Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e3230352e3232322e302f32342d3234203d3e20323134303235.roa
File: 3138352e3230352e3232322e302f32342d3234203d3e20323134303235.roa (raw, json)
Hash identifier: a6UtNfh0Mz29MZ6uljFA7v7lapC5duRUrEcke3ooe5c=
Subject key identifier: 68:CB:63:B9:FB:E1:6D:B6:D6:CF:DD:AE:BD:18:A2:F6:54:EB:17:5E
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 19E06C9A2BFB7F55F957ADBC7A6C6DE0A1EDB903
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e3230352e3232322e302f32342d3234203d3e20323134303235.roa
Signing time: Tue 31 Mar 2026 12:05:06 +0000
ROA not before: Tue 31 Mar 2026 12:00:06 +0000
ROA not after: Tue 30 Mar 2027 12:05:06 +0000
asID: 214025
IP address blocks: 185.205.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 Apr 2026 22:49:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:e0:6c:9a:2b:fb:7f:55:f9:57:ad:bc:7a:6c:6d:e0:a1:ed:b9:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Mar 31 12:00:06 2026 GMT
Not After : Mar 30 12:05:06 2027 GMT
Subject: CN=68CB63B9FBE16DB6D6CFDDAEBD18A2F654EB175E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:30:f2:a6:46:41:c5:c7:09:a2:08:70:d1:d3:
dc:c2:ff:62:83:cb:06:cb:08:02:27:6b:66:a7:57:
d7:44:60:c0:e8:b5:a5:c2:64:6a:f9:dc:64:44:08:
36:68:bc:ae:9d:b4:d5:a4:91:06:57:89:1c:31:23:
6c:db:64:0a:32:dc:21:27:02:df:b3:ec:c7:ad:0a:
88:2f:70:12:4f:23:b3:0a:b9:53:c8:45:c7:6b:57:
b5:cb:91:54:70:90:94:f3:a0:66:12:42:37:76:1b:
b1:d0:09:38:54:4a:3e:30:43:ec:c1:15:40:76:a4:
24:58:1d:bd:cb:07:05:19:45:db:da:41:62:1e:8e:
ad:1d:ac:0d:73:1a:a3:c7:a5:e1:0d:2a:4e:66:5c:
e6:35:62:52:26:39:ea:76:c1:d9:1a:8d:37:97:0b:
0b:62:0d:f7:85:29:3c:51:75:e0:fc:af:32:0b:d7:
bb:ae:b8:d9:89:26:b6:20:c9:d3:7d:68:5a:9b:36:
96:ae:62:02:1f:56:a1:94:7b:1d:97:5b:20:59:de:
b6:df:8a:80:b2:24:ca:e9:72:09:45:1c:ef:c0:78:
16:2a:d1:ec:f4:68:c4:2d:5d:e8:0b:04:28:76:96:
dd:e5:19:fb:6b:75:9c:28:6e:50:41:b6:b3:f4:a7:
10:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:CB:63:B9:FB:E1:6D:B6:D6:CF:DD:AE:BD:18:A2:F6:54:EB:17:5E
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e3230352e3232322e302f32342d3234203d3e20323134303235.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.205.222.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:d1:a3:89:1b:b1:db:ee:76:2d:31:1f:e0:e9:f7:5c:80:33:
0f:6f:40:8a:2e:39:91:8d:aa:2b:77:a2:c7:c3:53:d2:86:6d:
c9:cd:dd:0b:f1:fb:27:88:57:75:23:dc:fc:4a:94:8d:96:91:
3a:4e:2a:eb:93:77:26:54:c1:65:60:59:d0:10:a0:30:c4:aa:
2d:23:b6:06:dc:2a:a2:fd:9d:a6:1f:26:ab:0b:39:fa:1b:5c:
dc:fc:57:e8:80:33:5f:48:10:e7:54:f3:2b:d3:9f:98:39:ce:
2e:37:7c:d3:cf:a6:d0:96:a8:02:82:17:49:c3:3a:27:a1:2b:
39:a4:83:fb:cb:cf:59:0c:10:37:11:74:91:1e:46:9d:af:7a:
25:08:0e:ab:e8:46:cf:63:26:e8:ca:56:30:45:a7:6a:32:16:
d3:57:2b:f1:94:63:fd:91:d0:f4:87:b7:aa:f7:e8:ae:38:ca:
79:19:39:be:b3:32:ad:03:32:7d:e8:f5:a7:86:be:4d:c0:71:
d3:db:ec:e5:d8:ee:33:a1:97:53:64:7a:27:25:8f:df:23:30:
a3:fb:98:da:42:7f:d5:66:f6:1d:64:56:c9:82:20:91:ed:fd:
8f:b1:ae:99:f3:fa:73:1f:02:a6:9c:9a:d5:0e:a9:62:d5:56:
93:c9:a0:80
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUGeBsmiv7f1X5V628emxt4KHtuQMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNjAzMzExMjAwMDZaFw0yNzAzMzAxMjA1MDZaMDMxMTAvBgNV
BAMTKDY4Q0I2M0I5RkJFMTZEQjZENkNGRERBRUJEMThBMkY2NTRFQjE3NUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD1MPKmRkHFxwmiCHDR09zC/2KD
ywbLCAIna2anV9dEYMDotaXCZGr53GRECDZovK6dtNWkkQZXiRwxI2zbZAoy3CEn
At+z7MetCogvcBJPI7MKuVPIRcdrV7XLkVRwkJTzoGYSQjd2G7HQCThUSj4wQ+zB
FUB2pCRYHb3LBwUZRdvaQWIejq0drA1zGqPHpeENKk5mXOY1YlImOep2wdkajTeX
CwtiDfeFKTxRdeD8rzIL17uuuNmJJrYgydN9aFqbNpauYgIfVqGUex2XWyBZ3rbf
ioCyJMrpcglFHO/AeBYq0ez0aMQtXegLBCh2lt3lGftrdZwoblBBtrP0pxCpAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUaMtjufvhbbbWz92uvRii9lTrF14wHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzODM1MmUzMjMwMzUyZTMy
MzIzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNDMwMzIzNS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnN3jANBgkqhkiG9w0BAQsFAAOCAQEAi9GjiRux2+52LTEf4On3XIAzD29A
ii45kY2qK3eix8NT0oZtyc3dC/H7J4hXdSPc/EqUjZaROk4q65N3JlTBZWBZ0BCg
MMSqLSO2Btwqov2dph8mqws5+htc3PxX6IAzX0gQ51TzK9OfmDnOLjd808+m0Jao
AoIXScM6J6ErOaSD+8vPWQwQNxF0kR5Gna96JQgOq+hGz2Mm6MpWMEWnajIW01cr
8ZRj/ZHQ9Ie3qvforjjKeRk5vrMyrQMyfej1p4a+TcBx09vs5djuM6GXU2R6JyWP
3yMwo/uY2kJ/1Wb2HWRWyYIgke39j7GumfP6cx8Cppya1Q6pYtVWk8mggA==
-----END CERTIFICATE-----
Generated at Sun Apr 19 13:33:11 2026 by rpki-client