Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e3233342e3130302e302f32342d3234203d3e203335363631.roa
File: 3138352e3233342e3130302e302f32342d3234203d3e203335363631.roa (raw, json)
Hash identifier: etX7ciNZNs5174vWdmDtkQTBFeC2wxz0cAkyidyNAqI=
Subject key identifier: 79:1C:1F:CC:BE:B4:AE:13:6C:B0:4B:BE:FD:A9:EE:F5:A9:64:51:72
Certificate issuer: /CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Certificate serial: 20F7C95653DD41E4C8C52D121D6803DEEF407ABE
Authority key identifier: E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e3233342e3130302e302f32342d3234203d3e203335363631.roa
Signing time: Sun 17 May 2026 18:47:14 +0000
ROA not before: Sun 17 May 2026 18:42:14 +0000
ROA not after: Sun 16 May 2027 18:47:14 +0000
asID: 35661
IP address blocks: 185.234.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.mft
rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 11:38:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:f7:c9:56:53:dd:41:e4:c8:c5:2d:12:1d:68:03:de:ef:40:7a:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Validity
Not Before: May 17 18:42:14 2026 GMT
Not After : May 16 18:47:14 2027 GMT
Subject: CN=791C1FCCBEB4AE136CB04BBEFDA9EEF5A9645172
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:8a:9d:20:d6:67:b2:34:54:cc:ef:a0:08:8e:
6e:93:31:e2:f6:2e:b9:f8:6f:d1:c8:9e:1c:c6:c3:
b8:bf:19:10:0b:37:24:cb:61:c0:a9:bb:9f:ce:ec:
08:49:22:94:9e:10:4f:4a:82:36:1a:a7:8d:a9:a3:
9d:d6:a4:4e:7e:92:a5:aa:81:08:9f:79:1e:28:e6:
b4:05:7d:9c:89:84:b7:25:4a:20:12:1a:09:03:d7:
66:99:9f:23:1a:6f:7d:fc:f9:aa:9f:5b:07:c8:fc:
c0:1a:d2:9d:55:f8:2a:9d:7b:c5:ca:22:91:a3:ab:
5a:3a:09:2d:5e:54:0b:8f:6d:3c:5b:a3:e9:8f:0b:
50:42:57:6d:99:20:18:62:8f:2f:50:50:1c:c3:57:
9e:b8:6f:0b:b3:6d:b9:ae:1e:03:cb:7d:c5:b8:69:
20:3f:c3:f4:d5:94:0f:f2:8b:29:33:62:95:a7:df:
5c:fb:2e:27:db:1a:09:66:bb:3b:f7:d4:b7:be:49:
dc:75:09:f3:21:0b:3e:a2:b6:72:c8:7e:a2:86:fe:
cb:2f:96:e8:e4:74:7d:61:cc:76:22:77:4a:de:36:
1c:35:d5:c5:1e:2d:19:9c:22:e4:54:35:d3:6b:27:
78:7f:1a:d9:1a:1a:bc:2e:87:7f:4b:d2:67:e2:bb:
2e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:1C:1F:CC:BE:B4:AE:13:6C:B0:4B:BE:FD:A9:EE:F5:A9:64:51:72
X509v3 Authority Key Identifier:
keyid:E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e3233342e3130302e302f32342d3234203d3e203335363631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.100.0/24
Signature Algorithm: sha256WithRSAEncryption
63:8b:25:e5:47:95:cd:4a:16:40:83:4f:99:bd:96:57:fb:71:
c2:d8:8c:86:5f:cd:d2:6e:d2:b3:43:7d:b0:0b:2a:65:23:b1:
9d:fa:72:6c:02:ec:4e:91:d5:44:e3:be:1a:74:8a:f1:fa:7f:
d7:b9:f5:1a:c8:38:11:41:ff:63:9d:4e:0b:d4:68:97:6f:b1:
ad:31:4d:84:25:0f:5b:61:26:b6:97:c6:58:66:9e:72:cd:60:
23:1d:b7:76:be:ed:6c:81:28:50:17:28:3c:f1:ab:4c:02:15:
b9:e8:27:df:8b:e1:76:05:4d:3e:22:5f:93:63:be:ce:f9:33:
f1:fb:1a:75:39:cd:83:11:0f:6b:2d:28:c6:15:d7:6a:49:79:
5d:f1:07:f8:37:85:2b:f0:09:f3:df:ce:20:06:75:65:04:19:
aa:32:a6:81:70:b3:64:93:ed:a0:75:33:1b:f9:e1:91:3c:9d:
72:89:fa:a4:65:a2:32:77:62:bc:09:b5:75:bb:e0:ad:f7:c5:
ee:72:af:b1:aa:79:3f:e1:c2:8f:f2:f1:d9:73:de:79:6c:7f:
95:75:e9:1c:46:62:ca:c3:2b:42:8f:f6:71:d2:e4:3b:0c:2b:
67:ad:3d:f4:ad:57:e6:81:c0:d1:5b:f3:2a:e4:d1:8e:0b:4e:
05:f8:2e:b5
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUIPfJVlPdQeTIxS0SHWgD3u9Aer4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTFmMzUxMmY1MWRjNDJiYjllYjEyYWJjMGJiNTI5NjY4
YjJlZGVlNDAeFw0yNjA1MTcxODQyMTRaFw0yNzA1MTYxODQ3MTRaMDMxMTAvBgNV
BAMTKDc5MUMxRkNDQkVCNEFFMTM2Q0IwNEJCRUZEQTlFRUY1QTk2NDUxNzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkip0g1meyNFTM76AIjm6TMeL2
Lrn4b9HInhzGw7i/GRALNyTLYcCpu5/O7AhJIpSeEE9KgjYap42po53WpE5+kqWq
gQifeR4o5rQFfZyJhLclSiASGgkD12aZnyMab338+aqfWwfI/MAa0p1V+Cqde8XK
IpGjq1o6CS1eVAuPbTxbo+mPC1BCV22ZIBhijy9QUBzDV564bwuzbbmuHgPLfcW4
aSA/w/TVlA/yiykzYpWn31z7LifbGglmuzv31Le+Sdx1CfMhCz6itnLIfqKG/ssv
lujkdH1hzHYid0reNhw11cUeLRmcIuRUNdNrJ3h/GtkaGrwuh39L0mfiuy5bAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUeRwfzL60rhNssEu+/anu9alkUXIwHwYDVR0j
BBgwFoAU4fNRL1HcQruesSq8C7UpZosu3uQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgtZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3
OWE3LzAvRTFGMzUxMkY1MURDNDJCQjlFQjEyQUJDMEJCNTI5NjY4QjJFREVFNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRmTlJMMUhjUXJ1ZXNTcThDN1VwWm9z
dTN1US5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgt
ZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3OWE3LzAvMzEzODM1MmUzMjMzMzQyZTMx
MzAzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzUzNjM2MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC56mQwDQYJKoZIhvcNAQELBQADggEBAGOLJeVHlc1KFkCDT5m9llf7ccLYjIZf
zdJu0rNDfbALKmUjsZ36cmwC7E6R1UTjvhp0ivH6f9e59RrIOBFB/2OdTgvUaJdv
sa0xTYQlD1thJraXxlhmnnLNYCMdt3a+7WyBKFAXKDzxq0wCFbnoJ9+L4XYFTT4i
X5Njvs75M/H7GnU5zYMRD2stKMYV12pJeV3xB/g3hSvwCfPfziAGdWUEGaoypoFw
s2ST7aB1Mxv54ZE8nXKJ+qRlojJ3YrwJtXW74K33xe5yr7GqeT/hwo/y8dlz3nls
f5V16RxGYsrDK0KP9nHS5DsMK2etPfStV+aBwNFb8yrk0Y4LTgX4LrU=
-----END CERTIFICATE-----
Generated at Thu Jun 11 21:51:50 2026 by rpki-client