Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3132382e36352e3136302e302f32322d3232203d3e203438353932.roa
File: 3132382e36352e3136302e302f32322d3232203d3e203438353932.roa (raw, json)
Hash identifier: A3pVDR25ByDI5MeiQGGyctYtEVKjmHED5jwJjMlcbk4=
Subject key identifier: 50:AA:FF:9C:46:DD:6B:B4:DD:3F:A4:69:3E:B7:05:EB:55:63:45:D3
Certificate issuer: /CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Certificate serial: 1030727A78B887DA1A19EF64C671DEA80536E149
Authority key identifier: 45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3132382e36352e3136302e302f32322d3232203d3e203438353932.roa
Signing time: Tue 24 Feb 2026 06:55:39 +0000
ROA not before: Tue 24 Feb 2026 06:50:39 +0000
ROA not after: Tue 23 Feb 2027 06:55:39 +0000
asID: 48592
IP address blocks: 128.65.160.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 02:09:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:30:72:7a:78:b8:87:da:1a:19:ef:64:c6:71:de:a8:05:36:e1:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Validity
Not Before: Feb 24 06:50:39 2026 GMT
Not After : Feb 23 06:55:39 2027 GMT
Subject: CN=50AAFF9C46DD6BB4DD3FA4693EB705EB556345D3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a9:18:36:07:01:01:58:db:c7:49:47:c3:a6:
d9:1a:75:8c:49:ae:09:b1:6a:e7:58:26:26:9d:2a:
56:64:dd:27:97:39:c0:b9:36:b5:e1:b2:c6:c5:f6:
55:b6:14:18:f6:96:48:84:c3:ec:c6:2c:21:c0:cc:
de:8d:87:07:ec:49:78:36:45:26:35:09:c6:ad:4a:
79:6d:c8:27:e3:86:e6:be:49:29:08:10:2e:99:b0:
c1:6c:25:30:0f:be:5d:a2:91:c0:38:48:a2:7a:c8:
fe:7e:10:0e:bd:a0:cb:04:63:44:f8:79:e7:ff:e4:
fb:0c:a9:41:1f:9a:1d:fc:c7:ce:a9:8e:9f:b3:27:
dd:ec:8a:87:34:88:bb:62:97:03:49:eb:03:56:76:
c3:ab:65:a1:b6:27:86:de:57:11:fd:19:b9:fa:87:
01:30:a3:fc:8c:14:d4:0e:57:f7:b8:ce:22:2d:34:
47:92:8e:e0:af:de:d2:f8:c7:13:a4:f9:1c:8a:dc:
50:2c:c0:93:66:2c:18:91:2e:a0:79:24:26:ea:1f:
b1:b1:77:f9:71:8b:a6:7b:41:5c:8d:15:23:e7:b2:
d5:b9:30:da:50:1e:30:71:8e:04:e8:30:0b:b9:a2:
12:e3:55:cc:e3:aa:71:e4:62:20:4a:c5:fa:b3:6d:
1e:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:AA:FF:9C:46:DD:6B:B4:DD:3F:A4:69:3E:B7:05:EB:55:63:45:D3
X509v3 Authority Key Identifier:
keyid:45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3132382e36352e3136302e302f32322d3232203d3e203438353932.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.65.160.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:1c:63:f1:89:0f:29:96:82:e7:9a:0a:3d:be:76:00:90:1a:
ce:6f:91:a8:4c:44:03:59:00:95:8d:13:65:e0:87:a0:4f:07:
6d:be:51:78:0c:a9:a6:ce:08:d0:01:e4:e5:9e:c0:2a:81:04:
b2:58:e3:f8:fa:b2:f4:b7:ae:5c:ce:3d:7f:a7:ce:46:4c:42:
b6:20:03:21:a9:d2:1a:9b:2a:dd:8e:58:0f:b6:5a:9d:c7:ae:
ee:bd:c1:13:d2:25:41:77:b9:3f:1c:d1:52:93:c8:3c:52:9c:
8c:94:e8:be:cf:a3:86:69:14:42:64:f8:de:6f:f4:e5:63:a6:
b3:d8:20:bd:7b:7e:38:b6:d3:33:1b:87:6a:96:53:91:44:66:
79:1b:7d:c3:6e:14:61:dd:f2:37:f3:1e:a0:54:8c:78:95:49:
b4:aa:4e:c6:86:58:fc:69:d4:0b:2f:30:41:bf:a7:d8:ed:b5:
fd:f2:0b:3b:bf:8e:0d:aa:0e:c1:11:96:b9:3f:f9:6c:83:51:
38:21:9a:01:ea:57:0e:0e:30:c3:ba:91:19:52:7b:22:72:42:
93:61:a8:1c:b3:fb:bc:3d:bf:fb:c1:ca:24:08:78:c5:39:b6:
e8:2a:a6:90:86:75:94:93:15:0c:cd:90:14:cb:94:74:8d:23:
a0:02:95:58
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUEDByeni4h9oaGe9kxnHeqAU24UkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDVlODY0OGU0NDVkY2NkMGQ4ZWU2OTlmNTE0MGJiODE0
ZTQzYWUxYjAeFw0yNjAyMjQwNjUwMzlaFw0yNzAyMjMwNjU1MzlaMDMxMTAvBgNV
BAMTKDUwQUFGRjlDNDZERDZCQjRERDNGQTQ2OTNFQjcwNUVCNTU2MzQ1RDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfqRg2BwEBWNvHSUfDptkadYxJ
rgmxaudYJiadKlZk3SeXOcC5NrXhssbF9lW2FBj2lkiEw+zGLCHAzN6NhwfsSXg2
RSY1CcatSnltyCfjhua+SSkIEC6ZsMFsJTAPvl2ikcA4SKJ6yP5+EA69oMsEY0T4
eef/5PsMqUEfmh38x86pjp+zJ93sioc0iLtilwNJ6wNWdsOrZaG2J4beVxH9Gbn6
hwEwo/yMFNQOV/e4ziItNEeSjuCv3tL4xxOk+RyK3FAswJNmLBiRLqB5JCbqH7Gx
d/lxi6Z7QVyNFSPnstW5MNpQHjBxjgToMAu5ohLjVczjqnHkYiBKxfqzbR6/AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUUKr/nEbda7TdP6RpPrcF61VjRdMwHwYDVR0j
BBgwFoAURehkjkRdzNDY7mmfUUC7gU5DrhswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTMzYjJmZDctMzFjMS00NTFjLTgyODgtYzFhYTBhYTEy
NzUwLzAvNDVFODY0OEU0NDVEQ0NEMEQ4RUU2OTlGNTE0MEJCODE0RTQzQUUxQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JlaGtqa1Jkek5EWTdtbWZVVUM3Z1U1
RHJocy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTMzYjJmZDct
MzFjMS00NTFjLTgyODgtYzFhYTBhYTEyNzUwLzAvMzEzMjM4MmUzNjM1MmUzMTM2
MzAyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzNDM4MzUzOTMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
gEGgMA0GCSqGSIb3DQEBCwUAA4IBAQBsHGPxiQ8ploLnmgo9vnYAkBrOb5GoTEQD
WQCVjRNl4IegTwdtvlF4DKmmzgjQAeTlnsAqgQSyWOP4+rL0t65czj1/p85GTEK2
IAMhqdIamyrdjlgPtlqdx67uvcET0iVBd7k/HNFSk8g8UpyMlOi+z6OGaRRCZPje
b/TlY6az2CC9e344ttMzG4dqllORRGZ5G33DbhRh3fI38x6gVIx4lUm0qk7Ghlj8
adQLLzBBv6fY7bX98gs7v44Nqg7BEZa5P/lsg1E4IZoB6lcODjDDupEZUnsickKT
Yagcs/u8Pb/7wcokCHjFObboKqaQhnWUkxUMzZAUy5R0jSOgApVY
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:11:28 2026 by rpki-client