Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3234392e302f32342d3234203d3e20343030393039.roa
File: 3138352e3231332e3234392e302f32342d3234203d3e20343030393039.roa (raw, json)
Hash identifier: GEbFfS+LLMgocx0zl/qOrB6oO+BgTD8IsbF49GAbNus=
Subject key identifier: 8E:37:F5:B0:6C:43:B1:29:8B:CF:67:37:EF:78:9F:51:C8:99:41:98
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 4E115BBCFCB05A6B5E310A40867A1F81B98377EB
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3234392e302f32342d3234203d3e20343030393039.roa
Signing time: Sat 14 Feb 2026 07:55:38 +0000
ROA not before: Sat 14 Feb 2026 07:50:38 +0000
ROA not after: Sat 13 Feb 2027 07:55:38 +0000
asID: 400909
IP address blocks: 185.213.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 14:05:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:11:5b:bc:fc:b0:5a:6b:5e:31:0a:40:86:7a:1f:81:b9:83:77:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Feb 14 07:50:38 2026 GMT
Not After : Feb 13 07:55:38 2027 GMT
Subject: CN=8E37F5B06C43B1298BCF6737EF789F51C8994198
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:cf:8d:88:f6:04:7a:0d:c1:fa:23:b6:80:d2:
23:1a:a7:72:4d:cc:72:00:b5:30:76:36:42:8d:4b:
b8:02:5d:a0:79:fa:82:34:b8:0c:ac:94:6f:06:50:
af:a9:90:77:17:d2:cb:15:99:00:b2:96:a5:f6:89:
a9:ce:ab:c0:08:1c:77:39:39:a4:2d:c9:a0:92:9f:
b7:d9:52:1b:e3:63:c5:93:46:b0:09:10:69:bd:1d:
01:aa:05:02:4b:37:1c:4f:30:e6:38:5f:dd:2f:e5:
2e:ef:9a:f0:1e:51:c3:7f:5d:c9:cd:9f:81:64:aa:
cd:44:bc:68:42:3d:25:0b:54:17:9c:95:60:8d:99:
a8:78:48:8e:18:a2:78:7e:a3:8f:ee:dd:ad:6d:d0:
f7:9f:43:ef:9d:69:b7:b1:4d:97:30:1c:5c:e3:24:
53:0a:fd:78:25:7b:63:9c:a8:41:26:f1:8d:80:d2:
97:f7:c0:66:de:ab:65:43:70:b3:55:cf:72:84:96:
49:5d:a9:c8:51:81:ec:7a:e7:c4:fd:03:5e:48:75:
50:fe:46:7f:f6:f9:0e:d9:8b:cb:4a:ef:ce:e5:df:
93:d9:f5:0e:3b:09:2e:8a:08:70:9d:a6:48:36:a0:
37:45:df:5f:dc:c8:0d:b2:55:c5:ea:26:69:cd:a3:
b6:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:37:F5:B0:6C:43:B1:29:8B:CF:67:37:EF:78:9F:51:C8:99:41:98
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3234392e302f32342d3234203d3e20343030393039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.249.0/24
Signature Algorithm: sha256WithRSAEncryption
56:27:95:a0:4f:45:d5:81:cc:b5:8b:c1:1a:d3:58:94:f2:ef:
8d:40:04:72:2c:83:ce:64:00:cf:2a:24:23:84:b4:8a:86:53:
1f:58:71:53:0c:95:80:37:6b:07:8b:5c:db:0b:06:d9:c2:e0:
3d:45:ff:e8:3d:8a:f4:e9:99:02:15:46:73:82:25:04:c5:a5:
2b:08:f4:d0:f7:8b:8a:f9:7e:59:bd:a5:d3:ad:d6:ff:46:ca:
23:4c:37:e7:cd:39:95:a5:ce:78:8b:4d:b1:da:52:c7:28:dd:
99:f9:18:cb:9a:ee:14:bb:bc:83:6a:5e:32:8d:e0:53:ac:79:
3a:2d:5d:60:5b:fa:90:c1:bf:2b:7f:f6:93:ac:ee:13:f9:a9:
60:1f:4d:4d:c1:5f:24:1a:70:ed:95:97:9d:9f:9a:fd:56:47:
00:e9:c0:7e:78:de:88:4d:3e:be:5a:66:d6:22:22:05:1b:26:
32:a7:b5:ad:07:60:b9:4c:22:f1:e2:c0:1c:19:fe:89:5a:6b:
c0:82:6d:92:e8:12:90:5c:6a:10:1f:14:0d:b2:a1:d3:24:1b:
ac:05:6b:49:2a:c9:66:35:98:12:37:4a:7f:33:64:17:06:64:
3b:de:14:b7:64:0a:9b:6d:07:9b:17:50:7f:ca:c7:3e:ab:c3:
fa:0f:63:39
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUThFbvPywWmteMQpAhnofgbmDd+swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNjAyMTQwNzUwMzhaFw0yNzAyMTMwNzU1MzhaMDMxMTAvBgNV
BAMTKDhFMzdGNUIwNkM0M0IxMjk4QkNGNjczN0VGNzg5RjUxQzg5OTQxOTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzz42I9gR6DcH6I7aA0iMap3JN
zHIAtTB2NkKNS7gCXaB5+oI0uAyslG8GUK+pkHcX0ssVmQCylqX2ianOq8AIHHc5
OaQtyaCSn7fZUhvjY8WTRrAJEGm9HQGqBQJLNxxPMOY4X90v5S7vmvAeUcN/XcnN
n4Fkqs1EvGhCPSULVBeclWCNmah4SI4Yonh+o4/u3a1t0PefQ++dabexTZcwHFzj
JFMK/Xgle2OcqEEm8Y2A0pf3wGbeq2VDcLNVz3KElkldqchRgex658T9A15IdVD+
Rn/2+Q7Zi8tK787l35PZ9Q47CS6KCHCdpkg2oDdF31/cyA2yVcXqJmnNo7ZvAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUjjf1sGxDsSmLz2c373ifUciZQZgwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzODM1MmUzMjMxMzMyZTMy
MzQzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzAzMDM5MzAzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnV+TANBgkqhkiG9w0BAQsFAAOCAQEAVieVoE9F1YHMtYvBGtNYlPLvjUAE
ciyDzmQAzyokI4S0ioZTH1hxUwyVgDdrB4tc2wsG2cLgPUX/6D2K9OmZAhVGc4Il
BMWlKwj00PeLivl+Wb2l063W/0bKI0w35805laXOeItNsdpSxyjdmfkYy5ruFLu8
g2peMo3gU6x5Oi1dYFv6kMG/K3/2k6zuE/mpYB9NTcFfJBpw7ZWXnZ+a/VZHAOnA
fnjeiE0+vlpm1iIiBRsmMqe1rQdguUwi8eLAHBn+iVprwIJtkugSkFxqEB8UDbKh
0yQbrAVrSSrJZjWYEjdKfzNkFwZkO94Ut2QKm20HmxdQf8rHPqvD+g9jOQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 20:06:57 2026 by rpki-client