Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3138352e33392e3138332e302f32342d3234203d3e203438353932.roa
File: 3138352e33392e3138332e302f32342d3234203d3e203438353932.roa (raw, json)
Hash identifier: 5y1BpEcUWIqqauwo2u2KJKPFMCa0JPAhvtiDqGTVDHw=
Subject key identifier: 7F:2F:62:63:29:98:F9:7F:7F:B1:9C:74:E6:F1:07:B2:8B:AC:AD:11
Certificate issuer: /CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Certificate serial: 02222D60630F96783E82215E8C7D94DECE50F953
Authority key identifier: 45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3138352e33392e3138332e302f32342d3234203d3e203438353932.roa
Signing time: Tue 24 Feb 2026 06:55:40 +0000
ROA not before: Tue 24 Feb 2026 06:50:40 +0000
ROA not after: Tue 23 Feb 2027 06:55:40 +0000
asID: 48592
IP address blocks: 185.39.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 02:09:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:22:2d:60:63:0f:96:78:3e:82:21:5e:8c:7d:94:de:ce:50:f9:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Validity
Not Before: Feb 24 06:50:40 2026 GMT
Not After : Feb 23 06:55:40 2027 GMT
Subject: CN=7F2F62632998F97F7FB19C74E6F107B28BACAD11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ba:8b:bb:96:3c:db:4b:28:c6:52:fa:83:96:
31:2a:0c:fe:0c:c9:9e:68:78:76:a4:d5:6f:f2:28:
db:ad:35:72:40:04:d2:e9:74:b0:a5:9b:79:38:4c:
8f:a3:32:cc:45:a0:58:62:2c:07:e9:32:9f:5c:40:
46:26:b2:02:3f:1f:08:73:f6:6f:8c:e3:4b:28:81:
78:42:0d:41:3f:c5:d5:a3:b1:e7:f8:38:a9:d9:49:
4c:b6:33:e5:10:b6:bb:93:15:47:ac:d6:76:c5:b1:
3d:fd:dc:24:84:00:6b:ef:c8:10:f4:39:05:77:da:
04:a9:df:a1:fa:03:72:5c:af:68:9c:b4:6f:57:e1:
b2:cd:7b:aa:1e:41:44:6b:50:eb:9d:be:1d:34:44:
92:48:a7:2a:47:8d:b2:7c:34:f6:7f:74:09:8c:b0:
72:4e:94:9b:fe:53:a0:5e:5b:d2:c4:58:39:2d:d0:
09:09:c2:36:bb:03:87:e4:b2:7e:01:29:ce:7e:c1:
7e:8d:55:9c:c6:a3:39:19:ee:f7:1b:40:e8:48:b0:
ce:55:ba:c3:a0:18:7c:f6:79:95:3c:7d:16:49:83:
78:e7:70:03:4b:32:90:03:30:39:0d:37:fd:9c:0b:
9a:5c:a5:69:c2:62:45:de:df:27:98:c7:a6:2d:72:
82:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:2F:62:63:29:98:F9:7F:7F:B1:9C:74:E6:F1:07:B2:8B:AC:AD:11
X509v3 Authority Key Identifier:
keyid:45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3138352e33392e3138332e302f32342d3234203d3e203438353932.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.183.0/24
Signature Algorithm: sha256WithRSAEncryption
51:f9:f1:be:f8:26:9a:55:47:4d:2a:d1:d8:c5:4a:4f:1a:bf:
b5:e1:85:42:75:4b:8e:bd:b9:54:a7:a1:57:be:54:94:f1:d3:
dc:1b:74:98:82:64:27:0c:17:f3:02:cc:83:c0:37:80:e9:fa:
21:6b:9f:fe:6d:29:76:80:45:7f:a5:43:5e:6e:86:a6:8f:4f:
1a:43:37:de:ef:f5:51:ca:4a:fd:1a:f9:89:74:49:17:41:d0:
8e:1d:4f:d8:d2:7e:32:e0:70:6c:8c:11:12:ac:ed:3a:2a:65:
4d:40:c7:10:cc:8b:2a:10:76:0a:8a:65:31:7b:31:c0:c3:92:
e8:c2:20:22:4a:a2:17:02:a3:05:80:4f:b2:aa:3f:7f:da:b4:
d6:ef:63:f8:49:19:85:e7:10:9d:2a:28:07:d4:8f:aa:b6:a7:
a9:b5:cc:f6:d8:57:36:1c:f8:da:fb:5a:82:77:6f:7b:0f:51:
0c:3e:24:59:c6:37:7d:13:4b:8e:97:14:3e:26:c5:42:cd:a5:
22:66:4d:ed:44:46:02:e6:eb:07:74:45:3e:cb:45:ca:7b:71:
c0:6c:4f:91:b2:43:b9:96:02:c8:37:63:8e:71:76:1c:43:24:
e5:b1:21:09:d2:3f:d6:53:28:b9:a5:d0:19:25:71:f9:d5:b7:
0c:a2:18:7f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUAiItYGMPlng+giFejH2U3s5Q+VMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDVlODY0OGU0NDVkY2NkMGQ4ZWU2OTlmNTE0MGJiODE0
ZTQzYWUxYjAeFw0yNjAyMjQwNjUwNDBaFw0yNzAyMjMwNjU1NDBaMDMxMTAvBgNV
BAMTKDdGMkY2MjYzMjk5OEY5N0Y3RkIxOUM3NEU2RjEwN0IyOEJBQ0FEMTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbuou7ljzbSyjGUvqDljEqDP4M
yZ5oeHak1W/yKNutNXJABNLpdLClm3k4TI+jMsxFoFhiLAfpMp9cQEYmsgI/Hwhz
9m+M40sogXhCDUE/xdWjsef4OKnZSUy2M+UQtruTFUes1nbFsT393CSEAGvvyBD0
OQV32gSp36H6A3Jcr2ictG9X4bLNe6oeQURrUOudvh00RJJIpypHjbJ8NPZ/dAmM
sHJOlJv+U6BeW9LEWDkt0AkJwja7A4fksn4BKc5+wX6NVZzGozkZ7vcbQOhIsM5V
usOgGHz2eZU8fRZJg3jncANLMpADMDkNN/2cC5pcpWnCYkXe3yeYx6YtcoIhAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUfy9iYymY+X9/sZx05vEHsousrREwHwYDVR0j
BBgwFoAURehkjkRdzNDY7mmfUUC7gU5DrhswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTMzYjJmZDctMzFjMS00NTFjLTgyODgtYzFhYTBhYTEy
NzUwLzAvNDVFODY0OEU0NDVEQ0NEMEQ4RUU2OTlGNTE0MEJCODE0RTQzQUUxQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JlaGtqa1Jkek5EWTdtbWZVVUM3Z1U1
RHJocy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTMzYjJmZDct
MzFjMS00NTFjLTgyODgtYzFhYTBhYTEyNzUwLzAvMzEzODM1MmUzMzM5MmUzMTM4
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM4MzUzOTMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uSe3MA0GCSqGSIb3DQEBCwUAA4IBAQBR+fG++CaaVUdNKtHYxUpPGr+14YVCdUuO
vblUp6FXvlSU8dPcG3SYgmQnDBfzAsyDwDeA6foha5/+bSl2gEV/pUNeboamj08a
Qzfe7/VRykr9GvmJdEkXQdCOHU/Y0n4y4HBsjBESrO06KmVNQMcQzIsqEHYKimUx
ezHAw5LowiAiSqIXAqMFgE+yqj9/2rTW72P4SRmF5xCdKigH1I+qtqeptcz22Fc2
HPja+1qCd297D1EMPiRZxjd9E0uOlxQ+JsVCzaUiZk3tREYC5usHdEU+y0XKe3HA
bE+RskO5lgLIN2OOcXYcQyTlsSEJ0j/WUyi5pdAZJXH51bcMohh/
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:14:36 2026 by rpki-client