Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3138352e322e35302e302f32342d3234203d3e203632303832.roa
File: 3138352e322e35302e302f32342d3234203d3e203632303832.roa (raw, json)
Hash identifier: EUMdCtj0EwFeQzWbVb7TeiziGsrERoU+cN/BNaOw7Hk=
Subject key identifier: 09:83:CA:2A:97:A7:36:0B:B9:85:65:35:F1:F8:87:E4:FF:CB:24:E0
Certificate issuer: /CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Certificate serial: 489F678B8DDFBF2CF250C4A96CCD226367ECF0D9
Authority key identifier: A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3138352e322e35302e302f32342d3234203d3e203632303832.roa
Signing time: Fri 17 Apr 2026 08:44:59 +0000
ROA not before: Fri 17 Apr 2026 08:39:59 +0000
ROA not after: Fri 16 Apr 2027 08:44:59 +0000
asID: 62082
IP address blocks: 185.2.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.mft
rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 Apr 2026 04:28:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:9f:67:8b:8d:df:bf:2c:f2:50:c4:a9:6c:cd:22:63:67:ec:f0:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Validity
Not Before: Apr 17 08:39:59 2026 GMT
Not After : Apr 16 08:44:59 2027 GMT
Subject: CN=0983CA2A97A7360BB9856535F1F887E4FFCB24E0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:2b:f1:fd:47:04:12:d0:30:7c:3d:29:85:da:
d0:75:83:47:b6:4f:73:41:38:49:8a:b1:46:9e:7e:
45:0b:f7:cc:28:4a:a8:07:0f:5d:9b:7e:50:ac:e3:
71:79:41:7e:ef:d0:ae:cd:e6:5e:4d:7c:1f:1b:d4:
ff:96:5c:8e:59:4b:07:d0:bd:ce:2b:57:c2:16:3e:
6b:13:38:0c:60:60:dc:07:4d:79:84:f8:b4:64:2a:
80:d4:0b:71:f9:f2:65:46:16:48:9a:f0:74:f5:59:
32:9c:cf:b9:e3:df:e5:02:03:b8:29:81:b2:54:5e:
4d:d8:c8:4b:1d:8e:d4:79:46:78:49:96:ed:56:ba:
7e:bf:2b:6f:cb:eb:d5:7e:32:a1:50:04:d7:ad:f2:
44:86:97:92:cf:39:18:56:a9:69:d8:fb:da:4f:af:
0a:4b:46:99:dc:2f:7d:8b:bc:c5:e9:f6:be:67:08:
de:13:66:74:fa:0c:d1:6b:8c:7c:69:0d:74:e3:6f:
63:aa:b1:9c:2a:60:de:a5:88:33:ec:83:61:f1:4b:
87:dc:f8:23:6e:27:dc:a0:a7:14:c2:d9:49:67:6d:
3e:6f:e2:dc:28:41:5c:8d:5d:bc:ea:97:17:db:3c:
b5:6e:10:a1:08:d0:ba:ce:18:be:73:28:86:d1:cd:
27:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:83:CA:2A:97:A7:36:0B:B9:85:65:35:F1:F8:87:E4:FF:CB:24:E0
X509v3 Authority Key Identifier:
keyid:A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3138352e322e35302e302f32342d3234203d3e203632303832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.50.0/24
Signature Algorithm: sha256WithRSAEncryption
34:f7:9d:52:a6:e5:a3:14:83:eb:87:c4:c1:f8:2c:2c:fe:c0:
e8:ef:ee:ef:7d:2a:90:15:02:79:81:d5:57:8c:97:ad:c6:b9:
a4:8c:01:49:fe:b5:f9:93:e0:81:6c:2d:09:60:ca:4f:44:fb:
f4:56:6d:23:1b:76:6a:f4:d5:36:15:29:43:33:69:e9:d7:e1:
fc:a5:9f:ab:42:db:a1:c0:e8:a6:c3:ab:8c:ea:62:15:b1:78:
a8:e5:16:ea:bf:83:fc:b9:94:7e:61:1c:00:76:48:48:d7:00:
4e:9b:9d:6a:e7:40:63:c4:e7:ed:51:8d:46:d5:31:9c:44:17:
7e:14:37:88:da:b9:3c:18:5a:00:83:c1:72:6c:51:ee:5d:9b:
df:9d:b8:52:fc:ac:20:60:2d:94:90:2c:03:47:0b:97:9a:7d:
aa:34:15:f5:2d:31:91:d7:77:83:b0:7a:f8:46:b7:22:20:97:
10:dd:1f:21:71:02:cc:fa:10:30:dc:03:17:87:62:87:ed:c3:
6b:5e:7a:e0:6b:07:d3:50:e6:93:79:81:f7:e5:df:df:8b:65:
c2:26:02:c3:73:2a:2b:e6:96:06:f7:d7:a3:3f:03:45:7d:7f:
73:f5:0d:38:ac:f5:8b:65:00:21:1e:42:96:b4:72:50:c8:e6:
9d:31:87:2b
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUSJ9ni43fvyzyUMSpbM0iY2fs8NkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTI5ZWYyMWMxMzk3YWI0YjJmMDg3NzgzMDVhMzdmZmQx
Y2MyNWM0ZTAeFw0yNjA0MTcwODM5NTlaFw0yNzA0MTYwODQ0NTlaMDMxMTAvBgNV
BAMTKDA5ODNDQTJBOTdBNzM2MEJCOTg1NjUzNUYxRjg4N0U0RkZDQjI0RTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpK/H9RwQS0DB8PSmF2tB1g0e2
T3NBOEmKsUaefkUL98woSqgHD12bflCs43F5QX7v0K7N5l5NfB8b1P+WXI5ZSwfQ
vc4rV8IWPmsTOAxgYNwHTXmE+LRkKoDUC3H58mVGFkia8HT1WTKcz7nj3+UCA7gp
gbJUXk3YyEsdjtR5RnhJlu1Wun6/K2/L69V+MqFQBNet8kSGl5LPORhWqWnY+9pP
rwpLRpncL32LvMXp9r5nCN4TZnT6DNFrjHxpDXTjb2OqsZwqYN6liDPsg2HxS4fc
+CNuJ9ygpxTC2UlnbT5v4twoQVyNXbzqlxfbPLVuEKEI0LrOGL5zKIbRzScjAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUCYPKKpenNgu5hWU18fiH5P/LJOAwHwYDVR0j
BBgwFoAUop7yHBOXq0svCHeDBaN//RzCXE4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYtNzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1
NmI2LzIvQTI5RUYyMUMxMzk3QUI0QjJGMDg3NzgzMDVBMzdGRkQxQ0MyNUM0RS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL29wN3lIQk9YcTBzdkNIZURCYU5fX1J6
Q1hFNC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYt
NzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1NmI2LzIvMzEzODM1MmUzMjJlMzUzMDJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzIzMDM4MzIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC5AjIw
DQYJKoZIhvcNAQELBQADggEBADT3nVKm5aMUg+uHxMH4LCz+wOjv7u99KpAVAnmB
1VeMl63GuaSMAUn+tfmT4IFsLQlgyk9E+/RWbSMbdmr01TYVKUMzaenX4fyln6tC
26HA6KbDq4zqYhWxeKjlFuq/g/y5lH5hHAB2SEjXAE6bnWrnQGPE5+1RjUbVMZxE
F34UN4jauTwYWgCDwXJsUe5dm9+duFL8rCBgLZSQLANHC5eafao0FfUtMZHXd4Ow
evhGtyIglxDdHyFxAsz6EDDcAxeHYoftw2teeuBrB9NQ5pN5gffl39+LZcImAsNz
Kivmlgb316M/A0V9f3P1DTis9YtlACEeQpa0clDI5p0xhys=
-----END CERTIFICATE-----
Generated at Sat Apr 18 19:36:40 2026 by rpki-client