Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3138352e322e34392e302f32342d3234203d3e203136323736.roa
File: 3138352e322e34392e302f32342d3234203d3e203136323736.roa (raw, json)
Hash identifier: yY1cYTlf5qHcXFsZxMCFHIapofwym8WWW7JRWSSOET8=
Subject key identifier: A8:CF:6C:25:CC:9D:9D:62:AD:A4:E6:42:7D:28:47:85:A7:88:1C:F5
Certificate issuer: /CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Certificate serial: 6D718FDD49AFB5DD36C53BC2C383D0CC89B18941
Authority key identifier: A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3138352e322e34392e302f32342d3234203d3e203136323736.roa
Signing time: Tue 16 Jun 2026 16:31:50 +0000
ROA not before: Tue 16 Jun 2026 16:26:50 +0000
ROA not after: Tue 15 Jun 2027 16:31:50 +0000
asID: 16276
IP address blocks: 185.2.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.mft
rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 09:42:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:71:8f:dd:49:af:b5:dd:36:c5:3b:c2:c3:83:d0:cc:89:b1:89:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Validity
Not Before: Jun 16 16:26:50 2026 GMT
Not After : Jun 15 16:31:50 2027 GMT
Subject: CN=A8CF6C25CC9D9D62ADA4E6427D284785A7881CF5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:55:27:ef:56:6e:42:b3:c7:bf:f0:fe:01:38:
f5:db:f8:3b:a9:e0:86:91:a1:db:3c:2e:d8:36:02:
b6:18:4f:4e:ec:18:64:47:65:c4:61:4b:3c:e2:18:
30:8d:90:97:9c:44:d4:f5:5f:44:04:01:51:b5:ce:
24:00:54:44:1f:80:88:3f:b9:c2:e0:70:9d:35:e0:
51:a6:f0:19:70:b4:b1:9d:d2:79:09:56:0a:ef:cb:
c7:f2:c2:42:d3:b9:f8:54:49:ce:93:01:b7:5f:e2:
66:e8:0d:91:3c:7c:d7:9b:b5:95:d4:35:dd:4c:b1:
3e:88:e7:a2:55:a6:e6:cb:3e:a4:15:15:3d:4f:9a:
da:63:2e:6a:96:ab:ed:03:1e:f9:f0:2e:22:03:2b:
62:a1:8e:a8:b7:93:7b:54:52:9d:36:65:67:c8:2a:
df:54:d4:a2:4a:93:fb:d3:f6:83:ac:23:2d:f2:23:
44:c8:9c:12:b2:67:09:5d:75:8d:d3:a4:90:2b:8b:
b5:54:35:1c:79:93:df:e4:5e:15:35:54:25:18:c5:
ba:6d:4b:d3:69:6b:e7:ab:f0:62:4e:1f:4b:0e:96:
98:2f:b9:13:b1:46:31:fb:d5:ef:43:96:a2:1c:02:
58:48:e0:44:30:9e:50:77:84:7d:92:92:6c:d0:2d:
ca:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:CF:6C:25:CC:9D:9D:62:AD:A4:E6:42:7D:28:47:85:A7:88:1C:F5
X509v3 Authority Key Identifier:
keyid:A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3138352e322e34392e302f32342d3234203d3e203136323736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.49.0/24
Signature Algorithm: sha256WithRSAEncryption
74:a5:b5:73:01:56:fd:2d:3c:31:bf:4c:cc:3b:06:9a:01:77:
07:b3:bb:1a:15:35:38:18:31:c2:4d:10:6e:dc:3d:29:b8:c5:
9b:cc:b6:06:0f:55:7f:88:83:d2:5a:7a:69:78:fc:6d:4a:fb:
c3:f2:4e:8c:00:7f:43:17:53:ae:84:56:c2:18:c3:64:b0:6b:
8d:68:48:c7:04:38:38:4f:eb:5f:e7:b2:41:42:f2:72:32:52:
5a:bc:de:08:b4:2c:86:1c:7c:ea:d3:b2:95:f6:22:7b:85:b8:
87:9b:5c:c0:44:3b:3e:48:49:0f:84:47:c0:eb:40:bf:ca:42:
e1:04:07:0b:ba:1f:9c:e0:de:35:08:35:a0:a0:ea:4d:9c:c4:
8d:04:a0:c6:b1:41:d7:11:dc:aa:b3:11:5a:d3:a3:89:e0:dc:
0f:d8:e6:cc:f1:2a:81:3f:5b:0c:3e:30:ab:a0:ad:7d:6c:8a:
39:a8:c5:95:29:76:44:b7:42:45:cd:7a:b4:de:bc:f6:98:67:
e5:ce:08:92:10:60:8f:9f:39:d3:ac:60:54:46:7f:05:55:a3:
4c:3f:36:bc:35:f7:50:8c:00:83:af:2e:18:b0:6f:0d:8e:89:
1a:ac:b3:4c:ee:df:01:bc:57:16:18:81:91:dc:5c:0a:67:be:
f1:25:51:59
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUbXGP3Umvtd02xTvCw4PQzImxiUEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTI5ZWYyMWMxMzk3YWI0YjJmMDg3NzgzMDVhMzdmZmQx
Y2MyNWM0ZTAeFw0yNjA2MTYxNjI2NTBaFw0yNzA2MTUxNjMxNTBaMDMxMTAvBgNV
BAMTKEE4Q0Y2QzI1Q0M5RDlENjJBREE0RTY0MjdEMjg0Nzg1QTc4ODFDRjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJVSfvVm5Cs8e/8P4BOPXb+Dup
4IaRods8Ltg2ArYYT07sGGRHZcRhSzziGDCNkJecRNT1X0QEAVG1ziQAVEQfgIg/
ucLgcJ014FGm8BlwtLGd0nkJVgrvy8fywkLTufhUSc6TAbdf4mboDZE8fNebtZXU
Nd1MsT6I56JVpubLPqQVFT1PmtpjLmqWq+0DHvnwLiIDK2Khjqi3k3tUUp02ZWfI
Kt9U1KJKk/vT9oOsIy3yI0TInBKyZwlddY3TpJAri7VUNRx5k9/kXhU1VCUYxbpt
S9Npa+er8GJOH0sOlpgvuROxRjH71e9DlqIcAlhI4EQwnlB3hH2SkmzQLcrDAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUqM9sJcydnWKtpOZCfShHhaeIHPUwHwYDVR0j
BBgwFoAUop7yHBOXq0svCHeDBaN//RzCXE4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYtNzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1
NmI2LzIvQTI5RUYyMUMxMzk3QUI0QjJGMDg3NzgzMDVBMzdGRkQxQ0MyNUM0RS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL29wN3lIQk9YcTBzdkNIZURCYU5fX1J6
Q1hFNC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYt
NzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1NmI2LzIvMzEzODM1MmUzMjJlMzQzOTJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzYzMjM3MzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC5AjEw
DQYJKoZIhvcNAQELBQADggEBAHSltXMBVv0tPDG/TMw7BpoBdwezuxoVNTgYMcJN
EG7cPSm4xZvMtgYPVX+Ig9Jaeml4/G1K+8PyTowAf0MXU66EVsIYw2Swa41oSMcE
ODhP61/nskFC8nIyUlq83gi0LIYcfOrTspX2InuFuIebXMBEOz5ISQ+ER8DrQL/K
QuEEBwu6H5zg3jUINaCg6k2cxI0EoMaxQdcR3KqzEVrTo4ng3A/Y5szxKoE/Www+
MKugrX1sijmoxZUpdkS3QkXNerTevPaYZ+XOCJIQYI+fOdOsYFRGfwVVo0w/Nrw1
91CMAIOvLhiwbw2OiRqss0zu3wG8VxYYgZHcXApnvvElUVk=
-----END CERTIFICATE-----
Generated at Tue Jun 30 23:17:53 2026 by rpki-client