Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e3232322e3138362e302f32332d3234203d3e203232373733.roa
File: 3138352e3232322e3138362e302f32332d3234203d3e203232373733.roa (raw, json)
Hash identifier: oWDSYl36arWciKrlI/GU9YaVdDTEg2VJ1CC1dUHCR+8=
Subject key identifier: 9A:95:E2:43:C8:6E:8C:15:1A:62:6F:1A:75:C5:70:B1:C8:3A:71:B4
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 71779D9402BFE122558C2F28B0C675F811D66642
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e3232322e3138362e302f32332d3234203d3e203232373733.roa
Signing time: Thu 26 Mar 2026 23:36:22 +0000
ROA not before: Thu 26 Mar 2026 23:31:22 +0000
ROA not after: Thu 25 Mar 2027 23:36:22 +0000
asID: 22773
IP address blocks: 185.222.186.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 Apr 2026 07:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:77:9d:94:02:bf:e1:22:55:8c:2f:28:b0:c6:75:f8:11:d6:66:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Mar 26 23:31:22 2026 GMT
Not After : Mar 25 23:36:22 2027 GMT
Subject: CN=9A95E243C86E8C151A626F1A75C570B1C83A71B4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b6:a1:9d:f5:21:ad:3e:fe:35:88:37:76:2e:
7d:94:52:a5:43:e9:2f:84:ec:8e:ff:5e:cf:50:d3:
64:b3:5b:5b:18:b7:fe:61:f9:31:05:10:9a:fe:79:
f0:d6:7f:fd:37:39:46:97:ed:4d:b0:c8:13:08:d7:
a4:2e:a4:2b:60:f4:d0:bc:46:ce:58:a7:85:fe:b9:
c5:c5:d6:c2:9c:f7:72:4d:27:22:ed:eb:bd:36:a3:
49:86:9d:85:e6:e6:05:86:93:8a:94:8d:0f:c5:f9:
39:4c:44:34:36:9f:b7:1b:84:49:df:7c:03:f3:42:
e5:91:43:93:78:f1:a5:f9:e8:fb:2e:49:e1:b7:ce:
4b:c7:20:7f:f6:8a:4c:7d:20:da:1a:37:3d:11:12:
90:f5:b6:34:34:0b:26:b7:e6:ac:9d:12:9e:ac:32:
d9:ee:90:66:be:e8:48:36:1b:7b:bf:af:a4:b0:8a:
77:0d:66:b5:5d:2c:47:d7:36:b3:dc:7e:0a:74:d4:
8d:8c:13:da:a5:33:8c:5b:d3:0a:12:67:62:40:a1:
f8:df:82:9f:1a:e4:16:c6:07:37:bb:00:78:b3:32:
73:03:49:cb:01:68:9e:81:3e:51:7b:f8:36:54:df:
90:c7:cc:ad:1d:fd:6f:c1:ad:cf:c5:2d:4e:31:c7:
26:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:95:E2:43:C8:6E:8C:15:1A:62:6F:1A:75:C5:70:B1:C8:3A:71:B4
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e3232322e3138362e302f32332d3234203d3e203232373733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.186.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:d5:f5:45:d0:c0:cb:22:91:16:41:1f:0a:87:8b:c4:ba:81:
98:91:40:49:16:c5:5d:e2:ff:9b:1e:62:1a:27:9d:17:26:e8:
b7:e3:3f:cf:b7:ab:58:f8:f9:5d:b9:81:1c:67:cd:f6:35:27:
17:94:a2:53:88:ca:9e:4e:25:00:50:7e:f7:81:b4:8f:21:6a:
49:a9:84:71:25:ca:9c:34:a0:c6:de:fa:35:17:2c:4d:39:d1:
a7:27:eb:0e:a3:f0:b8:e2:be:34:31:b4:32:95:ce:2c:28:6e:
8d:f6:a1:91:1e:63:1e:8c:4c:9c:14:11:06:82:f6:f6:dd:23:
ae:88:ac:83:9f:a2:fb:06:05:b1:07:a0:80:3a:c7:a1:1a:47:
89:d1:1f:44:76:2f:63:4c:7a:57:6c:da:33:9f:38:8d:da:1c:
7a:d6:5b:da:ce:82:36:07:d8:e9:ae:e7:e1:9d:b0:6c:39:c6:
41:c4:78:8e:2c:39:4c:a9:a6:f0:12:73:8a:c8:96:20:1e:4d:
b9:5a:c7:56:57:11:a4:4f:7c:c3:98:bd:37:04:f8:ba:3f:2b:
9c:be:bd:d6:31:cb:5e:fd:01:b9:e2:8e:77:9e:1a:15:b4:78:
59:cd:59:87:22:87:07:62:ef:d8:80:0f:be:af:38:ae:a2:2c:
3d:a5:d4:d8
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUcXedlAK/4SJVjC8osMZ1+BHWZkIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNjAzMjYyMzMxMjJaFw0yNzAzMjUyMzM2MjJaMDMxMTAvBgNV
BAMTKDlBOTVFMjQzQzg2RThDMTUxQTYyNkYxQTc1QzU3MEIxQzgzQTcxQjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrtqGd9SGtPv41iDd2Ln2UUqVD
6S+E7I7/Xs9Q02SzW1sYt/5h+TEFEJr+efDWf/03OUaX7U2wyBMI16QupCtg9NC8
Rs5Yp4X+ucXF1sKc93JNJyLt6702o0mGnYXm5gWGk4qUjQ/F+TlMRDQ2n7cbhEnf
fAPzQuWRQ5N48aX56PsuSeG3zkvHIH/2ikx9INoaNz0REpD1tjQ0Cya35qydEp6s
MtnukGa+6Eg2G3u/r6SwincNZrVdLEfXNrPcfgp01I2ME9qlM4xb0woSZ2JAofjf
gp8a5BbGBze7AHizMnMDScsBaJ6BPlF7+DZU35DHzK0d/W/Brc/FLU4xxyYbAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUmpXiQ8hujBUaYm8adcVwscg6cbQwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzODM1MmUzMjMyMzIyZTMx
MzgzNjJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDMyMzIzNzM3MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG53rowDQYJKoZIhvcNAQELBQADggEBAIzV9UXQwMsikRZBHwqHi8S6gZiRQEkW
xV3i/5seYhonnRcm6LfjP8+3q1j4+V25gRxnzfY1JxeUolOIyp5OJQBQfveBtI8h
akmphHElypw0oMbe+jUXLE050acn6w6j8LjivjQxtDKVziwobo32oZEeYx6MTJwU
EQaC9vbdI66IrIOfovsGBbEHoIA6x6EaR4nRH0R2L2NMelds2jOfOI3aHHrWW9rO
gjYH2Omu5+GdsGw5xkHEeI4sOUyppvASc4rIliAeTblax1ZXEaRPfMOYvTcE+Lo/
K5y+vdYxy179AbnijneeGhW0eFnNWYcihwdi79iAD76vOK6iLD2l1Ng=
-----END CERTIFICATE-----
Generated at Sun Apr 5 15:21:43 2026 by rpki-client