Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e342e3232332e302f32342d3234203d3e20323132323338.roa
File: 3138352e342e3232332e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: sKAx3vJm8zoC2olfP4fNcIlnt96pRSJdZJzENPs0qnM=
Subject key identifier: B3:2C:E9:98:B2:22:F4:60:0F:2E:B9:9F:23:77:59:CA:80:2E:F6:FD
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 23FBB6D128B239BA7C0F28C1D78636C0536DE098
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e342e3232332e302f32342d3234203d3e20323132323338.roa
Signing time: Mon 16 Mar 2026 08:46:48 +0000
ROA not before: Mon 16 Mar 2026 08:41:48 +0000
ROA not after: Mon 15 Mar 2027 08:46:48 +0000
asID: 212238
IP address blocks: 185.4.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Mar 2026 20:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:fb:b6:d1:28:b2:39:ba:7c:0f:28:c1:d7:86:36:c0:53:6d:e0:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Mar 16 08:41:48 2026 GMT
Not After : Mar 15 08:46:48 2027 GMT
Subject: CN=B32CE998B222F4600F2EB99F237759CA802EF6FD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7b:35:b0:e7:21:d9:65:95:0c:41:e1:99:29:
08:a7:9b:c3:5f:f4:4b:24:81:6d:85:c3:f8:36:46:
a0:99:01:53:fd:17:8c:29:67:34:80:9a:34:8e:ac:
e3:a3:98:31:21:c7:06:af:38:90:c5:af:36:73:f0:
b0:15:22:d1:de:4e:69:30:e8:fe:4a:d9:1f:8a:c5:
39:05:aa:53:2d:4b:8d:de:19:bb:0f:53:e4:74:be:
b2:2b:e7:ab:db:03:a2:14:50:a5:a1:58:76:24:6b:
3a:b4:8b:a6:e9:2e:8a:1e:15:31:f0:38:1b:93:89:
cb:13:cb:57:de:2c:3f:25:74:0e:93:29:0c:d6:68:
90:54:5c:c0:95:e9:19:bb:38:a6:e5:c4:43:d9:da:
83:95:e4:4b:75:13:7e:c4:a1:53:61:10:ce:39:57:
9f:3c:e7:39:5a:0f:2e:f1:9b:4a:ca:9f:28:23:4a:
7d:c1:e1:81:05:f3:ad:58:1e:35:2d:e7:3d:b9:9c:
21:2f:a8:ef:5d:28:64:5b:5d:5c:5d:d0:66:85:33:
97:fa:14:87:d9:5e:5b:15:34:8c:f5:ee:47:a3:a8:
48:cb:2d:d0:4e:aa:7f:9d:97:98:77:9f:49:16:ba:
6b:de:ea:1c:2f:9f:84:22:88:e7:93:47:84:6a:d9:
30:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:2C:E9:98:B2:22:F4:60:0F:2E:B9:9F:23:77:59:CA:80:2E:F6:FD
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e342e3232332e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.223.0/24
Signature Algorithm: sha256WithRSAEncryption
20:2e:04:04:c6:56:1e:c6:61:07:e7:7b:a7:a6:0d:8f:27:ae:
e0:f3:89:6a:de:d5:a4:de:86:b0:da:5d:2b:5e:60:93:93:66:
3d:f9:bf:ab:2b:46:62:a9:f6:5a:1d:25:2c:2e:15:18:08:51:
16:66:55:c3:5c:23:aa:24:68:b4:3f:3e:26:55:1f:7e:10:e1:
da:5c:39:f9:82:24:7a:79:62:5e:af:b7:a0:8a:80:bd:8b:cb:
17:77:33:a3:d6:20:82:46:a1:ef:c3:88:4a:84:6b:8d:2a:e2:
a2:ae:28:6a:23:8d:80:77:dd:cf:56:45:c9:47:ba:00:fc:92:
35:19:d9:e8:1a:43:6f:8f:0f:67:4e:ac:37:5d:dd:0a:8d:44:
7e:4c:cb:83:ef:b9:21:a0:54:61:15:e4:14:67:6e:7f:84:9d:
80:11:72:a8:c4:60:11:33:a0:dd:1d:1b:02:4a:1b:87:bd:8c:
3d:ff:62:02:99:da:89:bb:c5:aa:9b:27:c7:2a:b8:a8:92:47:
6f:99:6c:d8:47:7d:3c:1e:48:71:85:42:c8:0e:98:02:1d:32:
90:2d:46:ba:8e:86:16:e9:48:ce:da:27:d8:a6:2e:70:79:d3:
6d:50:f3:5f:66:ee:27:71:fb:35:1e:d1:96:99:40:cc:5b:cf:
b6:87:19:c0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUI/u20SiyObp8DyjB14Y2wFNt4JgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNjAzMTYwODQxNDhaFw0yNzAzMTUwODQ2NDhaMDMxMTAvBgNV
BAMTKEIzMkNFOTk4QjIyMkY0NjAwRjJFQjk5RjIzNzc1OUNBODAyRUY2RkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpezWw5yHZZZUMQeGZKQinm8Nf
9EskgW2Fw/g2RqCZAVP9F4wpZzSAmjSOrOOjmDEhxwavOJDFrzZz8LAVItHeTmkw
6P5K2R+KxTkFqlMtS43eGbsPU+R0vrIr56vbA6IUUKWhWHYkazq0i6bpLooeFTHw
OBuTicsTy1feLD8ldA6TKQzWaJBUXMCV6Rm7OKblxEPZ2oOV5Et1E37EoVNhEM45
V5885zlaDy7xm0rKnygjSn3B4YEF861YHjUt5z25nCEvqO9dKGRbXVxd0GaFM5f6
FIfZXlsVNIz17kejqEjLLdBOqn+dl5h3n0kWumve6hwvn4QiiOeTR4Rq2TC5AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUsyzpmLIi9GAPLrmfI3dZyoAu9v0wHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzODM1MmUzNDJlMzIzMjMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzIzMzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uQTfMA0GCSqGSIb3DQEBCwUAA4IBAQAgLgQExlYexmEH53unpg2PJ67g84lq3tWk
3oaw2l0rXmCTk2Y9+b+rK0ZiqfZaHSUsLhUYCFEWZlXDXCOqJGi0Pz4mVR9+EOHa
XDn5giR6eWJer7egioC9i8sXdzOj1iCCRqHvw4hKhGuNKuKirihqI42Ad93PVkXJ
R7oA/JI1GdnoGkNvjw9nTqw3Xd0KjUR+TMuD77khoFRhFeQUZ25/hJ2AEXKoxGAR
M6DdHRsCShuHvYw9/2ICmdqJu8WqmyfHKriokkdvmWzYR308HkhxhULIDpgCHTKQ
LUa6joYW6UjO2ifYpi5wedNtUPNfZu4ncfs1HtGWmUDMW8+2hxnA
-----END CERTIFICATE-----
Generated at Sat Mar 21 06:44:09 2026 by rpki-client