Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3138352e322e34392e302f32342d3234203d3e203136323736.roa
File: 3138352e322e34392e302f32342d3234203d3e203136323736.roa (raw, json)
Hash identifier: LIh0DIx2IImYPrbtKl5UIaWrpsZNhrwgJffZtWjbQqI=
Subject key identifier: 91:D1:63:55:EF:4E:31:19:1A:7E:91:98:BA:76:F4:E7:B7:ED:D1:52
Certificate issuer: /CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Certificate serial: 5F84A84CE068A9D38F5E49EB75E03C7BCB3C68E4
Authority key identifier: A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3138352e322e34392e302f32342d3234203d3e203136323736.roa
Signing time: Wed 08 Apr 2026 11:48:12 +0000
ROA not before: Wed 08 Apr 2026 11:43:12 +0000
ROA not after: Wed 07 Apr 2027 11:48:12 +0000
asID: 16276
IP address blocks: 185.2.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.mft
rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 Apr 2026 04:28:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:84:a8:4c:e0:68:a9:d3:8f:5e:49:eb:75:e0:3c:7b:cb:3c:68:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Validity
Not Before: Apr 8 11:43:12 2026 GMT
Not After : Apr 7 11:48:12 2027 GMT
Subject: CN=91D16355EF4E31191A7E9198BA76F4E7B7EDD152
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f0:88:0c:ba:48:40:46:8e:cf:fb:4b:a6:b1:
13:08:40:bc:1c:3a:6b:bf:6f:7d:56:f6:ab:82:77:
1a:5b:24:7e:27:de:30:1e:d4:7a:c1:e1:1f:9c:16:
5c:68:0e:f3:ff:44:cd:a0:00:db:b0:ee:6e:9b:fc:
0d:a8:d7:1f:84:f1:f0:a1:46:1d:cb:25:b7:0b:1b:
30:e8:1e:9c:0d:94:ea:e7:ee:ad:25:d7:67:f3:83:
8d:67:56:20:df:a1:b2:b7:a9:26:93:9d:b8:11:08:
2f:50:f7:9a:98:06:04:77:7e:f8:3e:d5:17:41:38:
96:9e:f3:38:99:20:e1:b4:71:60:53:e1:16:d3:da:
2c:5c:0d:a3:a0:c0:b0:3e:05:33:db:8a:3b:56:45:
f6:fe:ed:cb:eb:38:ce:f7:a9:1e:93:d7:94:67:2f:
10:8f:0c:41:6a:7e:54:a4:5a:57:72:72:7d:06:53:
d0:07:31:f2:b8:92:c6:8a:89:de:79:26:e1:c6:f3:
d4:ba:51:3a:e0:32:1c:c3:b2:c1:a5:27:82:d3:e9:
9f:e2:6d:49:e0:75:48:ad:ba:95:5b:3e:88:4f:f1:
c0:34:3b:3a:b3:81:52:f1:48:f7:ee:6c:fc:e6:16:
84:8f:9d:b6:a4:64:3d:1f:fc:6a:33:3a:24:ea:b5:
7c:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:D1:63:55:EF:4E:31:19:1A:7E:91:98:BA:76:F4:E7:B7:ED:D1:52
X509v3 Authority Key Identifier:
keyid:A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3138352e322e34392e302f32342d3234203d3e203136323736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.49.0/24
Signature Algorithm: sha256WithRSAEncryption
75:c8:e7:a1:10:15:80:19:95:0d:6e:fd:11:f3:88:b2:bd:f3:
c2:be:2b:8b:0d:e9:fa:d1:fb:56:0b:0f:4c:6d:9d:c4:87:c8:
b4:f8:ae:e9:a3:81:67:7f:2a:35:ca:ce:11:51:ef:c7:86:dc:
68:a8:0c:03:fc:0e:4d:f4:f0:cd:fb:f6:3d:54:db:a4:a2:76:
51:1a:05:7d:96:55:33:ed:71:eb:3f:19:68:2d:a0:87:63:73:
56:44:73:92:a3:81:5e:20:73:50:34:fe:1a:6f:4c:a3:75:7f:
c3:52:ed:17:7a:7e:27:5f:7d:cb:70:ad:25:3a:30:64:ed:63:
95:e4:72:65:4d:44:73:e5:b6:0e:a5:5b:70:1f:24:b7:ec:0e:
5b:b3:43:1f:f2:08:2f:ff:89:0b:59:ce:0d:3a:53:2d:41:22:
c6:46:d1:46:6d:68:94:f1:b5:e6:2c:1f:96:5c:00:40:f5:3e:
5e:70:39:3e:07:f8:3d:9f:00:8a:93:e4:b6:54:82:ba:92:43:
e6:dc:46:26:ce:20:54:13:5f:0c:8d:13:99:94:50:02:e7:3c:
0b:d1:93:81:c5:d7:36:2a:bf:eb:c3:3f:93:69:51:11:a8:11:
a4:28:18:de:f7:ac:95:8c:71:df:ba:28:cd:13:7d:c6:59:68:
c8:3f:b2:54
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUX4SoTOBoqdOPXknrdeA8e8s8aOQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTI5ZWYyMWMxMzk3YWI0YjJmMDg3NzgzMDVhMzdmZmQx
Y2MyNWM0ZTAeFw0yNjA0MDgxMTQzMTJaFw0yNzA0MDcxMTQ4MTJaMDMxMTAvBgNV
BAMTKDkxRDE2MzU1RUY0RTMxMTkxQTdFOTE5OEJBNzZGNEU3QjdFREQxNTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC38IgMukhARo7P+0umsRMIQLwc
Omu/b31W9quCdxpbJH4n3jAe1HrB4R+cFlxoDvP/RM2gANuw7m6b/A2o1x+E8fCh
Rh3LJbcLGzDoHpwNlOrn7q0l12fzg41nViDfobK3qSaTnbgRCC9Q95qYBgR3fvg+
1RdBOJae8ziZIOG0cWBT4RbT2ixcDaOgwLA+BTPbijtWRfb+7cvrOM73qR6T15Rn
LxCPDEFqflSkWldycn0GU9AHMfK4ksaKid55JuHG89S6UTrgMhzDssGlJ4LT6Z/i
bUngdUitupVbPohP8cA0OzqzgVLxSPfubPzmFoSPnbakZD0f/GozOiTqtXy/AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUkdFjVe9OMRkafpGYunb057ft0VIwHwYDVR0j
BBgwFoAUop7yHBOXq0svCHeDBaN//RzCXE4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYtNzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1
NmI2LzIvQTI5RUYyMUMxMzk3QUI0QjJGMDg3NzgzMDVBMzdGRkQxQ0MyNUM0RS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL29wN3lIQk9YcTBzdkNIZURCYU5fX1J6
Q1hFNC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYt
NzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1NmI2LzIvMzEzODM1MmUzMjJlMzQzOTJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzYzMjM3MzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC5AjEw
DQYJKoZIhvcNAQELBQADggEBAHXI56EQFYAZlQ1u/RHziLK988K+K4sN6frR+1YL
D0xtncSHyLT4rumjgWd/KjXKzhFR78eG3GioDAP8Dk308M379j1U26SidlEaBX2W
VTPtces/GWgtoIdjc1ZEc5KjgV4gc1A0/hpvTKN1f8NS7Rd6fidffctwrSU6MGTt
Y5XkcmVNRHPltg6lW3AfJLfsDluzQx/yCC//iQtZzg06Uy1BIsZG0UZtaJTxteYs
H5ZcAED1Pl5wOT4H+D2fAIqT5LZUgrqSQ+bcRibOIFQTXwyNE5mUUALnPAvRk4HF
1zYqv+vDP5NpURGoEaQoGN73rJWMcd+6KM0TfcZZaMg/slQ=
-----END CERTIFICATE-----
Generated at Sat Apr 18 19:36:37 2026 by rpki-client