Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c8d08b30-64c7-404b-9873-2e04bd74c140/0/3138352e3131362e39302e302f32342d3234203d3e20343032323839.roa
File: 3138352e3131362e39302e302f32342d3234203d3e20343032323839.roa (raw, json)
Hash identifier: +Ui26OpR2rnRNb3YOnuRkkVtjIfm7ZTC4lRerOfEZ6k=
Subject key identifier: 74:31:F7:99:82:80:65:FF:93:B7:70:7D:B4:EA:B3:51:67:53:01:C3
Certificate issuer: /CN=d455dec4f1ebc2a64f5ccc2ee9292731eb82113d
Certificate serial: 1DE3408791B7D352A613F9F883EAEEE74B289D3B
Authority key identifier: D4:55:DE:C4:F1:EB:C2:A6:4F:5C:CC:2E:E9:29:27:31:EB:82:11:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FXexPHrwqZPXMwu6SknMeuCET0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c8d08b30-64c7-404b-9873-2e04bd74c140/0/3138352e3131362e39302e302f32342d3234203d3e20343032323839.roa
Signing time: Wed 22 Apr 2026 13:05:06 +0000
ROA not before: Wed 22 Apr 2026 13:00:06 +0000
ROA not after: Wed 21 Apr 2027 13:05:06 +0000
asID: 402289
IP address blocks: 185.116.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c8d08b30-64c7-404b-9873-2e04bd74c140/0/D455DEC4F1EBC2A64F5CCC2EE9292731EB82113D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c8d08b30-64c7-404b-9873-2e04bd74c140/0/D455DEC4F1EBC2A64F5CCC2EE9292731EB82113D.mft
rsync://rpki.ripe.net/repository/DEFAULT/1FXexPHrwqZPXMwu6SknMeuCET0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 17:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:e3:40:87:91:b7:d3:52:a6:13:f9:f8:83:ea:ee:e7:4b:28:9d:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d455dec4f1ebc2a64f5ccc2ee9292731eb82113d
Validity
Not Before: Apr 22 13:00:06 2026 GMT
Not After : Apr 21 13:05:06 2027 GMT
Subject: CN=7431F799828065FF93B7707DB4EAB351675301C3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:76:bd:e3:9b:cd:bc:cd:05:43:ac:0c:70:88:
ce:19:be:ee:df:92:56:d1:63:c1:e2:7e:96:ce:41:
8a:2f:3f:e3:40:c8:3f:13:30:1a:9f:f4:b0:0f:cc:
97:26:5c:b3:67:3c:31:fb:04:23:5f:f3:bf:33:12:
0c:0c:87:4f:b1:c7:84:4b:bb:e5:a6:83:a6:73:e0:
60:91:d5:a6:49:1e:00:25:a7:3b:c7:c6:46:d2:96:
4d:74:33:3d:28:fe:67:e7:5e:6c:94:6a:b0:64:e7:
ae:91:92:12:54:35:ba:b5:2f:b9:70:22:4f:37:b0:
3a:15:f1:d8:72:32:49:bb:ee:b2:4e:ba:f8:a2:92:
75:ab:1e:e6:33:13:1b:18:5e:ec:4e:b1:a0:9e:d8:
89:f7:c3:47:38:e4:6c:ee:36:ea:0c:6c:f9:3b:be:
2c:ff:e6:a4:cc:9c:e7:fe:b5:7b:19:2d:9b:8f:6f:
80:06:46:8a:8d:45:49:9b:20:84:0c:4d:db:a0:6f:
eb:e8:2e:bd:a9:e6:b1:28:71:b3:ea:29:9e:25:49:
2a:c2:c9:9d:91:35:2a:20:4d:db:db:fd:8b:d4:9c:
8d:12:9e:ee:b3:e6:0c:01:c0:0e:e1:af:db:89:b5:
48:10:5b:4e:6f:34:fa:68:b2:21:33:c6:c5:db:91:
d4:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:31:F7:99:82:80:65:FF:93:B7:70:7D:B4:EA:B3:51:67:53:01:C3
X509v3 Authority Key Identifier:
keyid:D4:55:DE:C4:F1:EB:C2:A6:4F:5C:CC:2E:E9:29:27:31:EB:82:11:3D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c8d08b30-64c7-404b-9873-2e04bd74c140/0/D455DEC4F1EBC2A64F5CCC2EE9292731EB82113D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FXexPHrwqZPXMwu6SknMeuCET0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c8d08b30-64c7-404b-9873-2e04bd74c140/0/3138352e3131362e39302e302f32342d3234203d3e20343032323839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.116.90.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:f1:11:19:b6:f0:8a:96:4f:b8:ed:58:8d:ee:e8:d8:21:09:
47:95:28:b7:70:1f:fc:e3:22:be:ce:1c:2b:18:e1:64:7b:41:
f9:58:57:e8:cb:f9:f7:b2:55:04:6e:74:59:e0:1a:c1:09:d8:
55:70:b6:08:1c:4e:7f:4e:5b:06:87:39:19:37:9f:9b:62:62:
76:bb:1a:c6:79:4c:64:33:98:5d:5e:db:95:7c:66:d5:d5:57:
05:95:23:ad:86:e7:12:b6:e6:f1:04:51:e1:71:9b:63:b9:89:
cc:5b:e2:ea:9c:b4:19:7f:c0:e0:70:e4:26:6f:4d:31:8c:74:
ff:d2:fb:12:6d:99:38:bc:d6:76:65:13:41:b6:07:d6:55:91:
21:b4:70:eb:b5:b0:50:d1:52:af:42:9a:a9:89:5f:d4:73:85:
aa:04:5b:8b:49:e3:ab:f3:4d:2d:39:46:1c:0d:b2:7e:c2:56:
de:cd:b4:cb:ad:d6:e8:de:64:2f:d7:12:ac:82:b7:28:fb:54:
60:59:44:db:99:51:5d:08:6b:99:07:71:fb:0f:8a:1b:c3:53:
2b:40:4c:aa:5c:68:09:1b:a4:83:80:93:b1:98:11:2a:b2:50:
da:e8:c7:40:e4:f2:17:d3:c5:cd:60:1c:b1:54:af:a9:9a:58:
ae:d4:36:19
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUHeNAh5G301KmE/n4g+ru50sonTswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDQ1NWRlYzRmMWViYzJhNjRmNWNjYzJlZTkyOTI3MzFl
YjgyMTEzZDAeFw0yNjA0MjIxMzAwMDZaFw0yNzA0MjExMzA1MDZaMDMxMTAvBgNV
BAMTKDc0MzFGNzk5ODI4MDY1RkY5M0I3NzA3REI0RUFCMzUxNjc1MzAxQzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCidr3jm828zQVDrAxwiM4Zvu7f
klbRY8HifpbOQYovP+NAyD8TMBqf9LAPzJcmXLNnPDH7BCNf878zEgwMh0+xx4RL
u+Wmg6Zz4GCR1aZJHgAlpzvHxkbSlk10Mz0o/mfnXmyUarBk566RkhJUNbq1L7lw
Ik83sDoV8dhyMkm77rJOuviiknWrHuYzExsYXuxOsaCe2In3w0c45GzuNuoMbPk7
viz/5qTMnOf+tXsZLZuPb4AGRoqNRUmbIIQMTdugb+voLr2p5rEocbPqKZ4lSSrC
yZ2RNSogTdvb/YvUnI0Snu6z5gwBwA7hr9uJtUgQW05vNPposiEzxsXbkdT/AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUdDH3mYKAZf+Tt3B9tOqzUWdTAcMwHwYDVR0j
BBgwFoAU1FXexPHrwqZPXMwu6SknMeuCET0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzhkMDhiMzAtNjRjNy00MDRiLTk4NzMtMmUwNGJkNzRj
MTQwLzAvRDQ1NURFQzRGMUVCQzJBNjRGNUNDQzJFRTkyOTI3MzFFQjgyMTEzRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFGWGV4UEhyd3FaUFhNd3U2U2tuTWV1
Q0VUMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzhkMDhiMzAt
NjRjNy00MDRiLTk4NzMtMmUwNGJkNzRjMTQwLzAvMzEzODM1MmUzMTMxMzYyZTM5
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMwMzIzMjM4Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5dFowDQYJKoZIhvcNAQELBQADggEBAC3xERm28IqWT7jtWI3u6NghCUeVKLdw
H/zjIr7OHCsY4WR7QflYV+jL+feyVQRudFngGsEJ2FVwtggcTn9OWwaHORk3n5ti
Yna7GsZ5TGQzmF1e25V8ZtXVVwWVI62G5xK25vEEUeFxm2O5icxb4uqctBl/wOBw
5CZvTTGMdP/S+xJtmTi81nZlE0G2B9ZVkSG0cOu1sFDRUq9CmqmJX9RzhaoEW4tJ
46vzTS05RhwNsn7CVt7NtMut1ujeZC/XEqyCtyj7VGBZRNuZUV0Ia5kHcfsPihvD
UytATKpcaAkbpIOAk7GYESqyUNrox0Dk8hfTxc1gHLFUr6maWK7UNhk=
-----END CERTIFICATE-----
Generated at Tue Apr 28 02:05:48 2026 by rpki-client