Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/3138352e3136392e3132312e302f32342d3234203d3e20323033303934.roa
File: 3138352e3136392e3132312e302f32342d3234203d3e20323033303934.roa (raw, json)
Hash identifier: dGUkrY1yuCt2C9PQZnbsPkrNHLFHKnw12z7OeDp7cCk=
Subject key identifier: BF:8F:6D:05:35:0D:F8:A3:56:BF:B0:68:A1:51:97:99:7C:5B:73:A4
Certificate issuer: /CN=4b3aca3a7c652a9faf8e4e119bd2f7bf54afde76
Certificate serial: 3EF33D268E7E749D18C6C58212DA6716BE81E4DE
Authority key identifier: 4B:3A:CA:3A:7C:65:2A:9F:AF:8E:4E:11:9B:D2:F7:BF:54:AF:DE:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/3138352e3136392e3132312e302f32342d3234203d3e20323033303934.roa
Signing time: Thu 05 Feb 2026 07:28:02 +0000
ROA not before: Thu 05 Feb 2026 07:23:02 +0000
ROA not after: Thu 04 Feb 2027 07:28:02 +0000
asID: 203094
IP address blocks: 185.169.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.crl
rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.mft
rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:f3:3d:26:8e:7e:74:9d:18:c6:c5:82:12:da:67:16:be:81:e4:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b3aca3a7c652a9faf8e4e119bd2f7bf54afde76
Validity
Not Before: Feb 5 07:23:02 2026 GMT
Not After : Feb 4 07:28:02 2027 GMT
Subject: CN=BF8F6D05350DF8A356BFB068A15197997C5B73A4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:3f:30:c6:82:b9:5d:15:75:15:3f:b8:a8:ad:
19:9d:ca:68:3e:e7:58:a4:bb:ba:4a:88:7d:ee:23:
97:dd:6c:9f:e8:f9:51:74:72:aa:35:cd:6c:31:a4:
40:8d:1f:54:05:b5:54:04:58:f2:0f:46:d8:80:de:
be:d0:e8:03:7a:41:50:5e:6f:7e:25:45:1b:93:c5:
be:a4:bf:47:59:cb:42:e0:4a:d1:df:d8:29:ff:2d:
eb:c3:2f:34:e5:b3:cc:5e:57:b2:6d:1b:4e:01:e3:
f9:f1:ac:8a:50:de:b9:75:1f:bf:05:33:4e:51:19:
27:74:60:8a:19:4d:65:12:a1:80:9b:72:c1:36:2b:
d3:e8:7b:fa:cd:d2:85:76:25:34:2b:a2:d7:a6:06:
00:76:da:0e:69:49:3c:53:30:74:78:4e:3f:ba:be:
36:ef:53:d2:82:6b:5d:ce:72:58:e2:ad:ab:b4:d5:
13:91:14:85:fe:13:d5:fc:15:2a:56:33:cb:22:f8:
db:6e:be:76:bd:5b:58:10:7a:76:47:53:f6:01:1d:
1b:44:7f:13:c5:e2:23:b1:6e:49:7b:82:2f:11:e7:
dd:2c:06:e2:fc:6b:3b:ce:ab:d3:38:5d:2c:6a:6b:
a1:f9:69:4e:f1:7d:a5:cf:b2:6a:cb:46:40:96:99:
98:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:8F:6D:05:35:0D:F8:A3:56:BF:B0:68:A1:51:97:99:7C:5B:73:A4
X509v3 Authority Key Identifier:
keyid:4B:3A:CA:3A:7C:65:2A:9F:AF:8E:4E:11:9B:D2:F7:BF:54:AF:DE:76
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/3138352e3136392e3132312e302f32342d3234203d3e20323033303934.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.169.121.0/24
Signature Algorithm: sha256WithRSAEncryption
d8:0d:fa:bb:3f:cf:b1:c9:d1:17:81:a2:74:6b:7d:99:61:b0:
7e:09:81:d6:5a:40:92:41:45:02:44:bd:0e:70:c3:da:3c:82:
d2:ca:cb:ae:0f:e3:20:da:b0:f0:18:63:45:a4:d7:c6:6e:fe:
f8:34:ec:d4:59:21:74:e2:5f:7e:47:91:e2:73:dc:5d:01:68:
43:0a:a2:b4:42:3c:a4:37:57:25:0b:96:96:6a:87:4b:0a:b8:
3d:cb:a3:b4:21:3a:18:a5:71:c8:fa:c0:d2:9a:31:68:b8:8b:
26:b1:48:d7:80:76:c7:62:fa:c1:70:4e:ec:14:5d:c1:fa:ed:
48:2b:c6:bd:05:cd:b6:18:02:54:94:38:00:20:35:7a:66:17:
d4:0c:27:c9:49:26:3a:15:0f:a3:7a:5c:fe:de:88:38:9d:ec:
7e:f0:b0:36:59:fa:be:f1:dd:68:28:ce:91:91:31:e1:3b:4c:
60:0c:46:4c:f6:4c:14:22:ab:79:0a:55:f1:e9:57:a5:2e:b3:
f5:f1:c6:d3:1f:84:33:5d:63:ae:68:e5:55:41:d5:2a:5c:d6:
da:cf:0e:c6:ca:5c:52:4d:16:f1:19:2b:4c:37:36:c6:c4:4f:
fb:1e:68:b4:6e:f1:b5:d3:9e:e1:bc:99:03:20:0c:ad:7b:46:
3c:8e:32:4c
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUPvM9Jo5+dJ0YxsWCEtpnFr6B5N4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGIzYWNhM2E3YzY1MmE5ZmFmOGU0ZTExOWJkMmY3YmY1
NGFmZGU3NjAeFw0yNjAyMDUwNzIzMDJaFw0yNzAyMDQwNzI4MDJaMDMxMTAvBgNV
BAMTKEJGOEY2RDA1MzUwREY4QTM1NkJGQjA2OEExNTE5Nzk5N0M1QjczQTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcPzDGgrldFXUVP7iorRmdymg+
51iku7pKiH3uI5fdbJ/o+VF0cqo1zWwxpECNH1QFtVQEWPIPRtiA3r7Q6AN6QVBe
b34lRRuTxb6kv0dZy0LgStHf2Cn/LevDLzTls8xeV7JtG04B4/nxrIpQ3rl1H78F
M05RGSd0YIoZTWUSoYCbcsE2K9Poe/rN0oV2JTQrotemBgB22g5pSTxTMHR4Tj+6
vjbvU9KCa13Ocljirau01RORFIX+E9X8FSpWM8si+Ntuvna9W1gQenZHU/YBHRtE
fxPF4iOxbkl7gi8R590sBuL8azvOq9M4XSxqa6H5aU7xfaXPsmrLRkCWmZjfAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUv49tBTUN+KNWv7BooVGXmXxbc6QwHwYDVR0j
BBgwFoAUSzrKOnxlKp+vjk4Rm9L3v1Sv3nYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGQ4NTRjNzctZmQ4Yi00MjVhLWJkNTUtODJlMWQ3ZmFh
NzgyLzAvNEIzQUNBM0E3QzY1MkE5RkFGOEU0RTExOUJEMkY3QkY1NEFGREU3Ni5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1N6cktPbnhsS3AtdmprNFJtOUwzdjFT
djNuWS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGQ4NTRjNzct
ZmQ4Yi00MjVhLWJkNTUtODJlMWQ3ZmFhNzgyLzAvMzEzODM1MmUzMTM2MzkyZTMx
MzIzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMzMwMzkzNC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALmpeTANBgkqhkiG9w0BAQsFAAOCAQEA2A36uz/PscnRF4GidGt9mWGwfgmB
1lpAkkFFAkS9DnDD2jyC0srLrg/jINqw8BhjRaTXxm7++DTs1FkhdOJffkeR4nPc
XQFoQwqitEI8pDdXJQuWlmqHSwq4PcujtCE6GKVxyPrA0poxaLiLJrFI14B2x2L6
wXBO7BRdwfrtSCvGvQXNthgCVJQ4ACA1emYX1AwnyUkmOhUPo3pc/t6IOJ3sfvCw
Nln6vvHdaCjOkZEx4TtMYAxGTPZMFCKreQpV8elXpS6z9fHG0x+EM11jrmjlVUHV
KlzW2s8OxspcUk0W8RkrTDc2xsRP+x5otG7xtdOe4byZAyAMrXtGPI4yTA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:30:53 2026 by rpki-client