Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234312e302f32342d3234203d3e20323131303932.roa
File: 3138352e3231332e3234312e302f32342d3234203d3e20323131303932.roa (raw, json)
Hash identifier: 7qy707kA5n1DMqz1ORJoFL0VX7ypxya3lTKn4BjX8QI=
Subject key identifier: 87:55:F3:33:72:1D:21:0B:80:FD:3C:2B:B1:2C:92:DF:DC:EF:86:75
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 31390584628B375EAC526F211909EED73A7F2420
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234312e302f32342d3234203d3e20323131303932.roa
Signing time: Fri 22 May 2026 14:45:21 +0000
ROA not before: Fri 22 May 2026 14:40:21 +0000
ROA not after: Fri 21 May 2027 14:45:21 +0000
asID: 211092
IP address blocks: 185.213.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 14:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:39:05:84:62:8b:37:5e:ac:52:6f:21:19:09:ee:d7:3a:7f:24:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: May 22 14:40:21 2026 GMT
Not After : May 21 14:45:21 2027 GMT
Subject: CN=8755F333721D210B80FD3C2BB12C92DFDCEF8675
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:6e:97:e4:76:5c:62:3e:4f:30:44:85:e7:64:
84:bc:e6:85:d9:ac:71:63:c5:05:e2:af:59:2f:1e:
72:0a:66:06:b2:3f:21:e8:25:c0:6f:63:69:75:12:
58:ab:ab:98:2a:b3:7d:db:c4:ba:9a:47:52:f2:13:
43:98:b5:ca:00:fb:38:6f:bb:22:6c:34:c8:1e:90:
fa:64:94:f1:ef:04:b8:89:bf:30:19:57:1d:91:b2:
c8:3d:4b:c3:e2:34:53:f0:45:59:d4:e6:2a:f1:4a:
4b:b2:79:bc:ef:a2:7b:52:32:f1:04:a4:a9:f7:a0:
b8:64:7d:ec:d6:83:73:1e:71:f6:b0:e5:e6:a8:d5:
a2:65:17:8b:a4:5e:99:cc:93:b0:b3:ad:8a:60:a1:
94:9c:77:e4:14:b9:cc:d2:7f:8d:dc:b9:f2:2e:88:
1f:24:f6:6d:28:87:c7:22:32:2a:d9:c4:1e:9d:6c:
73:f4:f2:d2:e9:5e:3d:d7:f5:79:40:ec:c4:ba:7a:
92:99:e5:98:c1:00:e9:a8:1f:e5:09:12:0d:2c:d0:
e1:0d:cb:26:1e:ea:9d:b1:1e:7e:10:b8:1a:57:2a:
48:e2:4b:3c:07:45:a3:93:56:46:2a:8d:db:69:4e:
c6:b9:62:c0:42:ba:d1:84:c9:2d:eb:98:09:8a:ed:
d8:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:55:F3:33:72:1D:21:0B:80:FD:3C:2B:B1:2C:92:DF:DC:EF:86:75
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234312e302f32342d3234203d3e20323131303932.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.241.0/24
Signature Algorithm: sha256WithRSAEncryption
46:ff:a2:ac:ba:84:f1:b3:97:54:8d:49:bc:e4:55:b8:df:76:
1d:3c:f3:ce:2e:0e:df:e9:73:d8:91:1a:3f:a7:7f:ac:14:dc:
10:a8:27:01:7b:b8:07:8a:dd:11:fb:2e:09:fd:ce:1f:27:0a:
fb:98:57:3a:37:63:dc:e6:e4:72:2b:99:ee:2b:1f:39:87:10:
aa:81:50:cc:61:34:4c:3f:f3:87:a8:95:46:d2:73:95:df:6c:
a6:5b:ea:8a:f5:f1:2d:0f:c4:ab:fa:2f:eb:a8:4f:2b:8e:5a:
49:8e:60:36:6a:06:4b:50:4f:36:56:fe:d5:0b:74:95:a6:3e:
90:b2:7e:0f:e0:7e:2e:5a:ac:07:d4:71:4b:ee:4c:8d:53:b8:
b1:7d:aa:d9:48:5d:2e:aa:c8:a8:67:54:28:e9:04:c6:3d:04:
ab:b5:a8:8f:de:27:19:3c:d6:88:84:d3:12:52:67:da:12:12:
3d:fd:ac:a2:33:06:b9:a1:55:e6:bf:91:54:69:45:80:24:49:
f1:97:27:04:6b:e2:96:8d:ce:67:f6:34:24:8e:05:de:39:16:
08:cd:32:a6:72:91:d8:1c:76:eb:5c:fe:2d:cf:39:04:e3:0d:
01:da:85:b6:c2:c4:e1:5b:a8:be:15:23:05:43:84:9a:2e:41:
07:8e:e5:11
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUMTkFhGKLN16sUm8hGQnu1zp/JCAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNjA1MjIxNDQwMjFaFw0yNzA1MjExNDQ1MjFaMDMxMTAvBgNV
BAMTKDg3NTVGMzMzNzIxRDIxMEI4MEZEM0MyQkIxMkM5MkRGRENFRjg2NzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPbpfkdlxiPk8wRIXnZIS85oXZ
rHFjxQXir1kvHnIKZgayPyHoJcBvY2l1Elirq5gqs33bxLqaR1LyE0OYtcoA+zhv
uyJsNMgekPpklPHvBLiJvzAZVx2Rssg9S8PiNFPwRVnU5irxSkuyebzvontSMvEE
pKn3oLhkfezWg3Mecfaw5eao1aJlF4ukXpnMk7CzrYpgoZScd+QUuczSf43cufIu
iB8k9m0oh8ciMirZxB6dbHP08tLpXj3X9XlA7MS6epKZ5ZjBAOmoH+UJEg0s0OEN
yyYe6p2xHn4QuBpXKkjiSzwHRaOTVkYqjdtpTsa5YsBCutGEyS3rmAmK7dg3AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUh1XzM3IdIQuA/TwrsSyS39zvhnUwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjMxMzMyZTMy
MzQzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMTMwMzkzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnV8TANBgkqhkiG9w0BAQsFAAOCAQEARv+irLqE8bOXVI1JvORVuN92HTzz
zi4O3+lz2JEaP6d/rBTcEKgnAXu4B4rdEfsuCf3OHycK+5hXOjdj3ObkciuZ7isf
OYcQqoFQzGE0TD/zh6iVRtJzld9splvqivXxLQ/Eq/ov66hPK45aSY5gNmoGS1BP
Nlb+1Qt0laY+kLJ+D+B+LlqsB9RxS+5MjVO4sX2q2UhdLqrIqGdUKOkExj0Eq7Wo
j94nGTzWiITTElJn2hISPf2sojMGuaFV5r+RVGlFgCRJ8ZcnBGvilo3OZ/Y0JI4F
3jkWCM0ypnKR2Bx261z+Lc85BOMNAdqFtsLE4VuovhUjBUOEmi5BB47lEQ==
-----END CERTIFICATE-----
Generated at Fri Jun 12 03:47:49 2026 by rpki-client