Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3138352e322e34382e302f32342d3234203d3e203137353631.roa
File: 3138352e322e34382e302f32342d3234203d3e203137353631.roa (raw, json)
Hash identifier: 7wcegcT5K98XgAg+XQMcAdixoXoYKu4tzsSbp2VeJ64=
Subject key identifier: A7:ED:9E:49:C6:F0:3B:53:33:83:72:D4:BF:D9:0E:45:A7:7B:F5:D5
Certificate issuer: /CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Certificate serial: 7172F57A05DBD2E6BB6EE30E7FB61658C020FC7B
Authority key identifier: A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3138352e322e34382e302f32342d3234203d3e203137353631.roa
Signing time: Tue 16 Jun 2026 16:31:31 +0000
ROA not before: Tue 16 Jun 2026 16:26:31 +0000
ROA not after: Tue 15 Jun 2027 16:31:31 +0000
asID: 17561
IP address blocks: 185.2.48.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.mft
rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 09:42:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:72:f5:7a:05:db:d2:e6:bb:6e:e3:0e:7f:b6:16:58:c0:20:fc:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Validity
Not Before: Jun 16 16:26:31 2026 GMT
Not After : Jun 15 16:31:31 2027 GMT
Subject: CN=A7ED9E49C6F03B53338372D4BFD90E45A77BF5D5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:84:97:91:fc:bc:82:7f:05:09:a1:da:b6:01:
80:d7:1a:5d:4a:f1:52:48:1b:91:cc:21:0a:89:de:
49:5d:12:37:de:e4:63:e4:0d:c3:42:73:29:2c:62:
06:88:78:ee:7c:fe:fa:c5:cb:ba:52:80:76:1d:2e:
6d:f5:c8:30:a5:c8:a5:27:25:97:4b:77:b6:fd:9f:
e2:1d:7e:f3:fd:33:36:56:00:70:0a:bd:d7:44:b4:
98:17:b1:33:16:94:84:b5:0f:45:15:55:11:6a:ac:
68:96:33:79:12:5a:49:9e:ff:16:4f:58:1d:1b:75:
a7:66:ad:0d:7f:ad:b7:71:4e:f7:5c:b4:fd:ad:3e:
a6:ae:c4:19:2d:ba:fa:49:45:4b:a0:cc:39:75:38:
20:b9:b0:a3:1f:4c:ba:d0:c0:b0:10:f6:9a:ca:e3:
03:1e:64:b1:cb:da:ad:73:25:d6:e7:7e:d7:57:50:
7b:93:fd:21:a0:0c:00:40:db:a0:c3:23:55:a6:8d:
bd:54:fc:2b:05:1d:2c:b8:7e:fd:52:04:6f:94:45:
29:f4:d3:29:61:3c:61:09:a8:c4:22:a3:08:92:38:
50:ee:3c:e2:d6:9e:f8:23:6b:4b:41:48:3e:0e:79:
bb:c0:27:27:9c:27:95:fa:62:b4:6a:bc:56:72:07:
86:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:ED:9E:49:C6:F0:3B:53:33:83:72:D4:BF:D9:0E:45:A7:7B:F5:D5
X509v3 Authority Key Identifier:
keyid:A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3138352e322e34382e302f32342d3234203d3e203137353631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.48.0/24
Signature Algorithm: sha256WithRSAEncryption
15:b9:1a:f5:07:89:eb:91:c2:72:b5:11:f7:f2:1a:d1:43:d3:
c7:fe:cf:26:c5:56:1a:4d:f1:09:b8:4c:96:d1:6a:96:4e:b9:
fa:1f:b9:3d:34:ca:7c:53:b6:99:8d:c3:67:92:09:e3:32:9f:
0f:da:ab:bd:26:59:bf:0e:67:39:b8:25:b8:1c:dd:fd:21:fa:
eb:83:78:e5:5e:b1:c2:07:04:13:db:79:25:49:bd:4e:cc:ec:
f5:3e:ae:65:15:78:3d:8f:7d:15:74:ea:7b:a0:70:81:c6:b3:
40:63:4d:86:72:fd:23:0b:8a:a0:75:f5:72:9a:be:93:c6:9a:
8d:c1:df:b2:f0:1b:cb:eb:78:6f:b0:60:44:19:b6:50:b7:eb:
f1:fe:9c:d5:e6:20:ac:b1:3e:3f:69:71:06:07:d5:8f:b1:6d:
b1:5f:df:4a:da:59:eb:05:71:a2:05:89:1a:10:6c:c6:33:27:
1b:1d:72:05:fd:6a:56:75:4f:0b:e2:0f:d4:15:c3:33:9d:e3:
d8:d3:3d:74:5b:3c:f2:c0:a8:3d:f7:c2:45:fe:cc:e6:ef:84:
5e:20:db:d9:8a:f9:89:16:46:7b:79:39:45:e2:e5:49:a8:44:
73:54:71:56:6d:a5:d2:3b:ee:b2:94:3c:69:ed:83:5e:0e:ff:
c5:54:8f:51
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUcXL1egXb0ua7buMOf7YWWMAg/HswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTI5ZWYyMWMxMzk3YWI0YjJmMDg3NzgzMDVhMzdmZmQx
Y2MyNWM0ZTAeFw0yNjA2MTYxNjI2MzFaFw0yNzA2MTUxNjMxMzFaMDMxMTAvBgNV
BAMTKEE3RUQ5RTQ5QzZGMDNCNTMzMzgzNzJENEJGRDkwRTQ1QTc3QkY1RDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0hJeR/LyCfwUJodq2AYDXGl1K
8VJIG5HMIQqJ3kldEjfe5GPkDcNCcyksYgaIeO58/vrFy7pSgHYdLm31yDClyKUn
JZdLd7b9n+IdfvP9MzZWAHAKvddEtJgXsTMWlIS1D0UVVRFqrGiWM3kSWkme/xZP
WB0bdadmrQ1/rbdxTvdctP2tPqauxBktuvpJRUugzDl1OCC5sKMfTLrQwLAQ9prK
4wMeZLHL2q1zJdbnftdXUHuT/SGgDABA26DDI1Wmjb1U/CsFHSy4fv1SBG+URSn0
0ylhPGEJqMQiowiSOFDuPOLWnvgja0tBSD4OebvAJyecJ5X6YrRqvFZyB4arAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUp+2eScbwO1Mzg3LUv9kORad79dUwHwYDVR0j
BBgwFoAUop7yHBOXq0svCHeDBaN//RzCXE4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYtNzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1
NmI2LzIvQTI5RUYyMUMxMzk3QUI0QjJGMDg3NzgzMDVBMzdGRkQxQ0MyNUM0RS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL29wN3lIQk9YcTBzdkNIZURCYU5fX1J6
Q1hFNC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYt
NzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1NmI2LzIvMzEzODM1MmUzMjJlMzQzODJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzczNTM2MzEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC5AjAw
DQYJKoZIhvcNAQELBQADggEBABW5GvUHieuRwnK1EffyGtFD08f+zybFVhpN8Qm4
TJbRapZOufofuT00ynxTtpmNw2eSCeMynw/aq70mWb8OZzm4Jbgc3f0h+uuDeOVe
scIHBBPbeSVJvU7M7PU+rmUVeD2PfRV06nugcIHGs0BjTYZy/SMLiqB19XKavpPG
mo3B37LwG8vreG+wYEQZtlC36/H+nNXmIKyxPj9pcQYH1Y+xbbFf30raWesFcaIF
iRoQbMYzJxsdcgX9alZ1TwviD9QVwzOd49jTPXRbPPLAqD33wkX+zObvhF4g29mK
+YkWRnt5OUXi5UmoRHNUcVZtpdI77rKUPGntg14O/8VUj1E=
-----END CERTIFICATE-----
Generated at Tue Jun 30 23:13:48 2026 by rpki-client