Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3133302e36312e302f32342d3234203d3e20323732363936.roa
File: 3138352e3133302e36312e302f32342d3234203d3e20323732363936.roa (raw, json)
Hash identifier: iEuXNsbf+xsxf1NL3afxi/eNCMhpHPndZJ3OWTl2z+U=
Subject key identifier: 0D:8D:64:E6:E9:9A:3E:DA:6F:4B:EF:03:82:3E:4D:88:47:A7:86:19
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 054F98EF06D991361FA973086C7AC9AE6725F306
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3133302e36312e302f32342d3234203d3e20323732363936.roa
Signing time: Thu 28 May 2026 18:47:17 +0000
ROA not before: Thu 28 May 2026 18:42:17 +0000
ROA not after: Thu 27 May 2027 18:47:17 +0000
asID: 272696
IP address blocks: 185.130.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 14:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:4f:98:ef:06:d9:91:36:1f:a9:73:08:6c:7a:c9:ae:67:25:f3:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: May 28 18:42:17 2026 GMT
Not After : May 27 18:47:17 2027 GMT
Subject: CN=0D8D64E6E99A3EDA6F4BEF03823E4D8847A78619
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:60:6d:ea:4c:6e:55:ea:14:54:77:51:e4:fa:
36:82:28:0f:a0:77:b4:60:e1:50:d4:49:04:df:cc:
8e:6b:7b:25:aa:4c:92:16:b9:63:fd:4a:5e:9f:dc:
57:38:a3:ec:62:16:32:c9:39:10:06:49:4d:28:f8:
83:eb:2c:7c:b6:27:ef:8d:43:0d:0b:44:30:05:d8:
e3:f7:f6:8f:a6:6b:ba:d0:c2:8c:8c:ab:11:68:49:
5f:e4:94:f6:a2:f7:5c:11:78:a6:26:2a:13:00:8a:
4b:f7:2c:42:6d:c2:0f:3e:f0:ba:da:5e:d2:38:e0:
d2:fe:65:19:bd:3e:d8:9d:f2:df:8f:40:45:dd:5e:
97:0d:2d:30:cb:62:13:02:32:17:17:71:53:3f:e7:
b5:97:f1:27:0f:6c:4a:72:49:dd:a4:d2:8f:8c:e0:
c9:e2:5c:6f:e1:5d:1b:e3:28:0d:ae:e7:ef:c0:fe:
fa:51:01:ab:9c:2d:08:98:96:37:1e:cf:a8:f0:8a:
6e:79:a2:69:e4:70:c0:d0:98:38:fc:75:db:06:59:
8f:55:91:ef:77:d9:5b:9c:df:8e:02:49:2d:bb:2e:
19:d5:fd:3a:39:cb:a0:81:dd:50:bc:46:15:f5:89:
9f:1e:4c:2c:cf:61:5d:90:39:b1:eb:84:86:9f:b9:
6c:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:8D:64:E6:E9:9A:3E:DA:6F:4B:EF:03:82:3E:4D:88:47:A7:86:19
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3133302e36312e302f32342d3234203d3e20323732363936.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.130.61.0/24
Signature Algorithm: sha256WithRSAEncryption
da:7e:c0:55:d5:dd:0f:2b:63:b2:f2:78:40:8d:1c:95:6d:94:
9a:5b:9f:fd:bf:8c:a5:b0:86:96:f6:ca:4d:ed:37:96:dc:c9:
f7:85:7f:a1:b1:9d:f5:2c:f5:20:e1:6f:da:b4:c9:3d:ec:68:
49:f7:50:da:57:14:07:d5:92:f5:d2:a9:46:4b:84:01:c6:fd:
51:f8:81:b7:0b:2c:22:a8:5d:0d:a1:08:bc:73:13:45:4e:51:
98:68:c9:ff:29:d9:8e:06:a5:48:a3:11:64:3b:49:8c:b5:66:
b3:c5:94:3f:fb:c0:40:12:61:8c:83:27:5e:99:5e:d1:07:05:
b4:ca:a5:34:d7:90:b3:c0:ce:ac:76:a2:aa:70:d3:6d:2f:66:
61:51:58:5a:a7:63:a7:32:3f:91:54:52:54:ce:92:84:2a:65:
c3:41:78:a6:4c:45:df:33:9a:64:83:01:c9:e6:4b:01:80:74:
09:32:07:9c:73:1f:5a:3f:02:69:a7:67:7e:3e:d4:eb:11:bc:
5c:69:28:04:88:80:2b:e9:f1:37:48:f1:a9:e3:25:f2:69:d2:
4d:9a:23:ce:68:ec:52:e7:84:1f:85:81:09:eb:75:66:1d:7d:
f4:7f:5a:ac:2a:08:ac:9c:0f:1f:a9:25:78:69:92:88:c7:c8:
d5:94:1a:53
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUBU+Y7wbZkTYfqXMIbHrJrmcl8wYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNjA1MjgxODQyMTdaFw0yNzA1MjcxODQ3MTdaMDMxMTAvBgNV
BAMTKDBEOEQ2NEU2RTk5QTNFREE2RjRCRUYwMzgyM0U0RDg4NDdBNzg2MTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyYG3qTG5V6hRUd1Hk+jaCKA+g
d7Rg4VDUSQTfzI5reyWqTJIWuWP9Sl6f3Fc4o+xiFjLJORAGSU0o+IPrLHy2J++N
Qw0LRDAF2OP39o+ma7rQwoyMqxFoSV/klPai91wReKYmKhMAikv3LEJtwg8+8Lra
XtI44NL+ZRm9Ptid8t+PQEXdXpcNLTDLYhMCMhcXcVM/57WX8ScPbEpySd2k0o+M
4MniXG/hXRvjKA2u5+/A/vpRAaucLQiYljcez6jwim55omnkcMDQmDj8ddsGWY9V
ke932Vuc344CSS27LhnV/To5y6CB3VC8RhX1iZ8eTCzPYV2QObHrhIafuWx/AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUDY1k5umaPtpvS+8Dgj5NiEenhhkwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMTMzMzAyZTM2
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM3MzIzNjM5MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5gj0wDQYJKoZIhvcNAQELBQADggEBANp+wFXV3Q8rY7LyeECNHJVtlJpbn/2/
jKWwhpb2yk3tN5bcyfeFf6GxnfUs9SDhb9q0yT3saEn3UNpXFAfVkvXSqUZLhAHG
/VH4gbcLLCKoXQ2hCLxzE0VOUZhoyf8p2Y4GpUijEWQ7SYy1ZrPFlD/7wEASYYyD
J16ZXtEHBbTKpTTXkLPAzqx2oqpw020vZmFRWFqnY6cyP5FUUlTOkoQqZcNBeKZM
Rd8zmmSDAcnmSwGAdAkyB5xzH1o/AmmnZ34+1OsRvFxpKASIgCvp8TdI8anjJfJp
0k2aI85o7FLnhB+FgQnrdWYdffR/WqwqCKycDx+pJXhpkojHyNWUGlM=
-----END CERTIFICATE-----
Generated at Fri Jun 12 03:54:11 2026 by rpki-client