Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/3138352e3138312e322e302f32342d3234203d3e20323132363639.roa
File: 3138352e3138312e322e302f32342d3234203d3e20323132363639.roa (raw, json)
Hash identifier: MXRlv5xAo/BF9Pc+8yjAPEOfs4iVkOfxpIdVxrgD3OQ=
Subject key identifier: A3:50:77:E0:9F:AA:77:F9:0B:43:16:A9:1D:57:24:26:28:EE:E7:99
Certificate issuer: /CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Certificate serial: 5EE3836D63FF3C1CD8FCB3D91F92F0F3E3F4624C
Authority key identifier: 8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/3138352e3138312e322e302f32342d3234203d3e20323132363639.roa
Signing time: Tue 24 Feb 2026 14:46:24 +0000
ROA not before: Tue 24 Feb 2026 14:41:24 +0000
ROA not after: Tue 23 Feb 2027 14:46:24 +0000
asID: 212669
IP address blocks: 185.181.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.mft
rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:e3:83:6d:63:ff:3c:1c:d8:fc:b3:d9:1f:92:f0:f3:e3:f4:62:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Validity
Not Before: Feb 24 14:41:24 2026 GMT
Not After : Feb 23 14:46:24 2027 GMT
Subject: CN=A35077E09FAA77F90B4316A91D57242628EEE799
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:59:4b:90:a3:66:1a:af:8b:2e:3e:5e:55:c8:
19:b2:43:c8:fe:a2:e9:d5:78:b2:e8:c2:70:6f:2e:
3f:87:6b:47:02:6f:c1:e7:74:7b:6a:ff:54:8e:1d:
16:ad:81:67:0f:d7:39:cb:17:31:cb:dd:17:40:f7:
1e:7f:b9:ae:64:7b:6b:19:29:89:27:eb:69:30:a1:
86:ed:47:3b:1b:0e:27:ca:7f:e9:e7:47:15:0f:94:
7b:aa:e2:04:8d:a4:65:0b:4e:b5:68:d7:37:4b:27:
ff:04:4d:7e:5a:5e:87:80:a4:80:d2:d5:de:64:2c:
11:6c:cf:8c:97:06:ab:83:70:2a:af:ca:cd:bd:cd:
25:35:e4:13:43:bc:7f:64:fd:f6:5b:cd:ea:7d:cd:
f4:63:e5:ad:c6:a1:7f:be:18:92:39:ca:6e:0c:af:
b6:e7:f4:c5:d5:d4:2a:74:e7:1d:45:37:2c:04:98:
eb:21:b1:dc:b3:e9:22:96:2e:b4:e5:1e:b3:4d:ae:
4b:2b:0c:04:be:74:50:92:ab:af:c5:7a:2f:68:06:
76:7b:f0:46:28:b6:38:f3:16:53:e3:0e:4d:63:ef:
20:6f:97:e2:f9:bc:38:d6:a5:e9:e9:d9:16:16:ec:
98:6c:b2:49:a2:17:45:7c:ab:0d:e7:ca:c9:5e:a5:
4e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:50:77:E0:9F:AA:77:F9:0B:43:16:A9:1D:57:24:26:28:EE:E7:99
X509v3 Authority Key Identifier:
keyid:8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/3138352e3138312e322e302f32342d3234203d3e20323132363639.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.181.2.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:6c:a9:e3:b2:38:85:28:aa:f5:1b:d4:0d:f5:e4:10:ef:e8:
06:51:43:cf:9f:f8:0f:90:11:70:e1:a3:a5:fb:69:6f:ff:fa:
9b:ad:ad:02:27:3a:61:f2:73:72:66:80:94:e0:d3:c2:e8:d1:
7e:8b:b4:cc:ab:86:a3:49:2c:a5:ae:45:f3:55:0a:08:b1:de:
12:52:98:e5:fe:2d:c3:be:05:46:ff:81:7a:61:cf:7d:ef:be:
91:7a:bd:98:ce:16:e7:c2:3d:b9:6a:ca:36:0c:02:4b:fe:cf:
fc:43:16:8e:0e:53:f4:1a:b8:95:0a:06:8c:ca:0d:b3:24:a1:
15:e5:ee:bf:45:27:e8:b7:3f:73:19:ac:ed:5f:b3:10:b1:28:
ea:11:63:12:0b:1d:3c:66:77:94:c2:a0:6e:77:b0:d8:ff:60:
d6:be:7e:e7:06:84:c1:d0:d8:f8:9e:6d:c7:63:a3:0f:66:9c:
8b:6a:cb:dc:94:13:c0:72:1f:57:db:96:2b:0c:33:1d:2e:a3:
72:0e:11:64:1d:ff:84:c9:eb:e6:94:4b:77:29:f8:67:7d:2c:
3e:16:02:17:9c:ca:be:1b:5f:fc:d4:d8:c3:5d:4f:d9:49:f6:
c8:8f:e9:5d:13:48:4f:ff:62:5e:a1:99:38:4e:ff:f0:c5:2a:
73:6c:b7:eb
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUXuODbWP/PBzY/LPZH5Lw8+P0YkwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGY0Y2U3NzIyZjk5MDc1ZDk0NzM4YjdlNjEwNzA0MDEy
NjllYjNkNjAeFw0yNjAyMjQxNDQxMjRaFw0yNzAyMjMxNDQ2MjRaMDMxMTAvBgNV
BAMTKEEzNTA3N0UwOUZBQTc3RjkwQjQzMTZBOTFENTcyNDI2MjhFRUU3OTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrWUuQo2Yar4suPl5VyBmyQ8j+
ounVeLLownBvLj+Ha0cCb8HndHtq/1SOHRatgWcP1znLFzHL3RdA9x5/ua5ke2sZ
KYkn62kwoYbtRzsbDifKf+nnRxUPlHuq4gSNpGULTrVo1zdLJ/8ETX5aXoeApIDS
1d5kLBFsz4yXBquDcCqvys29zSU15BNDvH9k/fZbzep9zfRj5a3GoX++GJI5ym4M
r7bn9MXV1Cp05x1FNywEmOshsdyz6SKWLrTlHrNNrksrDAS+dFCSq6/Fei9oBnZ7
8EYotjjzFlPjDk1j7yBvl+L5vDjWpenp2RYW7JhsskmiF0V8qw3nyslepU6lAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUo1B34J+qd/kLQxapHVckJiju55kwHwYDVR0j
BBgwFoAUj0znci+ZB12Uc4t+YQcEASaes9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUtNTExMC00MjU3LTk0ZWYtNGQyYjQzODg0
MDQwLzAvOEY0Q0U3NzIyRjk5MDc1RDk0NzM4QjdFNjEwNzA0MDEyNjlFQjNENi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2owem5jaS1aQjEyVWM0dC1ZUWNFQVNh
ZXM5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUt
NTExMC00MjU3LTk0ZWYtNGQyYjQzODg0MDQwLzAvMzEzODM1MmUzMTM4MzEyZTMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzYzNjM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ubUCMA0GCSqGSIb3DQEBCwUAA4IBAQCbbKnjsjiFKKr1G9QN9eQQ7+gGUUPPn/gP
kBFw4aOl+2lv//qbra0CJzph8nNyZoCU4NPC6NF+i7TMq4ajSSylrkXzVQoIsd4S
Upjl/i3DvgVG/4F6Yc99776Rer2Yzhbnwj25aso2DAJL/s/8QxaODlP0GriVCgaM
yg2zJKEV5e6/RSfotz9zGaztX7MQsSjqEWMSCx08ZneUwqBud7DY/2DWvn7nBoTB
0Nj4nm3HY6MPZpyLasvclBPAch9X25YrDDMdLqNyDhFkHf+EyevmlEt3KfhnfSw+
FgIXnMq+G1/81NjDXU/ZSfbIj+ldE0hP/2JeoZk4Tv/wxSpzbLfr
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:43:22 2026 by rpki-client