Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/3138352e3231302e3136392e302f32342d3234203d3e203537303433.roa
File: 3138352e3231302e3136392e302f32342d3234203d3e203537303433.roa (raw, json)
Hash identifier: 7z9K9FbgeMuXCaln/1hsSe4DLUK7TEmfgfG1Y1Dfr7g=
Subject key identifier: AE:97:BF:4B:37:13:D5:84:41:06:9B:3E:ED:BC:87:3B:24:F3:A0:BA
Certificate issuer: /CN=22bfd4e021547d030ac10b0213535d4c6968eede
Certificate serial: 06C9D97FD71ADEF91681F3FE4F4ABDC10423B7AA
Authority key identifier: 22:BF:D4:E0:21:54:7D:03:0A:C1:0B:02:13:53:5D:4C:69:68:EE:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/3138352e3231302e3136392e302f32342d3234203d3e203537303433.roa
Signing time: Thu 02 Apr 2026 00:42:43 +0000
ROA not before: Thu 02 Apr 2026 00:37:43 +0000
ROA not after: Thu 01 Apr 2027 00:42:43 +0000
asID: 57043
IP address blocks: 185.210.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.crl
rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 03:34:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:c9:d9:7f:d7:1a:de:f9:16:81:f3:fe:4f:4a:bd:c1:04:23:b7:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22bfd4e021547d030ac10b0213535d4c6968eede
Validity
Not Before: Apr 2 00:37:43 2026 GMT
Not After : Apr 1 00:42:43 2027 GMT
Subject: CN=AE97BF4B3713D58441069B3EEDBC873B24F3A0BA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ed:b8:c5:02:b0:62:55:9c:b2:fb:e3:07:46:
66:b0:f1:43:ee:2d:eb:61:d0:78:e6:74:c5:a7:3b:
91:16:4d:97:47:e9:a7:ac:82:3b:b3:0d:66:9d:67:
4a:47:28:c4:c9:22:ee:a2:3e:98:55:ec:59:92:ac:
6c:61:8b:1c:d0:ff:8d:08:3b:7f:cd:01:6b:96:c2:
d7:07:4c:d9:aa:f0:18:35:d4:b3:65:9c:7b:43:5c:
72:4f:6a:e0:d3:63:bc:5a:4d:c7:e3:bf:c3:7f:9b:
14:36:8f:95:52:ff:18:3f:e1:ee:17:bb:c4:4e:70:
d4:47:6e:e8:04:36:1e:fe:96:ac:61:85:24:36:48:
23:e5:e6:15:d4:91:bc:2f:49:c7:01:33:3e:30:08:
22:c7:a5:ce:21:0d:da:66:1d:f8:8f:07:31:7d:2b:
14:de:3f:d7:4d:88:89:9d:2c:be:3f:50:d1:bf:d9:
8a:07:26:fe:f3:5f:ed:aa:e7:59:bd:b2:03:d9:d0:
de:26:83:12:36:bd:44:2e:12:f9:ad:88:78:d1:30:
81:d8:5e:21:e3:05:36:a3:74:29:23:84:cd:46:ac:
1b:33:8e:0e:e9:5d:c6:94:72:89:1f:91:f0:db:98:
3f:5a:d3:a9:27:2a:da:bf:89:ce:19:8b:72:20:49:
05:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:97:BF:4B:37:13:D5:84:41:06:9B:3E:ED:BC:87:3B:24:F3:A0:BA
X509v3 Authority Key Identifier:
keyid:22:BF:D4:E0:21:54:7D:03:0A:C1:0B:02:13:53:5D:4C:69:68:EE:DE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/3138352e3231302e3136392e302f32342d3234203d3e203537303433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.169.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:50:b6:91:03:e2:7b:21:64:86:dd:b2:51:06:18:00:1e:09:
fe:e8:2d:b0:08:a3:8f:53:fd:08:b2:89:02:a0:6d:0a:04:6e:
3f:a2:73:10:7b:38:6f:18:ac:f2:87:ba:9a:a4:d6:b8:0a:4b:
bc:ac:b4:e4:9e:7f:e0:e8:52:d2:d2:8a:5d:12:b8:b6:15:0e:
89:16:a5:45:d8:77:7c:bb:0a:e8:f1:81:9b:ab:48:c8:0e:13:
85:1c:01:48:18:5c:5c:25:c2:cd:3c:6a:e8:9a:b7:60:e2:3f:
43:f1:29:e3:ae:38:3c:9d:cc:80:03:1b:21:6f:d3:f3:3e:e3:
91:4f:ff:53:ad:91:70:a2:77:f9:0c:23:6c:c7:1c:54:50:66:
23:c0:ce:4f:3f:99:f2:f4:3f:c5:3b:2f:15:fd:54:2e:d1:39:
16:3f:e9:34:1b:9e:0d:01:e0:b3:b9:d9:b4:06:94:12:95:6a:
b0:e4:2a:bd:01:dc:db:de:5d:a0:7e:a7:43:6b:e3:06:49:d9:
90:f4:1a:33:0d:22:8d:b9:87:4d:72:c6:7e:94:da:0a:cd:d9:
6b:6a:18:bd:3f:99:df:1e:fe:bb:dd:61:92:1c:cb:9b:1d:47:
46:b8:59:46:ec:41:80:ab:cb:61:86:97:45:03:de:7d:93:8b:
04:62:25:b9
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUBsnZf9ca3vkWgfP+T0q9wQQjt6owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjJiZmQ0ZTAyMTU0N2QwMzBhYzEwYjAyMTM1MzVkNGM2
OTY4ZWVkZTAeFw0yNjA0MDIwMDM3NDNaFw0yNzA0MDEwMDQyNDNaMDMxMTAvBgNV
BAMTKEFFOTdCRjRCMzcxM0Q1ODQ0MTA2OUIzRUVEQkM4NzNCMjRGM0EwQkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCr7bjFArBiVZyy++MHRmaw8UPu
Leth0HjmdMWnO5EWTZdH6aesgjuzDWadZ0pHKMTJIu6iPphV7FmSrGxhixzQ/40I
O3/NAWuWwtcHTNmq8Bg11LNlnHtDXHJPauDTY7xaTcfjv8N/mxQ2j5VS/xg/4e4X
u8ROcNRHbugENh7+lqxhhSQ2SCPl5hXUkbwvSccBMz4wCCLHpc4hDdpmHfiPBzF9
KxTeP9dNiImdLL4/UNG/2YoHJv7zX+2q51m9sgPZ0N4mgxI2vUQuEvmtiHjRMIHY
XiHjBTajdCkjhM1GrBszjg7pXcaUcokfkfDbmD9a06knKtq/ic4Zi3IgSQUJAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUrpe/SzcT1YRBBps+7byHOyTzoLowHwYDVR0j
BBgwFoAUIr/U4CFUfQMKwQsCE1NdTGlo7t4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNhYWNkMTctYmY5ZC00N2RiLTg2NGQtZjljN2MyYmUx
ODNhLzAvMjJCRkQ0RTAyMTU0N0QwMzBBQzEwQjAyMTM1MzVENEM2OTY4RUVERS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lyX1U0Q0ZVZlFNS3dRc0NFMU5kVEds
bzd0NC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjNhYWNkMTct
YmY5ZC00N2RiLTg2NGQtZjljN2MyYmUxODNhLzAvMzEzODM1MmUzMjMxMzAyZTMx
MzYzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzczMDM0MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC50qkwDQYJKoZIhvcNAQELBQADggEBAKRQtpED4nshZIbdslEGGAAeCf7oLbAI
o49T/QiyiQKgbQoEbj+icxB7OG8YrPKHupqk1rgKS7ystOSef+DoUtLSil0SuLYV
DokWpUXYd3y7CujxgZurSMgOE4UcAUgYXFwlws08auiat2DiP0PxKeOuODydzIAD
GyFv0/M+45FP/1OtkXCid/kMI2zHHFRQZiPAzk8/mfL0P8U7LxX9VC7RORY/6TQb
ng0B4LO52bQGlBKVarDkKr0B3NveXaB+p0Nr4wZJ2ZD0GjMNIo25h01yxn6U2grN
2WtqGL0/md8e/rvdYZIcy5sdR0a4WUbsQYCry2GGl0UD3n2TiwRiJbk=
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:13:46 2026 by rpki-client