Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135322e302f32322d3232203d3e203135343139.roa
File: 3138352e3134392e3135322e302f32322d3232203d3e203135343139.roa (raw, json)
Hash identifier: euJ5l1svQV4yeF07rYfON9i9pW05MgdKcVAsQcZCZgs=
Subject key identifier: A2:6A:D0:5F:78:1F:62:0D:44:C3:67:5A:D5:AA:04:0E:F5:9D:F3:ED
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 7532ABDE792B44DAD7643CB33CBFACB1377ED8F0
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135322e302f32322d3232203d3e203135343139.roa
Signing time: Fri 10 Apr 2026 10:11:00 +0000
ROA not before: Fri 10 Apr 2026 10:06:00 +0000
ROA not after: Fri 09 Apr 2027 10:11:00 +0000
asID: 15419
IP address blocks: 185.149.152.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 19:16:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:32:ab:de:79:2b:44:da:d7:64:3c:b3:3c:bf:ac:b1:37:7e:d8:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Apr 10 10:06:00 2026 GMT
Not After : Apr 9 10:11:00 2027 GMT
Subject: CN=A26AD05F781F620D44C3675AD5AA040EF59DF3ED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b7:52:f9:7b:a6:0d:65:7d:24:b8:19:bf:55:
ce:62:2a:56:1f:eb:0c:ca:fa:a4:57:d7:84:e9:10:
7f:d5:64:b1:e1:f1:9f:83:46:21:6b:6f:62:18:c5:
38:10:f7:e5:31:c0:0e:69:09:08:2a:bc:ad:c0:7c:
07:5c:94:18:0e:4f:d3:f2:2d:2d:95:c8:d0:db:82:
04:10:b3:8d:3b:2e:10:e1:19:6d:fe:0d:8e:e3:27:
61:96:3f:d4:24:8e:54:6a:2c:d2:31:84:6e:c3:18:
c9:92:9f:6e:b3:a4:11:29:53:5d:4a:88:0d:fb:c8:
f9:6c:e9:27:50:45:35:29:b8:c2:99:5f:24:08:f5:
e6:30:af:94:54:85:f5:67:d1:1b:68:ab:6e:8b:dd:
a2:60:44:80:3e:5a:a5:5b:45:7a:12:74:cd:ff:e9:
fa:52:25:23:18:f1:35:92:65:09:0e:04:73:a8:3a:
f1:db:29:ce:66:50:56:d2:99:97:d2:a6:86:52:16:
0e:b0:d2:ba:cb:22:74:ac:ec:fe:07:dc:eb:1a:26:
7e:46:d2:32:82:64:e2:77:fe:5f:fd:95:86:c4:ad:
48:e2:df:0f:26:e1:d3:ee:36:a9:2d:a0:34:20:86:
61:4b:80:47:40:4a:22:52:bb:75:60:c2:1a:3f:3c:
27:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:6A:D0:5F:78:1F:62:0D:44:C3:67:5A:D5:AA:04:0E:F5:9D:F3:ED
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135322e302f32322d3232203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.152.0/22
Signature Algorithm: sha256WithRSAEncryption
17:d4:a1:cd:2f:a4:8c:c5:10:38:7a:b7:43:aa:3c:af:8b:ec:
76:e3:17:f9:39:e7:7f:d7:a1:bf:63:b7:aa:8c:5d:37:ae:db:
3f:88:27:ad:43:98:61:b8:5d:d3:20:08:d1:94:31:81:01:2a:
a1:ba:89:7b:d8:7e:98:5e:ca:37:bd:d2:3b:d8:51:8d:f8:af:
a8:b6:2e:11:cd:ef:46:3e:b6:9f:10:a5:6a:11:c7:5c:99:40:
52:87:d4:a0:82:0e:8b:62:03:28:53:70:b5:7d:cb:8c:0c:a0:
d5:f5:c5:27:ca:b7:65:65:14:61:2e:a3:ed:62:e3:df:a6:1b:
b3:94:da:dc:84:86:e2:99:e9:ba:61:bb:6c:e6:f3:2e:42:23:
08:ea:70:0d:4d:7b:54:42:e7:c6:80:1b:45:07:0c:08:9c:b5:
be:81:09:99:a0:a1:b0:ff:c2:69:7f:49:58:f1:47:8e:a7:df:
b7:92:1c:c8:7c:39:05:47:bd:c3:56:be:05:a3:9b:df:48:07:
2c:6e:12:8c:0c:82:98:85:7b:5b:06:f8:9e:20:2e:7c:fa:85:
f5:60:80:0a:7c:98:a5:c6:a5:28:b1:6d:91:01:b9:ce:65:b5:
6e:fb:53:b9:41:75:d1:93:0f:f0:51:6c:aa:37:76:67:cf:38:
50:e8:9d:a3
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUdTKr3nkrRNrXZDyzPL+ssTd+2PAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNjA0MTAxMDA2MDBaFw0yNzA0MDkxMDExMDBaMDMxMTAvBgNV
BAMTKEEyNkFEMDVGNzgxRjYyMEQ0NEMzNjc1QUQ1QUEwNDBFRjU5REYzRUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbt1L5e6YNZX0kuBm/Vc5iKlYf
6wzK+qRX14TpEH/VZLHh8Z+DRiFrb2IYxTgQ9+UxwA5pCQgqvK3AfAdclBgOT9Py
LS2VyNDbggQQs407LhDhGW3+DY7jJ2GWP9QkjlRqLNIxhG7DGMmSn26zpBEpU11K
iA37yPls6SdQRTUpuMKZXyQI9eYwr5RUhfVn0Rtoq26L3aJgRIA+WqVbRXoSdM3/
6fpSJSMY8TWSZQkOBHOoOvHbKc5mUFbSmZfSpoZSFg6w0rrLInSs7P4H3OsaJn5G
0jKCZOJ3/l/9lYbErUji3w8m4dPuNqktoDQghmFLgEdASiJSu3Vgwho/PCejAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUomrQX3gfYg1Ew2da1aoEDvWd8+0wHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzEzODM1MmUzMTM0MzkyZTMx
MzUzMjJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDMxMzUzNDMxMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAK5lZgwDQYJKoZIhvcNAQELBQADggEBABfUoc0vpIzFEDh6t0OqPK+L7HbjF/k5
53/Xob9jt6qMXTeu2z+IJ61DmGG4XdMgCNGUMYEBKqG6iXvYfpheyje90jvYUY34
r6i2LhHN70Y+tp8QpWoRx1yZQFKH1KCCDotiAyhTcLV9y4wMoNX1xSfKt2VlFGEu
o+1i49+mG7OU2tyEhuKZ6bphu2zm8y5CIwjqcA1Ne1RC58aAG0UHDAictb6BCZmg
obD/wml/SVjxR46n37eSHMh8OQVHvcNWvgWjm99IByxuEowMgpiFe1sG+J4gLnz6
hfVggAp8mKXGpSixbZEBuc5ltW77U7lBddGTD/BRbKo3dmfPOFDonaM=
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:21:49 2026 by rpki-client