Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135332e302f32342d3234203d3e203135343430.roa
File: 3138352e3134392e3135332e302f32342d3234203d3e203135343430.roa (raw, json)
Hash identifier: 6vwMaK76XK6X/pz6kTht3dh5BVylEQSRFW6TtRdFjeM=
Subject key identifier: 44:E2:D7:29:F4:2D:92:E6:D0:EA:63:71:59:83:CC:7C:61:41:5D:C0
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 74BD27D04D26EB8027BDC0F8A42CFC407491B220
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135332e302f32342d3234203d3e203135343430.roa
Signing time: Fri 10 Apr 2026 10:10:58 +0000
ROA not before: Fri 10 Apr 2026 10:05:58 +0000
ROA not after: Fri 09 Apr 2027 10:10:58 +0000
asID: 15440
IP address blocks: 185.149.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 12:16:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:bd:27:d0:4d:26:eb:80:27:bd:c0:f8:a4:2c:fc:40:74:91:b2:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Apr 10 10:05:58 2026 GMT
Not After : Apr 9 10:10:58 2027 GMT
Subject: CN=44E2D729F42D92E6D0EA63715983CC7C61415DC0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e3:ab:c3:82:31:b7:c9:70:dc:f8:5a:70:0d:
d1:9a:64:cf:46:9c:22:c6:99:2d:9b:ee:84:49:b6:
e2:16:03:66:d5:d9:d8:56:48:77:2d:50:0a:b3:2c:
16:12:10:54:27:43:87:45:73:46:c8:af:1b:90:8e:
ff:2d:d2:e1:23:28:88:be:fa:d0:03:0b:dc:49:76:
cf:f7:8a:f2:4b:0d:ba:31:7f:9f:a7:e0:c9:7b:fb:
84:a5:8f:4c:58:b9:c8:ab:4a:69:7a:1f:0f:2b:d7:
4c:3e:69:22:2d:2b:50:80:24:de:a1:39:d3:43:04:
51:ae:1c:57:74:2c:68:36:aa:77:a1:a6:89:e8:d3:
ed:3b:a7:3f:c6:16:c7:1b:d7:df:be:b5:1e:f3:de:
28:6c:a8:3b:80:26:bd:15:54:55:db:0e:a6:bd:b9:
a0:fc:a1:8f:a4:ac:d1:ab:70:80:1c:4d:50:c3:fe:
3b:d6:1e:86:4a:46:f0:6d:aa:ba:69:d5:30:d4:01:
94:e5:c7:ec:6b:2c:68:5c:d6:d0:45:b1:e4:d7:7a:
2b:1d:05:d8:1f:04:19:ee:57:41:86:e0:be:53:8a:
61:0b:6d:46:71:c8:1f:93:a6:b0:90:81:32:c3:89:
92:f9:ed:ff:49:5d:64:af:06:48:1e:d2:78:48:b8:
66:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:E2:D7:29:F4:2D:92:E6:D0:EA:63:71:59:83:CC:7C:61:41:5D:C0
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/3138352e3134392e3135332e302f32342d3234203d3e203135343430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.153.0/24
Signature Algorithm: sha256WithRSAEncryption
41:52:36:8f:b9:00:5a:f0:00:e7:fc:87:c3:5d:83:7b:00:4d:
50:f2:81:a7:23:72:5e:4a:88:12:f5:aa:4d:99:bc:4b:f9:f4:
da:17:49:87:e3:c6:1c:6f:92:5b:e7:b9:95:1a:5a:8d:6b:d8:
75:59:d7:73:47:5e:16:5e:d8:10:bc:be:39:ea:44:dd:e7:4f:
96:38:73:09:f0:d7:57:24:a3:84:c0:2e:b8:d0:90:9a:2c:22:
0c:53:0e:2f:df:a2:10:d4:d0:72:78:04:cc:f8:f8:a4:c7:2a:
e9:c9:89:70:f6:11:c5:06:48:2e:99:55:65:26:72:2b:42:52:
c9:0c:f6:66:a7:3d:34:c7:20:d9:81:fd:11:1f:76:2f:02:3c:
69:74:94:d6:d6:2f:8f:30:f9:21:71:97:77:11:61:ab:c1:50:
47:6f:c2:8b:03:58:47:f1:e9:02:2c:aa:dd:9b:58:47:e6:22:
74:3b:e3:30:66:ef:f9:a0:e2:74:01:ce:91:ef:d7:ad:d1:63:
14:d2:4f:c7:17:7d:45:ff:6c:5b:5b:79:23:4a:3e:41:8a:43:
65:17:8e:88:35:78:2e:4c:28:a6:68:58:f9:b0:1a:33:6c:eb:
82:4b:c5:50:23:cf:9f:7d:e1:14:6f:93:a3:a4:a9:2e:32:0a:
5a:70:e0:e7
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUdL0n0E0m64AnvcD4pCz8QHSRsiAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNjA0MTAxMDA1NThaFw0yNzA0MDkxMDEwNThaMDMxMTAvBgNV
BAMTKDQ0RTJENzI5RjQyRDkyRTZEMEVBNjM3MTU5ODNDQzdDNjE0MTVEQzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCR46vDgjG3yXDc+FpwDdGaZM9G
nCLGmS2b7oRJtuIWA2bV2dhWSHctUAqzLBYSEFQnQ4dFc0bIrxuQjv8t0uEjKIi+
+tADC9xJds/3ivJLDboxf5+n4Ml7+4Slj0xYucirSml6Hw8r10w+aSItK1CAJN6h
OdNDBFGuHFd0LGg2qnehpono0+07pz/GFscb19++tR7z3ihsqDuAJr0VVFXbDqa9
uaD8oY+krNGrcIAcTVDD/jvWHoZKRvBtqrpp1TDUAZTlx+xrLGhc1tBFseTXeisd
BdgfBBnuV0GG4L5TimELbUZxyB+TprCQgTLDiZL57f9JXWSvBkge0nhIuGZNAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUROLXKfQtkubQ6mNxWYPMfGFBXcAwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzEzODM1MmUzMTM0MzkyZTMx
MzUzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzUzNDM0MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5lZkwDQYJKoZIhvcNAQELBQADggEBAEFSNo+5AFrwAOf8h8Ndg3sATVDygacj
cl5KiBL1qk2ZvEv59NoXSYfjxhxvklvnuZUaWo1r2HVZ13NHXhZe2BC8vjnqRN3n
T5Y4cwnw11cko4TALrjQkJosIgxTDi/fohDU0HJ4BMz4+KTHKunJiXD2EcUGSC6Z
VWUmcitCUskM9manPTTHINmB/REfdi8CPGl0lNbWL48w+SFxl3cRYavBUEdvwosD
WEfx6QIsqt2bWEfmInQ74zBm7/mg4nQBzpHv163RYxTST8cXfUX/bFtbeSNKPkGK
Q2UXjog1eC5MKKZoWPmwGjNs64JLxVAjz5994RRvk6OkqS4yClpw4Oc=
-----END CERTIFICATE-----
Generated at Fri Apr 17 22:44:44 2026 by rpki-client