B0978B1E3CA259F726A388E5C6B317
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a1:2d:fd:f8:6e:4d:1e:8d:cb:11:47:69:4f:
35:ff:a9:3d:93:65:a4:89:37:d3:fc:19:de:2a:53:
fd:a6:b5:24:22:7a:ce:6a:1b:80:0a:a0:af:fe:fa:
4f:db:21:5e:e0:75:f6:29:ef:22:c4:ed:24:48:e9:
a6:fd:3b:1a:34:39:96:e8:09:77:29:97:b7:6f:30:
67:88:e1:52:e6:bf:11:7c:e7:46:0f:0e:21:91:22:
9d:9e:d6:ec:24:d8:c8:59:57:da:94:8d:c8:93:f8:
c1:9a:87:24:6b:b5:8c:7f:ad:9b:68:84:b4:54:c7:
3f:24:b8:7e:2c:bb:6e:f8:49:65:29:fa:8f:cc:0e:
b3:f3:79:c3:4f:af:b6:ac:f8:71:af:78:6c:c1:7c:
67:03:18:c1:76:bb:f1:a7:3a:52:2e:7b:1b:64:f3:
e5:e2:4d:73:bf:eb:fa:a2:3d:f2:45:f8:7d:7b:8f:
5a:fa:c6:f8:60:15:c2:92:d1:93:50:43:b5:b7:f8:
32:5a:2f:96:74:bb:78:d0:3a:a4:e4:47:4d:d4:f7:
52:11:01:b7:9c:7d:ba:bb:f9:a9:30:82:9d:f6:62:
f9:f7:b7:96:0e:8a:33:b4:41:17:c8:81:29:cf:54:
7b:e8:58:52:17:5e:11:76:40:cc:ad:eb:60:bd:cd:
f9:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:2A:25:A7:90:B0:97:8B:1E:3C:A2:59:F7:26:A3:88:E5:C6:B3:17
X509v3 Authority Key Identifier:
keyid:AF:F6:F2:6E:A1:F1:0D:A4:A1:6C:AD:9C:7A:65:10:85:6F:BA:BB:8D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/AFF6F26EA1F10DA4A16CAD9C7A6510856FBABB8D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_bybqHxDaShbK2cemUQhW-6u40.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/3138352e39332e33332e302f32342d3234203d3e20323032373539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.33.0/24
Signature Algorithm: sha256WithRSAEncryption
68:3f:19:d0:02:86:fa:bb:49:a6:91:c3:55:7f:1b:b0:f2:27:
de:db:e1:54:c1:3e:77:03:db:a7:fd:0e:bc:ad:4e:f2:19:b9:
81:da:36:4e:52:40:a2:b9:7a:60:74:5c:d4:03:bb:d7:b4:0c:
74:94:93:eb:0e:a5:26:7a:7b:51:bf:50:30:f6:5b:b9:34:35:
20:9a:b6:48:7b:0d:4f:ac:1d:9a:5e:d6:da:3e:fd:28:5e:0c:
3a:b3:e9:ee:e6:34:e2:ad:57:26:3a:3c:61:a3:76:0f:46:27:
1c:4c:1b:ca:a4:d8:33:3c:0f:0a:e7:76:aa:61:9e:51:20:64:
9e:e2:d0:de:13:b6:89:d6:f1:73:99:4f:f8:db:15:5f:e8:2f:
78:82:8a:6d:34:62:5d:5c:e9:8f:5a:ba:c2:7a:ce:f5:09:d4:
25:b1:cd:7f:44:12:70:95:f1:17:4b:dc:37:09:4d:19:b2:76:
b5:76:7d:a5:13:72:b8:0e:d5:c0:fc:8d:33:36:b1:4b:5b:c5:
1f:6f:07:2f:78:c2:9b:96:21:76:cf:9a:13:91:b8:2e:94:d6:
fb:5f:5f:af:09:0e:c3:c8:0b:11:4e:89:ae:3d:ae:29:ff:4f:
63:ca:d1:d2:d1:44:b0:8a:4d:75:42:38:b8:60:9c:9a:99:7c:
71:5c:16:8a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUL2REqVjh8nFbZMnAAvMxN6KSuy0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWZmNmYyNmVhMWYxMGRhNGExNmNhZDljN2E2NTEwODU2
ZmJhYmI4ZDAeFw0yNjA2MTkwNjEyMTVaFw0yNzA2MTgwNjE3MTVaMDMxMTAvBgNV
BAMTKDVEMkEyNUE3OTBCMDk3OEIxRTNDQTI1OUY3MjZBMzg4RTVDNkIzMTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyoS39+G5NHo3LEUdpTzX/qT2T
ZaSJN9P8Gd4qU/2mtSQies5qG4AKoK/++k/bIV7gdfYp7yLE7SRI6ab9Oxo0OZbo
CXcpl7dvMGeI4VLmvxF850YPDiGRIp2e1uwk2MhZV9qUjciT+MGahyRrtYx/rZto
hLRUxz8kuH4su274SWUp+o/MDrPzecNPr7as+HGveGzBfGcDGMF2u/GnOlIuextk
8+XiTXO/6/qiPfJF+H17j1r6xvhgFcKS0ZNQQ7W3+DJaL5Z0u3jQOqTkR03U91IR
Abecfbq7+akwgp32Yvn3t5YOijO0QRfIgSnPVHvoWFIXXhF2QMyt62C9zfnJAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUXSolp5Cwl4sePKJZ9yajiOXGsxcwHwYDVR0j
BBgwFoAUr/bybqHxDaShbK2cemUQhW+6u40wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWI5ZjU0OTctMmI5NS00YTQyLTgwZDAtNWM0MWY4MDdi
NjFmLzAvQUZGNkYyNkVBMUYxMERBNEExNkNBRDlDN0E2NTEwODU2RkJBQkI4RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3JfYnlicUh4RGFTaGJLMmNlbVVRaFct
NnU0MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWI5ZjU0OTct
MmI5NS00YTQyLTgwZDAtNWM0MWY4MDdiNjFmLzAvMzEzODM1MmUzOTMzMmUzMzMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMyMzczNTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uV0hMA0GCSqGSIb3DQEBCwUAA4IBAQBoPxnQAob6u0mmkcNVfxuw8ife2+FUwT53
A9un/Q68rU7yGbmB2jZOUkCiuXpgdFzUA7vXtAx0lJPrDqUmentRv1Aw9lu5NDUg
mrZIew1PrB2aXtbaPv0oXgw6s+nu5jTirVcmOjxho3YPRiccTBvKpNgzPA8K53aq
YZ5RIGSe4tDeE7aJ1vFzmU/42xVf6C94goptNGJdXOmPWrrCes71CdQlsc1/RBJw
lfEXS9w3CU0Zsna1dn2lE3K4DtXA/I0zNrFLW8UfbwcveMKbliF2z5oTkbgulNb7
X1+vCQ7DyAsRTomuPa4p/09jytHS0USwik11Qji4YJyamXxxXBaK
-----END CERTIFICATE-----
Generated at Sat Jun 20 04:11:41 2026 by rpki-client