Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137322e302f32342d3234203d3e20313939373630.roa
File: 3138352e3137322e3137322e302f32342d3234203d3e20313939373630.roa (raw, json)
Hash identifier: EHP+b1Vl55gf4AmaYeE3dC3vcDiJsdCH7PZbgP+EP/o=
Subject key identifier: 5B:84:10:8A:8A:37:D1:E2:A7:89:04:44:2A:E4:FC:42:83:A9:CB:92
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 79DA755D1BF19CD9D2972ABF666093D14484F2AD
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137322e302f32342d3234203d3e20313939373630.roa
Signing time: Thu 12 Feb 2026 15:55:38 +0000
ROA not before: Thu 12 Feb 2026 15:50:38 +0000
ROA not after: Thu 11 Feb 2027 15:55:38 +0000
asID: 199760
IP address blocks: 185.172.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 03:34:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:da:75:5d:1b:f1:9c:d9:d2:97:2a:bf:66:60:93:d1:44:84:f2:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Feb 12 15:50:38 2026 GMT
Not After : Feb 11 15:55:38 2027 GMT
Subject: CN=5B84108A8A37D1E2A78904442AE4FC4283A9CB92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:20:0f:7b:58:a8:0c:d0:55:4e:15:a8:33:b0:
11:9a:ed:24:a0:45:18:a9:cb:43:04:91:90:58:02:
c5:87:61:2c:bb:7b:24:30:f4:66:bc:bc:f1:89:9d:
fd:23:bb:5d:b7:50:33:ee:c4:8c:4b:89:8c:ed:69:
a7:45:de:c7:e2:19:7f:6b:49:de:25:ec:dc:c5:22:
8b:15:a2:2f:9c:d2:25:95:41:cd:79:81:a6:92:15:
01:d4:32:da:94:a6:5c:94:c9:20:7d:c8:a6:c9:da:
15:f9:ee:67:6e:2a:f8:3c:4c:65:90:9d:c5:41:25:
9c:b2:45:8e:e8:8a:69:b7:e2:55:66:d2:27:0f:c9:
d8:02:7b:eb:f0:c5:17:b7:da:d7:08:b1:d2:6c:ff:
65:39:70:b6:31:98:8e:68:7e:6a:13:c1:2f:16:e0:
9c:f5:bf:dc:78:62:d8:6e:52:78:c1:4b:0c:d9:09:
6d:5c:a5:35:2e:bc:af:37:14:a5:d2:61:9b:25:8b:
cb:44:08:4f:13:5b:ed:6d:ef:95:54:cd:39:2f:c8:
20:a1:41:ed:e4:5c:ff:2a:11:ee:79:27:76:b1:51:
d5:6e:01:42:b1:59:37:5a:0e:9d:79:c6:b1:ed:4a:
1b:06:c1:07:8d:ba:1f:b9:d4:86:2c:4d:1d:80:81:
ea:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:84:10:8A:8A:37:D1:E2:A7:89:04:44:2A:E4:FC:42:83:A9:CB:92
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137322e302f32342d3234203d3e20313939373630.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.172.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:71:b0:f0:67:d9:ff:04:fc:aa:61:f1:60:33:28:a3:85:dc:
25:6b:4d:ad:a2:14:aa:b4:60:ac:6e:6b:bd:42:d8:67:80:de:
82:ac:fc:72:27:eb:10:53:11:1d:dc:8e:98:bf:0b:46:18:ae:
69:07:c2:c1:28:e2:8b:f5:f2:14:e7:15:70:6b:7e:55:ea:0c:
ca:13:0f:48:ef:ac:ed:b7:ad:2a:da:99:73:6b:01:01:11:38:
49:0a:fd:5e:e5:89:a2:42:8b:72:9b:3f:d9:ba:9c:29:0e:f3:
f2:59:3d:c2:3c:79:99:34:26:79:be:40:a8:03:f7:da:d5:d0:
08:24:5c:59:15:52:cb:c7:05:a3:92:6d:4a:aa:4d:08:cf:3b:
23:e1:f5:a8:80:f6:a5:24:7b:86:3f:dd:e9:bc:a2:d6:f0:dc:
e4:de:66:1c:6c:1c:c6:2f:28:6d:dd:10:f1:b5:0a:72:ed:44:
88:06:6f:ee:de:21:79:9b:7d:09:c6:38:f2:8b:23:27:e7:12:
7f:e0:26:fd:ed:04:0a:86:2a:b4:bb:06:98:e0:90:64:3a:0b:
3f:42:29:06:a2:51:2f:16:8e:20:4a:09:b2:ca:38:8b:70:69:
c5:47:b3:b1:ab:73:95:1c:66:83:ee:9f:1d:83:f0:8b:19:37:
ee:75:22:57
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUedp1XRvxnNnSlyq/ZmCT0USE8q0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNjAyMTIxNTUwMzhaFw0yNzAyMTExNTU1MzhaMDMxMTAvBgNV
BAMTKDVCODQxMDhBOEEzN0QxRTJBNzg5MDQ0NDJBRTRGQzQyODNBOUNCOTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpIA97WKgM0FVOFagzsBGa7SSg
RRipy0MEkZBYAsWHYSy7eyQw9Ga8vPGJnf0ju123UDPuxIxLiYztaadF3sfiGX9r
Sd4l7NzFIosVoi+c0iWVQc15gaaSFQHUMtqUplyUySB9yKbJ2hX57mduKvg8TGWQ
ncVBJZyyRY7oimm34lVm0icPydgCe+vwxRe32tcIsdJs/2U5cLYxmI5ofmoTwS8W
4Jz1v9x4YthuUnjBSwzZCW1cpTUuvK83FKXSYZsli8tECE8TW+1t75VUzTkvyCCh
Qe3kXP8qEe55J3axUdVuAUKxWTdaDp15xrHtShsGwQeNuh+51IYsTR2AgepdAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUW4QQioo30eKniQREKuT8QoOpy5IwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzODM1MmUzMTM3MzIyZTMx
MzczMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzkzOTM3MzYzMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALmsrDANBgkqhkiG9w0BAQsFAAOCAQEAfXGw8GfZ/wT8qmHxYDMoo4XcJWtN
raIUqrRgrG5rvULYZ4Degqz8cifrEFMRHdyOmL8LRhiuaQfCwSjii/XyFOcVcGt+
VeoMyhMPSO+s7betKtqZc2sBARE4SQr9XuWJokKLcps/2bqcKQ7z8lk9wjx5mTQm
eb5AqAP32tXQCCRcWRVSy8cFo5JtSqpNCM87I+H1qID2pSR7hj/d6byi1vDc5N5m
HGwcxi8obd0Q8bUKcu1EiAZv7t4heZt9CcY48osjJ+cSf+Am/e0ECoYqtLsGmOCQ
ZDoLP0IpBqJRLxaOIEoJsso4i3BpxUezsatzlRxmg+6fHYPwixk37nUiVw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:53:50 2026 by rpki-client