Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137322e302f32342d3234203d3e20323132323338.roa
File: 3138352e3137322e3137322e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: 5QvqCdQtQuFR7k3609q7VNBUNd4J1GMkNLpbKSbZIgU=
Subject key identifier: DF:31:BD:2B:FA:9E:24:4D:9B:0F:B2:B8:50:B7:93:76:4D:FB:34:D8
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 66FF6664C7E96A818439122F2A5A32C150527652
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137322e302f32342d3234203d3e20323132323338.roa
Signing time: Wed 17 Jun 2026 10:16:57 +0000
ROA not before: Wed 17 Jun 2026 10:11:57 +0000
ROA not after: Wed 16 Jun 2027 10:16:57 +0000
asID: 212238
IP address blocks: 185.172.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Jun 2026 14:49:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:ff:66:64:c7:e9:6a:81:84:39:12:2f:2a:5a:32:c1:50:52:76:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jun 17 10:11:57 2026 GMT
Not After : Jun 16 10:16:57 2027 GMT
Subject: CN=DF31BD2BFA9E244D9B0FB2B850B793764DFB34D8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:cb:63:f8:44:bd:ee:4a:e4:b9:cf:af:ec:ab:
37:ce:82:93:6d:3f:6a:30:4c:1e:81:e7:05:8f:00:
87:ee:e8:33:34:6d:df:6e:bc:5d:12:29:68:dd:67:
d3:9b:09:2c:39:0b:cb:63:45:26:76:3d:32:f0:54:
16:70:ad:90:51:ae:74:ca:09:f2:68:99:1f:72:fa:
31:7e:01:fe:94:dd:26:a2:a6:18:da:d8:6f:f9:8f:
a5:2b:8f:85:b4:cf:03:e8:b3:b7:58:b3:ab:55:b7:
83:2e:f2:54:a6:9d:70:24:bb:b7:81:41:0e:81:39:
9b:03:c8:fb:c8:69:68:c7:99:90:ef:61:be:11:06:
5c:7a:0f:2d:ba:53:78:5d:de:dd:d0:17:82:fc:2e:
68:dc:ef:01:12:43:6f:78:a2:2a:cd:bb:6f:4c:d5:
4c:52:12:12:67:9e:b6:53:65:a3:20:19:d2:e2:96:
1f:84:d2:6f:e1:8b:6a:5c:fb:12:5a:69:6e:b9:aa:
87:d9:ec:71:7c:e7:44:73:e1:00:58:93:9a:70:e2:
1b:af:e7:15:df:24:5b:3a:43:47:7d:28:03:fe:77:
9d:5b:76:5d:9c:97:fd:4a:ed:74:c6:63:7c:98:42:
75:6b:1d:a2:7f:d9:28:30:0a:dd:fc:8f:c9:0f:bb:
3c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:31:BD:2B:FA:9E:24:4D:9B:0F:B2:B8:50:B7:93:76:4D:FB:34:D8
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137322e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.172.0/24
Signature Algorithm: sha256WithRSAEncryption
07:75:6e:74:bc:d6:e9:14:64:44:29:19:cf:d5:b8:e1:6d:be:
e0:19:b0:34:88:6f:73:ed:bd:ab:3b:b0:00:d4:0a:c4:ec:2c:
c5:63:8f:f1:50:04:a8:ac:84:3e:95:66:99:67:c2:92:a2:d6:
dc:10:02:f2:7a:2f:64:ec:4d:f5:e8:aa:42:f3:b7:47:2e:3f:
fc:e3:e4:a5:44:d9:cb:28:2e:35:7e:96:a7:65:2c:1a:dc:ef:
5f:97:4a:97:3a:d2:76:b6:29:6b:b1:99:32:59:52:72:ed:f9:
c9:36:b2:18:d2:ba:a4:5e:be:80:bd:81:49:2e:c7:d2:0d:b7:
82:e2:9c:07:03:6d:11:d0:bd:f4:80:b8:e3:b8:7f:6b:bd:3f:
bc:0a:fc:dd:ac:57:c1:db:63:60:eb:2c:02:4a:01:9c:90:19:
f1:38:1f:04:a5:ac:47:88:92:e8:2c:01:d5:64:88:b2:8c:4d:
eb:05:d5:77:f2:3a:0b:a6:3a:ac:26:2f:e1:35:03:d4:86:f1:
03:56:9c:00:35:33:8b:7c:cc:ce:d5:c2:1d:14:8e:02:41:80:
a0:f9:2c:84:d4:75:42:a4:0b:d4:58:f3:a6:2c:44:70:a5:23:
84:6c:57:ca:a8:3f:30:fd:81:ec:8f:1b:cf:a9:d2:4b:65:e1:
f3:27:b4:2c
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUZv9mZMfpaoGEORIvKloywVBSdlIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNjA2MTcxMDExNTdaFw0yNzA2MTYxMDE2NTdaMDMxMTAvBgNV
BAMTKERGMzFCRDJCRkE5RTI0NEQ5QjBGQjJCODUwQjc5Mzc2NERGQjM0RDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCey2P4RL3uSuS5z6/sqzfOgpNt
P2owTB6B5wWPAIfu6DM0bd9uvF0SKWjdZ9ObCSw5C8tjRSZ2PTLwVBZwrZBRrnTK
CfJomR9y+jF+Af6U3Saiphja2G/5j6Urj4W0zwPos7dYs6tVt4Mu8lSmnXAku7eB
QQ6BOZsDyPvIaWjHmZDvYb4RBlx6Dy26U3hd3t3QF4L8Lmjc7wESQ294oirNu29M
1UxSEhJnnrZTZaMgGdLilh+E0m/hi2pc+xJaaW65qofZ7HF850Rz4QBYk5pw4huv
5xXfJFs6Q0d9KAP+d51bdl2cl/1K7XTGY3yYQnVrHaJ/2SgwCt38j8kPuzzDAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU3zG9K/qeJE2bD7K4ULeTdk37NNgwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzODM1MmUzMTM3MzIyZTMx
MzczMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMyMzMzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALmsrDANBgkqhkiG9w0BAQsFAAOCAQEAB3VudLzW6RRkRCkZz9W44W2+4Bmw
NIhvc+29qzuwANQKxOwsxWOP8VAEqKyEPpVmmWfCkqLW3BAC8novZOxN9eiqQvO3
Ry4//OPkpUTZyyguNX6Wp2UsGtzvX5dKlzrSdrYpa7GZMllScu35yTayGNK6pF6+
gL2BSS7H0g23guKcBwNtEdC99IC447h/a70/vAr83axXwdtjYOssAkoBnJAZ8Tgf
BKWsR4iS6CwB1WSIsoxN6wXVd/I6C6Y6rCYv4TUD1IbxA1acADUzi3zMztXCHRSO
AkGAoPkshNR1QqQL1FjzpixEcKUjhGxXyqg/MP2B7I8bz6nSS2Xh8ye0LA==
-----END CERTIFICATE-----
Generated at Sat Jun 20 02:15:29 2026 by rpki-client