Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/1/3138352e3139302e39322e302f32322d3234203d3e20323037363435.roa
File: 3138352e3139302e39322e302f32322d3234203d3e20323037363435.roa (raw, json)
Hash identifier: wiquf0s0IJhUqNIZK/NhS15qBu64R1irAIQEbqDWqWw=
Subject key identifier: AE:B6:DA:EC:2E:6A:F5:01:5E:B3:46:80:45:B6:FC:A6:5C:DC:40:CC
Certificate issuer: /CN=a0a97e43cfdc15b02a3141f0ad097bcd079c2ed9
Certificate serial: 610756ABBDDF648877147FB433B4B147C9D185A1
Authority key identifier: A0:A9:7E:43:CF:DC:15:B0:2A:31:41:F0:AD:09:7B:CD:07:9C:2E:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKl-Q8_cFbAqMUHwrQl7zQecLtk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/1/3138352e3139302e39322e302f32322d3234203d3e20323037363435.roa
Signing time: Tue 16 Jun 2026 16:31:32 +0000
ROA not before: Tue 16 Jun 2026 16:26:32 +0000
ROA not after: Tue 15 Jun 2027 16:31:32 +0000
asID: 207645
IP address blocks: 185.190.92.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/1/A0A97E43CFDC15B02A3141F0AD097BCD079C2ED9.crl
rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/1/A0A97E43CFDC15B02A3141F0AD097BCD079C2ED9.mft
rsync://rpki.ripe.net/repository/DEFAULT/oKl-Q8_cFbAqMUHwrQl7zQecLtk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Jun 2026 08:33:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:07:56:ab:bd:df:64:88:77:14:7f:b4:33:b4:b1:47:c9:d1:85:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0a97e43cfdc15b02a3141f0ad097bcd079c2ed9
Validity
Not Before: Jun 16 16:26:32 2026 GMT
Not After : Jun 15 16:31:32 2027 GMT
Subject: CN=AEB6DAEC2E6AF5015EB3468045B6FCA65CDC40CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:48:21:7e:f0:d0:c1:7f:1f:e2:30:a2:13:8a:
4b:16:a7:ad:d4:61:84:e8:d7:d3:00:70:f4:40:9f:
db:c1:77:d3:12:ad:f6:ee:4e:e6:76:ab:4b:4c:35:
22:d0:7c:e0:0c:26:cc:da:af:84:a7:ab:1c:d6:65:
e8:6a:d6:14:4d:e1:2a:2a:eb:25:3d:16:86:e0:67:
3a:36:76:f1:51:62:23:22:54:bb:6b:9a:10:ac:af:
b7:61:51:8c:35:d6:c1:dc:bf:0f:f6:6d:45:f4:51:
b2:13:de:aa:61:ff:0b:a5:cb:be:10:23:54:c7:3f:
f8:43:7b:51:32:eb:47:5e:17:03:18:4c:55:9a:d5:
79:43:02:a0:ea:8c:70:8f:ee:28:ac:4e:7b:ea:14:
02:9e:2e:0a:8b:cb:c7:e5:47:40:cb:ee:7a:e0:d9:
cc:ad:93:8e:d0:7b:5c:94:d0:2a:58:e5:eb:5d:75:
f2:5d:cc:69:44:9e:c9:f7:bd:77:23:f1:f7:d2:5e:
a1:e9:bc:12:ce:db:73:45:cc:d6:e9:09:ff:18:cc:
20:75:8a:22:77:34:2b:ba:bc:61:51:1e:3f:71:7a:
80:71:bc:e3:99:e7:39:7d:0d:d3:c5:39:87:17:76:
b2:d7:a2:53:16:b0:05:32:3c:1d:04:71:06:38:37:
1c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:B6:DA:EC:2E:6A:F5:01:5E:B3:46:80:45:B6:FC:A6:5C:DC:40:CC
X509v3 Authority Key Identifier:
keyid:A0:A9:7E:43:CF:DC:15:B0:2A:31:41:F0:AD:09:7B:CD:07:9C:2E:D9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/1/A0A97E43CFDC15B02A3141F0AD097BCD079C2ED9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKl-Q8_cFbAqMUHwrQl7zQecLtk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/1/3138352e3139302e39322e302f32322d3234203d3e20323037363435.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.92.0/22
Signature Algorithm: sha256WithRSAEncryption
41:a3:ec:db:47:ec:65:96:c6:a9:18:13:c1:8b:c8:54:a3:00:
7a:60:a3:95:ad:41:a3:24:85:f0:aa:d6:49:aa:f1:68:45:0f:
c2:f5:4c:e0:85:72:13:a3:6a:4e:9d:6c:93:ae:39:19:3f:8d:
5a:7b:42:9e:bf:a1:f5:4a:a7:4f:af:16:6d:43:1b:9a:92:80:
b0:57:d0:ff:ba:6f:08:31:bc:b9:2e:b3:cc:0c:9f:89:81:b8:
03:26:7c:4b:ed:09:04:32:c7:fa:3d:ec:23:a9:6f:30:4e:96:
0e:96:96:49:5e:be:16:40:bd:92:c9:98:87:76:d5:b6:27:e9:
cf:40:14:a7:52:94:e4:04:53:b7:64:7c:0b:90:ad:68:4d:c8:
55:c6:48:3e:8a:35:09:a4:9d:76:02:b8:75:8a:24:af:f0:ab:
d4:92:0a:c2:80:58:82:8a:13:1c:f2:5d:90:4f:70:66:8e:10:
0a:ba:bf:27:e0:9c:35:6b:fc:44:f6:14:14:a9:98:17:a3:4a:
b7:70:cb:28:af:51:ac:c0:bf:b1:3d:16:41:fd:3d:25:62:f5:
da:c0:3b:bf:76:d0:b9:35:2b:56:29:b7:70:d7:3b:34:0a:00:
72:bd:07:d9:1d:5a:72:89:7a:6d:c5:16:ce:e0:40:41:e0:75:
51:ac:ad:4c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUYQdWq73fZIh3FH+0M7SxR8nRhaEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTBhOTdlNDNjZmRjMTViMDJhMzE0MWYwYWQwOTdiY2Qw
NzljMmVkOTAeFw0yNjA2MTYxNjI2MzJaFw0yNzA2MTUxNjMxMzJaMDMxMTAvBgNV
BAMTKEFFQjZEQUVDMkU2QUY1MDE1RUIzNDY4MDQ1QjZGQ0E2NUNEQzQwQ0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCySCF+8NDBfx/iMKITiksWp63U
YYTo19MAcPRAn9vBd9MSrfbuTuZ2q0tMNSLQfOAMJszar4SnqxzWZehq1hRN4Soq
6yU9FobgZzo2dvFRYiMiVLtrmhCsr7dhUYw11sHcvw/2bUX0UbIT3qph/wuly74Q
I1THP/hDe1Ey60deFwMYTFWa1XlDAqDqjHCP7iisTnvqFAKeLgqLy8flR0DL7nrg
2cytk47Qe1yU0CpY5etddfJdzGlEnsn3vXcj8ffSXqHpvBLO23NFzNbpCf8YzCB1
iiJ3NCu6vGFRHj9xeoBxvOOZ5zl9DdPFOYcXdrLXolMWsAUyPB0EcQY4NxxjAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUrrba7C5q9QFes0aARbb8plzcQMwwHwYDVR0j
BBgwFoAUoKl+Q8/cFbAqMUHwrQl7zQecLtkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYtNzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1
NmI2LzEvQTBBOTdFNDNDRkRDMTVCMDJBMzE0MUYwQUQwOTdCQ0QwNzlDMkVEOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL29LbC1ROF9jRmJBcU1VSHdyUWw3elFl
Y0x0ay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYt
NzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1NmI2LzEvMzEzODM1MmUzMTM5MzAyZTM5
MzIyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjMwMzczNjM0MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAK5vlwwDQYJKoZIhvcNAQELBQADggEBAEGj7NtH7GWWxqkYE8GLyFSjAHpgo5Wt
QaMkhfCq1kmq8WhFD8L1TOCFchOjak6dbJOuORk/jVp7Qp6/ofVKp0+vFm1DG5qS
gLBX0P+6bwgxvLkus8wMn4mBuAMmfEvtCQQyx/o97COpbzBOlg6WlklevhZAvZLJ
mId21bYn6c9AFKdSlOQEU7dkfAuQrWhNyFXGSD6KNQmknXYCuHWKJK/wq9SSCsKA
WIKKExzyXZBPcGaOEAq6vyfgnDVr/ET2FBSpmBejSrdwyyivUazAv7E9FkH9PSVi
9drAO7920Lk1K1Ypt3DXOzQKAHK9B9kdWnKJem3FFs7gQEHgdVGsrUw=
-----END CERTIFICATE-----
Generated at Wed Jun 17 13:02:39 2026 by rpki-client