Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3138352e33392e3138312e302f32342d3234203d3e203438353932.roa
File: 3138352e33392e3138312e302f32342d3234203d3e203438353932.roa (raw, json)
Hash identifier: wPa88HthyMje0FC4DyK9XcGEOLxJkylfsOcQDqr+i80=
Subject key identifier: FF:BD:97:C6:F1:36:85:6E:0B:E6:A8:4A:6A:4F:62:6D:93:36:DC:FA
Certificate issuer: /CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Certificate serial: 3A8C7AD41B4012AD890EFD0B3732D3875945CE79
Authority key identifier: 45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3138352e33392e3138312e302f32342d3234203d3e203438353932.roa
Signing time: Tue 24 Feb 2026 06:55:40 +0000
ROA not before: Tue 24 Feb 2026 06:50:40 +0000
ROA not after: Tue 23 Feb 2027 06:55:40 +0000
asID: 48592
IP address blocks: 185.39.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:8c:7a:d4:1b:40:12:ad:89:0e:fd:0b:37:32:d3:87:59:45:ce:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Validity
Not Before: Feb 24 06:50:40 2026 GMT
Not After : Feb 23 06:55:40 2027 GMT
Subject: CN=FFBD97C6F136856E0BE6A84A6A4F626D9336DCFA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d2:4f:4a:a8:6e:ae:c7:a9:c2:c7:4a:f4:18:
3a:93:28:32:77:84:f3:f8:20:83:05:61:42:94:1e:
d4:3d:5d:1c:2e:d0:9d:e2:3d:77:47:88:7d:15:dc:
15:80:32:d6:97:bd:2b:08:e3:80:c6:f1:9d:2f:6c:
69:08:5e:61:a8:36:40:ab:7d:f5:f6:ac:8c:32:74:
64:ab:63:c1:ee:8d:8c:11:68:91:7d:7d:8b:3f:85:
48:a6:ca:08:0d:52:97:c4:a0:b6:f4:9e:7a:f9:ad:
90:61:72:e6:c7:78:ff:6e:87:52:4c:0f:6e:18:2b:
3e:cc:b9:e4:a7:d5:32:9e:39:54:8e:34:52:07:a6:
f0:9b:78:33:a3:00:ee:62:40:2d:5d:c3:1f:0c:67:
1a:84:70:5e:e0:61:71:8e:65:d8:98:4e:9f:6d:bd:
89:08:a5:3a:24:4d:c5:16:51:da:3f:a4:65:78:58:
f8:40:74:a3:75:44:da:07:d2:2e:70:e4:16:e2:74:
d4:0a:b0:d9:5a:c6:c0:70:1e:8d:5c:e9:51:ca:02:
02:5a:d0:3f:f9:bb:2d:d2:39:6a:fc:d1:e0:c1:e9:
75:f5:75:73:b3:68:43:41:b1:47:32:f6:d7:b7:46:
02:75:7f:ee:df:ac:4a:a4:d9:5b:03:5d:8d:e9:11:
f4:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:BD:97:C6:F1:36:85:6E:0B:E6:A8:4A:6A:4F:62:6D:93:36:DC:FA
X509v3 Authority Key Identifier:
keyid:45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3138352e33392e3138312e302f32342d3234203d3e203438353932.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.181.0/24
Signature Algorithm: sha256WithRSAEncryption
88:4f:45:a3:f9:d4:cb:07:fb:9d:ff:ee:90:fa:6c:ec:a5:da:
b7:88:15:d0:09:07:c4:75:d5:a3:4d:77:d4:49:f6:e9:4c:62:
9f:dc:b7:80:b9:fb:8b:34:13:84:44:2f:2e:0b:b3:6e:d7:e9:
85:f0:20:14:c2:9b:77:dc:89:a2:a4:29:a3:61:94:9e:ee:5f:
d0:75:5f:60:4f:2b:01:f6:7c:67:4b:8a:f6:9e:fa:f2:9e:99:
73:7c:e4:77:9e:fd:ef:0a:a3:93:ed:50:c8:8f:35:3c:c9:d0:
30:c1:15:cb:c6:6a:cd:12:45:57:c3:a0:ae:c0:d1:33:fc:3b:
e4:47:a1:9e:57:40:85:25:83:51:19:14:77:74:2b:ca:d7:2a:
40:df:a6:d3:10:8a:f9:15:8b:3a:51:6f:89:e9:b7:d9:5e:c7:
4b:25:3b:b1:69:91:d2:f3:9d:42:18:ff:ff:8e:a8:99:20:79:
7e:59:21:69:a3:56:7e:43:0c:89:e4:20:ea:43:42:3e:e1:9a:
06:d0:31:b2:f8:b3:ad:f3:c9:e2:28:4d:3a:db:0c:e2:5e:79:
d3:66:60:4e:d3:82:74:bb:61:51:87:c1:b8:d7:e5:50:2a:29:
84:77:35:a3:29:e9:c4:c0:bd:48:01:95:64:80:5f:1f:af:61:
1f:42:eb:25
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUOox61BtAEq2JDv0LNzLTh1lFznkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDVlODY0OGU0NDVkY2NkMGQ4ZWU2OTlmNTE0MGJiODE0
ZTQzYWUxYjAeFw0yNjAyMjQwNjUwNDBaFw0yNzAyMjMwNjU1NDBaMDMxMTAvBgNV
BAMTKEZGQkQ5N0M2RjEzNjg1NkUwQkU2QTg0QTZBNEY2MjZEOTMzNkRDRkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDL0k9KqG6ux6nCx0r0GDqTKDJ3
hPP4IIMFYUKUHtQ9XRwu0J3iPXdHiH0V3BWAMtaXvSsI44DG8Z0vbGkIXmGoNkCr
ffX2rIwydGSrY8HujYwRaJF9fYs/hUimyggNUpfEoLb0nnr5rZBhcubHeP9uh1JM
D24YKz7MueSn1TKeOVSONFIHpvCbeDOjAO5iQC1dwx8MZxqEcF7gYXGOZdiYTp9t
vYkIpTokTcUWUdo/pGV4WPhAdKN1RNoH0i5w5BbidNQKsNlaxsBwHo1c6VHKAgJa
0D/5uy3SOWr80eDB6XX1dXOzaENBsUcy9te3RgJ1f+7frEqk2VsDXY3pEfQNAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU/72XxvE2hW4L5qhKak9ibZM23PowHwYDVR0j
BBgwFoAURehkjkRdzNDY7mmfUUC7gU5DrhswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTMzYjJmZDctMzFjMS00NTFjLTgyODgtYzFhYTBhYTEy
NzUwLzAvNDVFODY0OEU0NDVEQ0NEMEQ4RUU2OTlGNTE0MEJCODE0RTQzQUUxQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JlaGtqa1Jkek5EWTdtbWZVVUM3Z1U1
RHJocy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTMzYjJmZDct
MzFjMS00NTFjLTgyODgtYzFhYTBhYTEyNzUwLzAvMzEzODM1MmUzMzM5MmUzMTM4
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM4MzUzOTMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uSe1MA0GCSqGSIb3DQEBCwUAA4IBAQCIT0Wj+dTLB/ud/+6Q+mzspdq3iBXQCQfE
ddWjTXfUSfbpTGKf3LeAufuLNBOERC8uC7Nu1+mF8CAUwpt33ImipCmjYZSe7l/Q
dV9gTysB9nxnS4r2nvrynplzfOR3nv3vCqOT7VDIjzU8ydAwwRXLxmrNEkVXw6Cu
wNEz/DvkR6GeV0CFJYNRGRR3dCvK1ypA36bTEIr5FYs6UW+J6bfZXsdLJTuxaZHS
851CGP//jqiZIHl+WSFpo1Z+QwyJ5CDqQ0I+4ZoG0DGy+LOt88niKE062wziXnnT
ZmBO04J0u2FRh8G41+VQKimEdzWjKenEwL1IAZVkgF8fr2EfQusl
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:38:36 2026 by rpki-client