Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/3/3138352e3230302e3231312e302f32342d3234203d3e203137353631.roa
File: 3138352e3230302e3231312e302f32342d3234203d3e203137353631.roa (raw, json)
Hash identifier: vaq2U1utiHAmwsFdBJWN8CZ3Xs8ef88rxfCkv12YYlQ=
Subject key identifier: E8:9E:87:EE:0F:39:05:17:93:D2:CB:76:1A:D0:87:E8:1B:62:18:CB
Certificate issuer: /CN=fddee908a9ad2dfbe32ff35b402a5ab2198dc907
Certificate serial: 5ABC31229E393E52430F921AE594EE537E3B2371
Authority key identifier: FD:DE:E9:08:A9:AD:2D:FB:E3:2F:F3:5B:40:2A:5A:B2:19:8D:C9:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_d7pCKmtLfvjL_NbQCpashmNyQc.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/3/3138352e3230302e3231312e302f32342d3234203d3e203137353631.roa
Signing time: Tue 02 Jun 2026 16:30:30 +0000
ROA not before: Tue 02 Jun 2026 16:25:30 +0000
ROA not after: Tue 01 Jun 2027 16:30:30 +0000
asID: 17561
IP address blocks: 185.200.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/3/FDDEE908A9AD2DFBE32FF35B402A5AB2198DC907.crl
rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/3/FDDEE908A9AD2DFBE32FF35B402A5AB2198DC907.mft
rsync://rpki.ripe.net/repository/DEFAULT/_d7pCKmtLfvjL_NbQCpashmNyQc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:bc:31:22:9e:39:3e:52:43:0f:92:1a:e5:94:ee:53:7e:3b:23:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fddee908a9ad2dfbe32ff35b402a5ab2198dc907
Validity
Not Before: Jun 2 16:25:30 2026 GMT
Not After : Jun 1 16:30:30 2027 GMT
Subject: CN=E89E87EE0F39051793D2CB761AD087E81B6218CB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:2e:53:b4:ab:b6:27:88:08:7e:2d:cb:00:ed:
0a:2f:fd:8b:32:e0:94:b4:d3:f4:c9:fd:6d:7e:c1:
4f:5e:8e:a6:5a:91:49:a6:fc:a4:29:b7:6f:ad:44:
94:8d:d0:25:3e:3a:d9:cf:65:33:76:1f:f3:2c:7f:
48:24:7d:dd:44:29:24:c7:45:9a:7e:ee:a8:c9:d2:
0d:7e:77:20:fe:f0:ae:d3:1b:e3:9d:7d:af:87:8f:
b6:39:3e:f4:62:a1:f5:5b:f5:a8:ce:be:d9:cf:36:
ea:71:30:9b:d2:84:91:f1:2b:9b:07:56:02:79:31:
89:e7:75:4f:49:98:be:57:63:d2:ed:b1:df:cb:a6:
94:15:2b:2c:02:13:48:a7:eb:c9:f7:44:f1:f0:2d:
dc:bc:12:4a:4b:78:2b:18:35:78:a7:e5:f9:64:42:
52:99:c5:5b:5f:7d:b9:b6:1f:4b:9b:8a:85:84:bb:
66:8a:af:e0:8d:11:a6:40:b0:88:f2:03:60:de:94:
ad:11:f1:d1:00:2f:79:5a:a3:f7:b0:6d:ea:e8:58:
2d:1e:45:46:bd:32:c7:39:e6:09:45:d4:cb:e8:7b:
e9:6b:a7:08:18:3f:70:1c:49:a2:6f:4e:ff:e4:7a:
25:39:55:77:4f:5f:b0:8a:3b:17:9c:48:75:6e:bf:
19:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:9E:87:EE:0F:39:05:17:93:D2:CB:76:1A:D0:87:E8:1B:62:18:CB
X509v3 Authority Key Identifier:
keyid:FD:DE:E9:08:A9:AD:2D:FB:E3:2F:F3:5B:40:2A:5A:B2:19:8D:C9:07
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/3/FDDEE908A9AD2DFBE32FF35B402A5AB2198DC907.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_d7pCKmtLfvjL_NbQCpashmNyQc.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/3/3138352e3230302e3231312e302f32342d3234203d3e203137353631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.211.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:cc:fc:3a:68:d4:5e:74:c3:55:b3:1e:93:ab:21:e3:e2:20:
b0:90:ed:0b:bd:27:63:9d:88:20:6a:79:d6:9f:50:45:d3:4e:
70:39:6e:3e:65:fb:07:d6:dc:67:c3:e6:c2:a4:ac:94:c9:d8:
54:46:41:9f:4d:f4:2e:e1:dc:82:79:99:fa:8a:44:3c:fb:05:
92:84:a4:16:b4:07:dc:2b:3e:82:1e:0a:db:1a:36:4f:28:78:
cf:0f:63:49:77:c5:e3:a5:c1:b7:e6:8e:a4:02:31:27:0d:41:
86:4b:a4:53:aa:eb:ce:a9:d8:26:f4:e2:aa:c5:bf:cd:e2:ae:
e3:12:f4:73:d8:98:aa:8b:42:ad:d5:49:3a:2c:e5:65:61:26:
1e:2d:b1:46:46:b1:8f:28:bc:ff:57:59:81:03:fa:83:57:76:
57:11:03:87:37:47:0b:01:72:62:3c:f2:82:83:63:66:8d:84:
c1:e2:69:86:ef:1a:14:b3:99:fe:a0:f5:e7:e3:56:b0:4e:c7:
5a:51:71:b1:c3:05:29:77:97:85:c2:22:7b:1f:3a:60:7f:13:
de:d2:24:b0:96:01:89:6c:e4:8a:6d:1d:59:4a:12:61:60:dd:
b0:92:ff:b9:76:4e:ff:5e:6b:c3:0d:81:52:d8:a0:dc:c5:14:
e8:bb:9d:fc
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUWrwxIp45PlJDD5Ia5ZTuU347I3EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmRkZWU5MDhhOWFkMmRmYmUzMmZmMzViNDAyYTVhYjIx
OThkYzkwNzAeFw0yNjA2MDIxNjI1MzBaFw0yNzA2MDExNjMwMzBaMDMxMTAvBgNV
BAMTKEU4OUU4N0VFMEYzOTA1MTc5M0QyQ0I3NjFBRDA4N0U4MUI2MjE4Q0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoLlO0q7YniAh+LcsA7Qov/Ysy
4JS00/TJ/W1+wU9ejqZakUmm/KQpt2+tRJSN0CU+OtnPZTN2H/Msf0gkfd1EKSTH
RZp+7qjJ0g1+dyD+8K7TG+Odfa+Hj7Y5PvRiofVb9ajOvtnPNupxMJvShJHxK5sH
VgJ5MYnndU9JmL5XY9Ltsd/LppQVKywCE0in68n3RPHwLdy8EkpLeCsYNXin5flk
QlKZxVtffbm2H0ubioWEu2aKr+CNEaZAsIjyA2DelK0R8dEAL3lao/ewberoWC0e
RUa9Msc55glF1Mvoe+lrpwgYP3AcSaJvTv/keiU5VXdPX7CKOxecSHVuvxn/AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU6J6H7g85BReT0st2GtCH6BtiGMswHwYDVR0j
BBgwFoAU/d7pCKmtLfvjL/NbQCpashmNyQcwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYtNzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1
NmI2LzMvRkRERUU5MDhBOUFEMkRGQkUzMkZGMzVCNDAyQTVBQjIxOThEQzkwNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL19kN3BDS210TGZ2akxfTmJRQ3Bhc2ht
TnlRYy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYt
NzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1NmI2LzMvMzEzODM1MmUzMjMwMzAyZTMy
MzEzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzczNTM2MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5yNMwDQYJKoZIhvcNAQELBQADggEBAIvM/Dpo1F50w1WzHpOrIePiILCQ7Qu9
J2OdiCBqedafUEXTTnA5bj5l+wfW3GfD5sKkrJTJ2FRGQZ9N9C7h3IJ5mfqKRDz7
BZKEpBa0B9wrPoIeCtsaNk8oeM8PY0l3xeOlwbfmjqQCMScNQYZLpFOq686p2Cb0
4qrFv83iruMS9HPYmKqLQq3VSTos5WVhJh4tsUZGsY8ovP9XWYED+oNXdlcRA4c3
RwsBcmI88oKDY2aNhMHiaYbvGhSzmf6g9efjVrBOx1pRcbHDBSl3l4XCInsfOmB/
E97SJLCWAYls5IptHVlKEmFg3bCS/7l2Tv9ea8MNgVLYoNzFFOi7nfw=
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:36:03 2026 by rpki-client