Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e3132332e3135372e302f32342d3234203d3e2030.roa
File: 3138352e3132332e3135372e302f32342d3234203d3e2030.roa (raw, json)
Hash identifier: nkIgXpwwC/AUenXNl6LNYQ631Fr4ojkt+2aEidXFP2g=
Subject key identifier: 6E:BF:58:AD:31:52:9C:3D:C4:EE:17:E3:44:95:77:38:68:67:A3:3C
Certificate issuer: /CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Certificate serial: 4BA695E269C902968AA3F7620F115767F002773E
Authority key identifier: E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e3132332e3135372e302f32342d3234203d3e2030.roa
Signing time: Mon 09 Mar 2026 13:06:43 +0000
ROA not before: Mon 09 Mar 2026 13:01:43 +0000
ROA not after: Mon 08 Mar 2027 13:06:43 +0000
asID: 0
IP address blocks: 185.123.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.mft
rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:a6:95:e2:69:c9:02:96:8a:a3:f7:62:0f:11:57:67:f0:02:77:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Validity
Not Before: Mar 9 13:01:43 2026 GMT
Not After : Mar 8 13:06:43 2027 GMT
Subject: CN=6EBF58AD31529C3DC4EE17E3449577386867A33C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:72:f6:29:db:9a:84:d1:fd:f2:99:01:b0:68:
92:46:06:5d:42:dd:67:8b:f3:4f:dc:c7:9d:ef:2d:
87:42:b8:18:e7:c6:ee:2d:d9:ea:e6:c6:f7:f4:cb:
00:15:fe:15:0e:9c:b2:98:97:fd:9c:97:2e:54:4f:
3e:0b:a4:51:c8:0c:84:5c:5b:a2:05:24:4a:f2:5d:
d6:d0:a5:2f:d5:66:17:90:11:7e:82:a9:b5:a2:69:
f3:2f:1a:28:74:0b:24:56:22:5c:cf:d0:46:68:05:
c7:1b:f7:34:72:07:3f:ef:99:c5:7c:b0:2e:23:39:
d5:50:22:08:39:33:9a:8e:25:7a:00:e6:5f:26:3f:
27:b2:d4:11:02:2d:0d:63:2c:35:7e:f9:48:ed:4f:
7e:d8:96:17:23:09:40:f6:d4:80:d1:59:5e:a8:2c:
df:f6:66:26:90:25:2f:1b:13:e4:0a:23:49:a3:65:
b2:12:8e:f6:e6:bc:be:f9:21:c9:80:99:5b:cd:a1:
26:2f:6d:0e:43:17:e5:fa:9b:79:59:02:28:34:fb:
1a:e0:ad:74:d5:d8:be:c8:44:2e:f7:21:b5:48:16:
ff:91:e2:78:99:41:11:6a:d6:1f:83:e3:5c:7c:c2:
31:31:82:22:51:f4:fd:10:18:8f:c8:ee:b8:c5:3b:
df:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:BF:58:AD:31:52:9C:3D:C4:EE:17:E3:44:95:77:38:68:67:A3:3C
X509v3 Authority Key Identifier:
keyid:E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e3132332e3135372e302f32342d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.157.0/24
Signature Algorithm: sha256WithRSAEncryption
48:3f:f5:d4:1e:e6:07:7d:35:5a:71:99:b4:ac:00:bd:d5:5c:
54:20:0c:a5:c5:4b:2c:e9:e9:ca:69:cb:47:4e:85:89:b9:f8:
46:b6:7a:2a:c0:74:2c:7e:a0:61:50:68:26:ec:d5:4e:0e:2c:
cf:eb:43:9f:b4:c8:c6:15:85:13:b2:df:c4:0c:44:8c:d4:c7:
92:6b:39:34:25:30:55:e2:0e:d7:40:ba:f9:38:84:c7:78:2e:
d2:34:a5:b5:d9:35:76:21:d3:db:89:16:01:57:b9:8a:ad:8b:
4e:f2:ca:62:32:ca:c6:44:55:8f:20:22:f5:88:e5:0e:f1:71:
0a:df:a8:9f:29:d3:87:c0:c6:07:92:e1:f9:f5:ac:4f:a3:9e:
c4:e7:2e:fe:35:bd:80:f0:09:43:97:4c:69:4b:11:87:73:6b:
f7:c6:c1:43:5b:00:34:6b:97:0d:c6:0f:e0:9f:b1:76:1b:50:
c9:77:a8:ab:12:2d:83:3e:cb:6b:5c:22:22:59:97:cb:b0:81:
d5:a4:77:35:34:3c:83:8d:1b:95:91:a2:8c:ed:f2:d9:f0:7c:
bf:31:87:41:5a:bc:da:5c:11:ab:3e:8e:13:0f:b0:cc:bc:19:
35:c6:25:03:e3:00:38:d7:29:47:f1:66:89:b3:e5:13:fe:3e:
7f:68:2f:1d
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUS6aV4mnJApaKo/diDxFXZ/ACdz4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTFmMzUxMmY1MWRjNDJiYjllYjEyYWJjMGJiNTI5NjY4
YjJlZGVlNDAeFw0yNjAzMDkxMzAxNDNaFw0yNzAzMDgxMzA2NDNaMDMxMTAvBgNV
BAMTKDZFQkY1OEFEMzE1MjlDM0RDNEVFMTdFMzQ0OTU3NzM4Njg2N0EzM0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDycvYp25qE0f3ymQGwaJJGBl1C
3WeL80/cx53vLYdCuBjnxu4t2ermxvf0ywAV/hUOnLKYl/2cly5UTz4LpFHIDIRc
W6IFJEryXdbQpS/VZheQEX6CqbWiafMvGih0CyRWIlzP0EZoBccb9zRyBz/vmcV8
sC4jOdVQIgg5M5qOJXoA5l8mPyey1BECLQ1jLDV++UjtT37YlhcjCUD21IDRWV6o
LN/2ZiaQJS8bE+QKI0mjZbISjvbmvL75IcmAmVvNoSYvbQ5DF+X6m3lZAig0+xrg
rXTV2L7IRC73IbVIFv+R4niZQRFq1h+D41x8wjExgiJR9P0QGI/I7rjFO9+9AgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUbr9YrTFSnD3E7hfjRJV3OGhnozwwHwYDVR0j
BBgwFoAU4fNRL1HcQruesSq8C7UpZosu3uQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgtZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3
OWE3LzAvRTFGMzUxMkY1MURDNDJCQjlFQjEyQUJDMEJCNTI5NjY4QjJFREVFNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRmTlJMMUhjUXJ1ZXNTcThDN1VwWm9z
dTN1US5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgt
ZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3OWE3LzAvMzEzODM1MmUzMTMyMzMyZTMx
MzUzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMwLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXudMA0G
CSqGSIb3DQEBCwUAA4IBAQBIP/XUHuYHfTVacZm0rAC91VxUIAylxUss6enKactH
ToWJufhGtnoqwHQsfqBhUGgm7NVODizP60OftMjGFYUTst/EDESM1MeSazk0JTBV
4g7XQLr5OITHeC7SNKW12TV2IdPbiRYBV7mKrYtO8spiMsrGRFWPICL1iOUO8XEK
36ifKdOHwMYHkuH59axPo57E5y7+Nb2A8AlDl0xpSxGHc2v3xsFDWwA0a5cNxg/g
n7F2G1DJd6irEi2DPstrXCIiWZfLsIHVpHc1NDyDjRuVkaKM7fLZ8Hy/MYdBWrza
XBGrPo4TD7DMvBk1xiUD4wA41ylH8WaJs+UT/j5/aC8d
-----END CERTIFICATE-----
Generated at Fri Mar 13 10:32:20 2026 by rpki-client