Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/1/3138352e3139302e39322e302f32322d3234203d3e20323037363435.roa
File: 3138352e3139302e39322e302f32322d3234203d3e20323037363435.roa (raw, json)
Hash identifier: Pi7jb86RL1qTVro49qeYYyL2u6gvRg+kD6xKi4CT7Tw=
Subject key identifier: 8C:3D:2A:B8:1B:CE:B9:76:02:62:46:D9:97:2A:3B:54:B2:7B:F9:DF
Certificate issuer: /CN=a0a97e43cfdc15b02a3141f0ad097bcd079c2ed9
Certificate serial: 1A47AFA1BD7A904DC9B200278E13A6F10A62CAFE
Authority key identifier: A0:A9:7E:43:CF:DC:15:B0:2A:31:41:F0:AD:09:7B:CD:07:9C:2E:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKl-Q8_cFbAqMUHwrQl7zQecLtk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/1/3138352e3139302e39322e302f32322d3234203d3e20323037363435.roa
Signing time: Fri 03 Apr 2026 07:59:30 +0000
ROA not before: Fri 03 Apr 2026 07:54:30 +0000
ROA not after: Fri 02 Apr 2027 07:59:30 +0000
asID: 207645
IP address blocks: 185.190.92.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/1/A0A97E43CFDC15B02A3141F0AD097BCD079C2ED9.crl
rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/1/A0A97E43CFDC15B02A3141F0AD097BCD079C2ED9.mft
rsync://rpki.ripe.net/repository/DEFAULT/oKl-Q8_cFbAqMUHwrQl7zQecLtk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:47:af:a1:bd:7a:90:4d:c9:b2:00:27:8e:13:a6:f1:0a:62:ca:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0a97e43cfdc15b02a3141f0ad097bcd079c2ed9
Validity
Not Before: Apr 3 07:54:30 2026 GMT
Not After : Apr 2 07:59:30 2027 GMT
Subject: CN=8C3D2AB81BCEB976026246D9972A3B54B27BF9DF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:66:79:a6:6b:07:3e:c2:75:20:f8:27:d1:48:
35:b0:8f:43:39:1a:24:8b:2a:83:de:e0:77:1d:4f:
7c:d5:90:c1:e7:ae:c1:ec:7b:b5:76:cc:56:af:69:
34:4d:82:9c:ae:67:66:06:6c:86:7e:3d:4b:fc:fc:
c1:bc:47:12:e4:a2:37:bc:19:10:3c:b9:77:97:2c:
e7:23:e5:c7:3e:6e:59:8f:ce:5a:f3:27:11:3a:5f:
ec:bc:bd:94:db:77:55:d7:fc:18:f5:f5:cf:18:f3:
b0:04:0c:92:dd:0f:db:a5:fe:b0:3a:47:e9:e4:d8:
6d:31:47:03:f0:17:f1:5e:c0:91:48:70:02:37:81:
c0:d3:de:d9:fa:86:65:a7:8a:9c:bb:86:fb:f6:98:
d7:77:32:a3:43:44:a2:8d:ac:9b:a1:a9:a6:72:60:
d6:36:c6:8b:b8:69:d2:6e:d0:5b:1b:3f:3d:e7:28:
1b:b3:61:50:05:31:c7:d2:95:ab:36:a3:0f:e0:39:
02:71:39:ee:ee:62:df:01:d6:bf:ff:3c:a1:ca:ef:
8e:3b:4f:79:5d:99:83:dd:b9:ef:cf:b4:8c:5d:2e:
58:d5:24:70:b0:96:22:84:78:5f:3d:9d:8d:a0:f8:
9f:41:c0:63:9f:02:12:97:5f:77:55:77:0f:04:b0:
19:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:3D:2A:B8:1B:CE:B9:76:02:62:46:D9:97:2A:3B:54:B2:7B:F9:DF
X509v3 Authority Key Identifier:
keyid:A0:A9:7E:43:CF:DC:15:B0:2A:31:41:F0:AD:09:7B:CD:07:9C:2E:D9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/1/A0A97E43CFDC15B02A3141F0AD097BCD079C2ED9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKl-Q8_cFbAqMUHwrQl7zQecLtk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/1/3138352e3139302e39322e302f32322d3234203d3e20323037363435.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.92.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:1c:e3:a6:e9:3e:e6:08:70:28:1a:d3:14:1a:5b:b2:ac:00:
e8:94:da:9f:db:16:4f:2f:58:15:e5:a6:86:64:db:a0:01:38:
4a:a2:b0:3b:8c:76:68:a4:bd:dd:03:1c:fd:97:cb:f3:8b:81:
29:90:ed:17:0e:f9:b9:72:17:c0:1b:60:d4:40:f7:a0:ff:3e:
59:61:51:37:e7:c1:66:2e:ec:9b:4b:6d:21:08:2c:cf:e9:47:
e3:a8:97:fb:de:36:8f:e6:97:10:6a:b1:f0:b7:55:22:fd:5c:
02:a3:14:30:23:07:36:66:76:52:a4:28:21:97:e0:8a:92:d1:
5d:46:89:24:51:9a:c7:f0:95:cb:aa:e3:2b:75:aa:c8:72:5b:
9a:3e:de:33:9e:1e:c6:1e:80:2b:b4:b3:e9:7a:4a:f7:b0:54:
93:73:54:74:76:45:11:17:bb:99:cb:31:71:64:0e:91:98:dc:
3b:ab:26:58:d1:b8:84:90:e9:d9:84:cb:94:94:01:f1:8b:51:
59:72:a5:44:87:b6:8d:29:b4:b1:ce:02:57:49:c1:d3:e1:20:
84:30:19:f3:9f:e8:18:e8:e6:76:b7:f3:cd:01:27:1e:1d:f3:
02:d2:85:63:65:c2:1f:82:3c:f8:1c:ed:11:9f:e0:c1:09:e3:
f7:9f:0e:f4
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUGkevob16kE3JsgAnjhOm8Qpiyv4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTBhOTdlNDNjZmRjMTViMDJhMzE0MWYwYWQwOTdiY2Qw
NzljMmVkOTAeFw0yNjA0MDMwNzU0MzBaFw0yNzA0MDIwNzU5MzBaMDMxMTAvBgNV
BAMTKDhDM0QyQUI4MUJDRUI5NzYwMjYyNDZEOTk3MkEzQjU0QjI3QkY5REYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCRZnmmawc+wnUg+CfRSDWwj0M5
GiSLKoPe4HcdT3zVkMHnrsHse7V2zFavaTRNgpyuZ2YGbIZ+PUv8/MG8RxLkoje8
GRA8uXeXLOcj5cc+blmPzlrzJxE6X+y8vZTbd1XX/Bj19c8Y87AEDJLdD9ul/rA6
R+nk2G0xRwPwF/FewJFIcAI3gcDT3tn6hmWnipy7hvv2mNd3MqNDRKKNrJuhqaZy
YNY2xou4adJu0FsbPz3nKBuzYVAFMcfSlas2ow/gOQJxOe7uYt8B1r//PKHK7447
T3ldmYPdue/PtIxdLljVJHCwliKEeF89nY2g+J9BwGOfAhKXX3dVdw8EsBnHAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUjD0quBvOuXYCYkbZlyo7VLJ7+d8wHwYDVR0j
BBgwFoAUoKl+Q8/cFbAqMUHwrQl7zQecLtkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYtNzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1
NmI2LzEvQTBBOTdFNDNDRkRDMTVCMDJBMzE0MUYwQUQwOTdCQ0QwNzlDMkVEOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL29LbC1ROF9jRmJBcU1VSHdyUWw3elFl
Y0x0ay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYt
NzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1NmI2LzEvMzEzODM1MmUzMTM5MzAyZTM5
MzIyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjMwMzczNjM0MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAK5vlwwDQYJKoZIhvcNAQELBQADggEBALAc46bpPuYIcCga0xQaW7KsAOiU2p/b
Fk8vWBXlpoZk26ABOEqisDuMdmikvd0DHP2Xy/OLgSmQ7RcO+blyF8AbYNRA96D/
PllhUTfnwWYu7JtLbSEILM/pR+Ool/veNo/mlxBqsfC3VSL9XAKjFDAjBzZmdlKk
KCGX4IqS0V1GiSRRmsfwlcuq4yt1qshyW5o+3jOeHsYegCu0s+l6SvewVJNzVHR2
RREXu5nLMXFkDpGY3DurJljRuISQ6dmEy5SUAfGLUVlypUSHto0ptLHOAldJwdPh
IIQwGfOf6Bjo5na3880BJx4d8wLShWNlwh+CPPgc7RGf4MEJ4/efDvQ=
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:55:09 2026 by rpki-client