Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3138352e3231322e3131332e302f32342d3234203d3e20323134303235.roa
File: 3138352e3231322e3131332e302f32342d3234203d3e20323134303235.roa (raw, json)
Hash identifier: aXSpUgJzsdeeahPhM0CQvjCsoN168wVoO4acoiWZoD0=
Subject key identifier: CD:65:26:3F:7F:48:9A:47:1E:D5:F4:45:70:7F:FB:94:19:71:3E:8A
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 7E6AFC32DF010A75BD388FE7774348D7E7B1C0E9
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3138352e3231322e3131332e302f32342d3234203d3e20323134303235.roa
Signing time: Wed 04 Mar 2026 11:49:01 +0000
ROA not before: Wed 04 Mar 2026 11:44:01 +0000
ROA not after: Wed 03 Mar 2027 11:49:01 +0000
asID: 214025
IP address blocks: 185.212.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Mar 2026 19:55:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:6a:fc:32:df:01:0a:75:bd:38:8f:e7:77:43:48:d7:e7:b1:c0:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Mar 4 11:44:01 2026 GMT
Not After : Mar 3 11:49:01 2027 GMT
Subject: CN=CD65263F7F489A471ED5F445707FFB9419713E8A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:24:52:be:e4:f9:07:48:f6:0b:c8:45:ab:67:
d3:05:09:88:40:30:56:1d:be:c5:1e:c2:e6:05:d4:
55:d4:ad:b5:77:f6:7e:91:8d:76:c1:ac:19:c6:ef:
c5:10:84:15:f1:85:4e:55:27:ba:4d:19:31:c7:0a:
c7:fe:40:95:bf:0d:34:12:97:10:48:4a:22:97:39:
74:c5:44:5a:4f:37:5a:3d:5f:94:b9:99:5b:91:57:
41:a3:38:ed:bd:3e:ee:95:22:ad:6a:b2:b0:aa:e8:
d7:3d:f8:35:08:49:4f:9d:7d:aa:90:3d:71:d5:63:
fb:8a:42:0b:cf:cc:83:0a:31:ca:54:5e:8f:95:fb:
a5:76:96:1b:9b:c2:55:45:2d:88:01:5d:ef:89:50:
d1:a9:e0:18:eb:4a:52:65:53:7c:96:7e:66:2c:52:
cf:2d:58:f2:a6:d7:f8:99:4a:7e:f7:6a:62:61:75:
75:e2:f1:dc:c5:6f:d6:14:b3:4c:02:0c:3f:54:2a:
27:26:c2:d9:29:a1:e4:ea:5d:c2:0e:94:8f:78:ce:
47:0b:29:1e:39:0b:4f:2e:46:2e:c7:16:10:9a:53:
6e:9b:99:a1:78:ac:73:91:e3:0f:72:2b:d7:0c:a8:
e0:6f:4f:75:f4:0d:19:35:11:17:ee:c5:2a:0a:ff:
80:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:65:26:3F:7F:48:9A:47:1E:D5:F4:45:70:7F:FB:94:19:71:3E:8A
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3138352e3231322e3131332e302f32342d3234203d3e20323134303235.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.212.113.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:ae:e9:68:95:82:1a:6a:93:1c:18:a6:5b:c3:79:5b:ff:fe:
91:28:f4:06:f8:6b:69:6a:fd:6d:08:f8:50:7e:fc:b4:b1:89:
23:f5:b2:5a:47:1e:56:32:ea:17:66:01:b1:9e:f2:b8:73:bf:
83:71:6a:6c:25:f4:6d:1a:b9:1c:86:03:0e:95:1b:8d:a9:19:
a9:1b:64:01:c5:bd:8a:6f:b0:81:9d:92:06:55:9e:19:a5:82:
9a:33:98:90:ec:4f:73:be:be:91:95:9c:09:18:12:ad:64:c3:
72:62:4d:96:fb:f2:ba:4d:0d:f4:aa:56:33:56:4e:f9:1a:56:
ef:a8:93:2f:c9:c8:d4:c4:37:bb:d4:e4:44:04:7e:b5:95:91:
63:24:30:31:01:42:e8:cc:24:41:bd:20:f0:7e:52:fb:8d:3f:
68:67:15:99:d1:38:db:f5:75:eb:65:d7:7b:38:70:82:5f:d6:
57:ae:71:4b:7d:d2:13:16:91:f8:d5:25:74:dd:3e:25:89:d0:
c7:08:24:46:0c:a8:36:32:af:24:eb:90:c1:4b:00:33:4e:70:
82:83:51:8e:93:de:15:16:e6:5e:2e:13:c8:b9:38:6d:1b:dd:
1f:74:db:a9:50:cb:4d:b5:27:19:dc:67:a1:8c:56:bc:a8:16:
b4:36:11:a1
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUfmr8Mt8BCnW9OI/nd0NI1+exwOkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNjAzMDQxMTQ0MDFaFw0yNzAzMDMxMTQ5MDFaMDMxMTAvBgNV
BAMTKENENjUyNjNGN0Y0ODlBNDcxRUQ1RjQ0NTcwN0ZGQjk0MTk3MTNFOEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQJFK+5PkHSPYLyEWrZ9MFCYhA
MFYdvsUewuYF1FXUrbV39n6RjXbBrBnG78UQhBXxhU5VJ7pNGTHHCsf+QJW/DTQS
lxBISiKXOXTFRFpPN1o9X5S5mVuRV0GjOO29Pu6VIq1qsrCq6Nc9+DUISU+dfaqQ
PXHVY/uKQgvPzIMKMcpUXo+V+6V2lhubwlVFLYgBXe+JUNGp4BjrSlJlU3yWfmYs
Us8tWPKm1/iZSn73amJhdXXi8dzFb9YUs0wCDD9UKicmwtkpoeTqXcIOlI94zkcL
KR45C08uRi7HFhCaU26bmaF4rHOR4w9yK9cMqOBvT3X0DRk1ERfuxSoK/4DXAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUzWUmP39Imkce1fRFcH/7lBlxPoowHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzEzODM1MmUzMjMxMzIyZTMx
MzEzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNDMwMzIzNS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnUcTANBgkqhkiG9w0BAQsFAAOCAQEALK7paJWCGmqTHBimW8N5W//+kSj0
BvhraWr9bQj4UH78tLGJI/WyWkceVjLqF2YBsZ7yuHO/g3FqbCX0bRq5HIYDDpUb
jakZqRtkAcW9im+wgZ2SBlWeGaWCmjOYkOxPc76+kZWcCRgSrWTDcmJNlvvyuk0N
9KpWM1ZO+RpW76iTL8nI1MQ3u9TkRAR+tZWRYyQwMQFC6MwkQb0g8H5S+40/aGcV
mdE42/V162XXezhwgl/WV65xS33SExaR+NUldN0+JYnQxwgkRgyoNjKvJOuQwUsA
M05wgoNRjpPeFRbmXi4TyLk4bRvdH3TbqVDLTbUnGdxnoYxWvKgWtDYRoQ==
-----END CERTIFICATE-----
Generated at Thu Mar 5 01:42:50 2026 by rpki-client