Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3138352e33392e3138322e302f32342d3234203d3e203438353932.roa
File: 3138352e33392e3138322e302f32342d3234203d3e203438353932.roa (raw, json)
Hash identifier: 2GU98PVW8A06wPHFP07dWrMXh03+0FNfaArisd+625g=
Subject key identifier: 6F:E0:21:CA:32:25:3A:AE:24:DD:6E:5F:A0:07:F1:80:B9:DD:6D:AE
Certificate issuer: /CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Certificate serial: 1A02669FDDCB971A2DD37C9B378D5F6BDDE9B533
Authority key identifier: 45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3138352e33392e3138322e302f32342d3234203d3e203438353932.roa
Signing time: Tue 24 Feb 2026 06:55:40 +0000
ROA not before: Tue 24 Feb 2026 06:50:40 +0000
ROA not after: Tue 23 Feb 2027 06:55:40 +0000
asID: 48592
IP address blocks: 185.39.182.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 02:09:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:02:66:9f:dd:cb:97:1a:2d:d3:7c:9b:37:8d:5f:6b:dd:e9:b5:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Validity
Not Before: Feb 24 06:50:40 2026 GMT
Not After : Feb 23 06:55:40 2027 GMT
Subject: CN=6FE021CA32253AAE24DD6E5FA007F180B9DD6DAE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:76:2e:3c:61:5e:2f:db:84:cd:ae:98:3f:08:
6e:af:88:23:66:24:04:69:d7:0c:55:e7:a4:01:a1:
96:e9:3c:6d:6e:e3:f0:66:89:0f:5b:95:f6:48:74:
13:ef:b1:26:9b:b5:4c:09:9c:46:7a:06:76:24:81:
a6:37:5e:eb:e8:5c:08:93:92:d0:ac:1b:b8:d5:33:
44:6b:f6:91:c1:ac:45:b1:29:68:08:7a:5d:f2:80:
74:94:e0:05:1b:a8:63:73:b5:dc:29:6c:9c:ee:10:
ad:17:84:d8:e2:2d:ce:3d:56:2b:11:a8:5b:54:d1:
13:3a:2a:c1:9c:15:cd:9a:a8:b1:c8:6b:23:f4:9e:
27:46:ae:04:05:6f:93:fe:de:eb:78:56:00:e8:84:
93:17:a0:a8:bd:b3:c6:ef:d7:21:0c:e4:99:8b:c0:
8b:b6:09:a4:9a:54:cb:74:c8:49:f8:c6:42:eb:98:
83:ec:5f:75:08:1a:3a:43:13:56:86:1e:84:2c:f2:
e2:8e:c1:7f:3b:72:37:86:d5:d5:ee:c1:41:b8:54:
5f:e4:08:46:ad:91:5a:56:ae:fc:4c:d2:80:5e:0c:
e0:33:3a:27:ae:05:d8:45:a2:96:65:03:7c:f5:ee:
8a:14:8c:26:0a:64:6d:c8:15:dc:3d:6a:b6:33:ca:
26:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:E0:21:CA:32:25:3A:AE:24:DD:6E:5F:A0:07:F1:80:B9:DD:6D:AE
X509v3 Authority Key Identifier:
keyid:45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3138352e33392e3138322e302f32342d3234203d3e203438353932.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.182.0/24
Signature Algorithm: sha256WithRSAEncryption
57:a9:cf:6e:c9:6d:80:f3:c6:b8:fb:5d:64:c3:c1:d8:6c:63:
63:ca:d8:6b:e9:72:0d:be:8c:c3:16:a9:04:f5:f8:44:9a:59:
1c:e3:26:3f:94:ff:e7:13:d1:fb:1c:61:fe:c9:01:9d:43:63:
2e:1d:3f:06:b3:49:b3:1e:4c:2e:e4:c0:3f:74:0a:d4:55:fd:
0e:94:9b:d4:34:10:89:59:74:9e:31:ea:34:c0:4b:fa:36:88:
ea:04:ec:9b:1b:93:3f:94:1f:83:20:a8:ad:96:1e:7e:e8:ca:
2f:8a:fe:40:50:56:27:5d:78:09:b1:25:2c:8d:a6:2c:de:8c:
fb:30:71:80:f6:79:fa:95:59:f6:6c:e0:8d:b0:33:0a:78:ee:
48:97:b3:3b:c2:5a:df:cd:04:f0:29:b3:96:d3:c1:83:00:36:
13:0f:50:ca:bd:b6:48:4a:5b:21:64:d8:44:b1:36:76:14:b0:
dd:1a:82:ea:38:b5:28:af:c6:d7:b9:62:f8:ff:f1:cb:6d:61:
3a:33:0f:09:77:3d:bb:dd:c3:91:82:ce:30:69:94:ae:bf:5e:
e0:6d:cc:75:0a:18:b1:96:aa:b1:b5:d4:9a:57:cf:f8:f4:fe:
54:2a:b5:93:03:24:e0:9c:e1:06:02:85:07:bd:d3:e2:86:ea:
6f:5c:90:f2
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUGgJmn93Llxot03ybN41fa93ptTMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDVlODY0OGU0NDVkY2NkMGQ4ZWU2OTlmNTE0MGJiODE0
ZTQzYWUxYjAeFw0yNjAyMjQwNjUwNDBaFw0yNzAyMjMwNjU1NDBaMDMxMTAvBgNV
BAMTKDZGRTAyMUNBMzIyNTNBQUUyNERENkU1RkEwMDdGMTgwQjlERDZEQUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkdi48YV4v24TNrpg/CG6viCNm
JARp1wxV56QBoZbpPG1u4/BmiQ9blfZIdBPvsSabtUwJnEZ6BnYkgaY3XuvoXAiT
ktCsG7jVM0Rr9pHBrEWxKWgIel3ygHSU4AUbqGNztdwpbJzuEK0XhNjiLc49VisR
qFtU0RM6KsGcFc2aqLHIayP0nidGrgQFb5P+3ut4VgDohJMXoKi9s8bv1yEM5JmL
wIu2CaSaVMt0yEn4xkLrmIPsX3UIGjpDE1aGHoQs8uKOwX87cjeG1dXuwUG4VF/k
CEatkVpWrvxM0oBeDOAzOieuBdhFopZlA3z17ooUjCYKZG3IFdw9arYzyiaVAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUb+AhyjIlOq4k3W5foAfxgLndba4wHwYDVR0j
BBgwFoAURehkjkRdzNDY7mmfUUC7gU5DrhswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTMzYjJmZDctMzFjMS00NTFjLTgyODgtYzFhYTBhYTEy
NzUwLzAvNDVFODY0OEU0NDVEQ0NEMEQ4RUU2OTlGNTE0MEJCODE0RTQzQUUxQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JlaGtqa1Jkek5EWTdtbWZVVUM3Z1U1
RHJocy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTMzYjJmZDct
MzFjMS00NTFjLTgyODgtYzFhYTBhYTEyNzUwLzAvMzEzODM1MmUzMzM5MmUzMTM4
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM4MzUzOTMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uSe2MA0GCSqGSIb3DQEBCwUAA4IBAQBXqc9uyW2A88a4+11kw8HYbGNjythr6XIN
vozDFqkE9fhEmlkc4yY/lP/nE9H7HGH+yQGdQ2MuHT8Gs0mzHkwu5MA/dArUVf0O
lJvUNBCJWXSeMeo0wEv6NojqBOybG5M/lB+DIKitlh5+6Moviv5AUFYnXXgJsSUs
jaYs3oz7MHGA9nn6lVn2bOCNsDMKeO5Il7M7wlrfzQTwKbOW08GDADYTD1DKvbZI
SlshZNhEsTZ2FLDdGoLqOLUor8bXuWL4//HLbWE6Mw8Jdz273cORgs4waZSuv17g
bcx1ChixlqqxtdSaV8/49P5UKrWTAyTgnOEGAoUHvdPihupvXJDy
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:09:06 2026 by rpki-client