Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/3138352e38362e3233302e302f32332d3234203d3e20313939333836.roa
File: 3138352e38362e3233302e302f32332d3234203d3e20313939333836.roa (raw, json)
Hash identifier: 4/Wg/Wv+0MqqSlTzZynEYNnNiEm45HyZ5/38rf4ZKL8=
Subject key identifier: 7D:F2:D0:2C:4D:46:74:AC:83:06:2F:BE:D9:3D:2A:9F:D9:A4:F5:9C
Certificate issuer: /CN=fac4708d7e265db1044f9bb0ee8728587f48b484
Certificate serial: 7D7818A1339A194675B204691C2BC47104E13FB7
Authority key identifier: FA:C4:70:8D:7E:26:5D:B1:04:4F:9B:B0:EE:87:28:58:7F:48:B4:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/3138352e38362e3233302e302f32332d3234203d3e20313939333836.roa
Signing time: Thu 09 Apr 2026 01:29:28 +0000
ROA not before: Thu 09 Apr 2026 01:24:28 +0000
ROA not after: Thu 08 Apr 2027 01:29:28 +0000
asID: 199386
IP address blocks: 185.86.230.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.crl
rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 05:59:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:78:18:a1:33:9a:19:46:75:b2:04:69:1c:2b:c4:71:04:e1:3f:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fac4708d7e265db1044f9bb0ee8728587f48b484
Validity
Not Before: Apr 9 01:24:28 2026 GMT
Not After : Apr 8 01:29:28 2027 GMT
Subject: CN=7DF2D02C4D4674AC83062FBED93D2A9FD9A4F59C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:33:54:b5:24:be:17:78:b6:0a:60:f5:5f:95:
0d:90:de:aa:e2:58:3a:66:ee:20:d3:36:99:7e:10:
c5:33:49:d5:66:26:07:23:26:1c:8c:fd:71:28:d1:
ed:3a:39:33:b6:a1:5e:c0:66:1b:4c:ff:95:d2:df:
06:bd:0f:20:dd:ef:24:13:70:1d:7c:71:58:aa:4c:
0c:72:73:b6:88:ca:a4:a1:e6:53:74:fc:59:5d:e6:
36:42:f4:bb:c4:13:19:91:86:b5:0a:b0:80:2d:61:
a7:3e:89:4d:9f:b9:26:cb:05:55:b8:28:e1:63:f4:
62:43:7d:77:f1:9b:bf:5f:bc:02:3a:05:36:f2:10:
0e:ff:d7:6d:df:45:21:bc:5e:65:72:d4:be:68:0e:
95:40:50:0a:df:96:e3:dc:e2:3a:20:41:46:8e:47:
22:4c:b7:19:0d:a5:5d:dd:df:83:ed:90:b6:ce:39:
19:f1:e6:88:f5:2b:5e:fe:aa:21:91:49:39:f7:4b:
bb:3a:88:78:28:a4:e6:cd:72:21:80:0b:23:12:83:
c7:cb:57:a6:6e:a9:f7:14:4b:96:5c:19:11:31:b8:
f5:af:39:b1:ce:a9:e5:36:25:db:4c:f7:c1:9f:57:
9d:d5:8d:0f:58:af:c5:be:f7:0b:fd:8a:12:a9:b2:
41:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:F2:D0:2C:4D:46:74:AC:83:06:2F:BE:D9:3D:2A:9F:D9:A4:F5:9C
X509v3 Authority Key Identifier:
keyid:FA:C4:70:8D:7E:26:5D:B1:04:4F:9B:B0:EE:87:28:58:7F:48:B4:84
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/FAC4708D7E265DB1044F9BB0EE8728587F48B484.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sRwjX4mXbEET5uw7ocoWH9ItIQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/5b58e646-e7a2-465c-87c5-43c359ad9369/0/3138352e38362e3233302e302f32332d3234203d3e20313939333836.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.230.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:b1:1c:ce:ea:9f:55:2a:d6:06:27:14:1b:1f:a9:c4:63:d8:
e5:f9:7a:cf:96:5e:a6:77:78:98:ab:d8:54:f0:e3:a9:d9:8b:
99:15:df:e1:d1:1b:74:a9:b1:0c:71:42:2b:99:a6:21:55:d2:
75:dc:09:73:ac:1e:ca:d3:40:70:2f:16:8c:e6:a5:38:83:f7:
29:07:fb:ab:63:7f:33:4e:1d:2d:1d:77:9e:84:3a:ed:e2:2d:
ff:7a:52:c8:77:77:fc:43:8e:88:1a:c4:4c:61:5c:8d:0a:41:
e1:59:00:7d:17:34:da:e7:e1:eb:e7:8a:31:17:4b:70:29:27:
1b:97:56:c7:66:12:fa:66:71:ab:fd:e9:81:af:af:ca:da:6f:
32:ba:5e:7e:38:10:d2:cc:9d:65:da:f3:8e:ea:51:f9:2b:e8:
ad:5a:af:3f:5f:3d:7e:5b:e8:cd:ba:d3:02:a1:ea:19:44:a3:
ce:3c:24:68:56:61:01:2f:93:b7:59:86:44:2a:9a:ef:c1:db:
d1:13:f7:e4:9f:13:50:72:6c:26:df:39:26:2d:b7:4d:99:9d:
90:52:56:12:32:52:b8:b9:0e:1a:4a:42:db:ce:35:59:d6:6f:
8a:56:ed:d2:b3:e2:31:b3:58:09:da:b3:26:2c:8c:48:c7:ae:
27:9c:59:07
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUfXgYoTOaGUZ1sgRpHCvEcQThP7cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmFjNDcwOGQ3ZTI2NWRiMTA0NGY5YmIwZWU4NzI4NTg3
ZjQ4YjQ4NDAeFw0yNjA0MDkwMTI0MjhaFw0yNzA0MDgwMTI5MjhaMDMxMTAvBgNV
BAMTKDdERjJEMDJDNEQ0Njc0QUM4MzA2MkZCRUQ5M0QyQTlGRDlBNEY1OUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfM1S1JL4XeLYKYPVflQ2Q3qri
WDpm7iDTNpl+EMUzSdVmJgcjJhyM/XEo0e06OTO2oV7AZhtM/5XS3wa9DyDd7yQT
cB18cViqTAxyc7aIyqSh5lN0/Fld5jZC9LvEExmRhrUKsIAtYac+iU2fuSbLBVW4
KOFj9GJDfXfxm79fvAI6BTbyEA7/123fRSG8XmVy1L5oDpVAUArfluPc4jogQUaO
RyJMtxkNpV3d34PtkLbOORnx5oj1K17+qiGRSTn3S7s6iHgopObNciGACyMSg8fL
V6ZuqfcUS5ZcGRExuPWvObHOqeU2JdtM98GfV53VjQ9Yr8W+9wv9ihKpskF1AgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUffLQLE1GdKyDBi++2T0qn9mk9ZwwHwYDVR0j
BBgwFoAU+sRwjX4mXbEET5uw7ocoWH9ItIQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNWI1OGU2NDYtZTdhMi00NjVjLTg3YzUtNDNjMzU5YWQ5
MzY5LzAvRkFDNDcwOEQ3RTI2NURCMTA0NEY5QkIwRUU4NzI4NTg3RjQ4QjQ4NC5j
cmwwZQYIKwYBBQUHAQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEtc1J3alg0bVhiRUVUNXV3N29jb1dI
OUl0SVEuY2VyMIGvBggrBgEFBQcBCwSBojCBnzCBnAYIKwYBBQUHMAuGgY9yc3lu
YzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzViNThlNjQ2
LWU3YTItNDY1Yy04N2M1LTQzYzM1OWFkOTM2OS8wLzMxMzgzNTJlMzgzNjJlMzIz
MzMwMmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzEzOTM5MzMzODM2LnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQBuVbmMA0GCSqGSIb3DQEBCwUAA4IBAQBdsRzO6p9VKtYGJxQbH6nEY9jl+XrP
ll6md3iYq9hU8OOp2YuZFd/h0Rt0qbEMcUIrmaYhVdJ13AlzrB7K00BwLxaM5qU4
g/cpB/urY38zTh0tHXeehDrt4i3/elLId3f8Q46IGsRMYVyNCkHhWQB9FzTa5+Hr
54oxF0twKScbl1bHZhL6ZnGr/emBr6/K2m8yul5+OBDSzJ1l2vOO6lH5K+itWq8/
Xz1+W+jNutMCoeoZRKPOPCRoVmEBL5O3WYZEKprvwdvRE/fknxNQcmwm3zkmLbdN
mZ2QUlYSMlK4uQ4aSkLbzjVZ1m+KVu3Ss+Ixs1gJ2rMmLIxIx64nnFkH
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:52:29 2026 by rpki-client