Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/3/3138352e3230302e3231302e302f32342d3234203d3e203137353631.roa
File: 3138352e3230302e3231302e302f32342d3234203d3e203137353631.roa (raw, json)
Hash identifier: G6lIA/eIW9SxYnXkDwa8m2NW9IQOTL6PtYyIcf8oEII=
Subject key identifier: 83:46:BA:50:FB:09:55:B4:33:73:A1:BE:09:0C:94:04:19:30:D2:4A
Certificate issuer: /CN=fddee908a9ad2dfbe32ff35b402a5ab2198dc907
Certificate serial: 0BC3409297B4C4904F3E53E4B175EAA4CDBD79DB
Authority key identifier: FD:DE:E9:08:A9:AD:2D:FB:E3:2F:F3:5B:40:2A:5A:B2:19:8D:C9:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_d7pCKmtLfvjL_NbQCpashmNyQc.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/3/3138352e3230302e3231302e302f32342d3234203d3e203137353631.roa
Signing time: Thu 09 Apr 2026 08:33:21 +0000
ROA not before: Thu 09 Apr 2026 08:28:21 +0000
ROA not after: Thu 08 Apr 2027 08:33:21 +0000
asID: 17561
IP address blocks: 185.200.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/3/FDDEE908A9AD2DFBE32FF35B402A5AB2198DC907.crl
rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/3/FDDEE908A9AD2DFBE32FF35B402A5AB2198DC907.mft
rsync://rpki.ripe.net/repository/DEFAULT/_d7pCKmtLfvjL_NbQCpashmNyQc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:c3:40:92:97:b4:c4:90:4f:3e:53:e4:b1:75:ea:a4:cd:bd:79:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fddee908a9ad2dfbe32ff35b402a5ab2198dc907
Validity
Not Before: Apr 9 08:28:21 2026 GMT
Not After : Apr 8 08:33:21 2027 GMT
Subject: CN=8346BA50FB0955B43373A1BE090C94041930D24A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c3:18:ea:b6:a1:45:eb:6e:81:a6:e7:06:83:
81:6d:f7:df:55:5a:fd:88:88:c3:46:09:b3:76:ae:
d7:d6:d6:1f:df:30:b4:2c:e9:67:d9:07:4f:65:9c:
af:28:46:1f:89:b5:5b:d0:94:48:5d:a9:ad:73:00:
b7:1a:84:b2:10:47:eb:f5:35:30:ca:a3:45:8b:b9:
5d:1a:92:e3:35:05:e7:a7:3e:50:9a:e0:b1:5a:8c:
fa:e1:18:75:b9:0b:e4:2f:9c:12:eb:d2:d6:f3:53:
b5:50:e9:d0:05:69:e8:b9:2c:2d:43:79:12:1b:c9:
8d:40:89:44:46:b6:c1:fd:91:2e:89:11:a9:6f:48:
58:f7:5a:65:96:1b:d6:06:e0:5d:47:a5:9c:42:64:
d9:ea:89:64:ef:d6:db:76:0c:4b:87:a0:c8:f7:9d:
6d:47:a1:97:0c:51:72:50:2f:64:52:4c:58:8c:e5:
45:eb:4b:a9:ee:c4:d9:f7:2a:95:52:8a:18:5d:fd:
e0:a9:91:03:99:db:ad:fe:66:d3:37:29:3b:55:c2:
fb:23:5c:3c:c2:49:09:22:f2:36:76:24:7a:3d:46:
65:4c:7f:17:04:d5:8a:43:70:eb:ff:b2:0b:52:cb:
ec:df:76:60:ed:4e:58:3d:b1:a7:22:45:15:06:d6:
84:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:46:BA:50:FB:09:55:B4:33:73:A1:BE:09:0C:94:04:19:30:D2:4A
X509v3 Authority Key Identifier:
keyid:FD:DE:E9:08:A9:AD:2D:FB:E3:2F:F3:5B:40:2A:5A:B2:19:8D:C9:07
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/3/FDDEE908A9AD2DFBE32FF35B402A5AB2198DC907.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_d7pCKmtLfvjL_NbQCpashmNyQc.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/3/3138352e3230302e3231302e302f32342d3234203d3e203137353631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.210.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:cd:f5:22:a4:6c:10:40:17:03:6e:8e:4f:d6:0d:ad:f0:f3:
60:0a:3f:92:e6:55:bf:19:e0:b6:c2:fa:bf:1d:6d:0d:69:d0:
fc:67:25:35:27:5b:97:a9:8c:26:4e:7b:95:77:ef:f3:b5:6f:
d4:c9:14:8e:55:24:d0:da:4c:50:75:38:d9:be:ce:21:8f:b8:
a4:62:91:07:44:6b:b8:c8:5d:b8:67:06:78:0f:31:a8:88:ca:
50:fa:92:cf:ad:63:7c:74:a0:39:6d:fe:88:fd:33:4c:dc:7b:
3e:ae:91:a0:bd:ee:4e:e1:9f:52:04:7d:bb:90:43:64:c0:a4:
ef:ba:5a:f2:4f:ea:bd:f4:08:d0:fe:11:b7:af:f5:45:b7:96:
e5:08:70:aa:37:43:c3:d0:5a:28:d2:eb:b0:49:e5:6f:0f:56:
bf:2f:21:79:b9:ca:29:b5:7a:5f:44:c7:21:26:dd:07:9a:ed:
2a:9d:a6:84:0c:26:d7:db:bf:db:df:b4:67:0c:c4:cb:ff:6e:
80:77:e2:a4:dd:4e:15:a5:48:6a:55:ac:fa:bd:38:3f:fe:b4:
b8:23:dd:32:c8:3d:6f:7a:3a:a7:9c:90:73:7e:ed:a4:93:dd:
5a:eb:49:6e:63:2a:86:4a:e4:41:94:09:18:20:6c:38:c8:73:
ff:8e:f1:df
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUC8NAkpe0xJBPPlPksXXqpM29edswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmRkZWU5MDhhOWFkMmRmYmUzMmZmMzViNDAyYTVhYjIx
OThkYzkwNzAeFw0yNjA0MDkwODI4MjFaFw0yNzA0MDgwODMzMjFaMDMxMTAvBgNV
BAMTKDgzNDZCQTUwRkIwOTU1QjQzMzczQTFCRTA5MEM5NDA0MTkzMEQyNEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrwxjqtqFF626BpucGg4Ft999V
Wv2IiMNGCbN2rtfW1h/fMLQs6WfZB09lnK8oRh+JtVvQlEhdqa1zALcahLIQR+v1
NTDKo0WLuV0akuM1BeenPlCa4LFajPrhGHW5C+QvnBLr0tbzU7VQ6dAFaei5LC1D
eRIbyY1AiURGtsH9kS6JEalvSFj3WmWWG9YG4F1HpZxCZNnqiWTv1tt2DEuHoMj3
nW1HoZcMUXJQL2RSTFiM5UXrS6nuxNn3KpVSihhd/eCpkQOZ263+ZtM3KTtVwvsj
XDzCSQki8jZ2JHo9RmVMfxcE1YpDcOv/sgtSy+zfdmDtTlg9saciRRUG1oTzAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUg0a6UPsJVbQzc6G+CQyUBBkw0kowHwYDVR0j
BBgwFoAU/d7pCKmtLfvjL/NbQCpashmNyQcwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYtNzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1
NmI2LzMvRkRERUU5MDhBOUFEMkRGQkUzMkZGMzVCNDAyQTVBQjIxOThEQzkwNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL19kN3BDS210TGZ2akxfTmJRQ3Bhc2ht
TnlRYy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYt
NzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1NmI2LzMvMzEzODM1MmUzMjMwMzAyZTMy
MzEzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzczNTM2MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5yNIwDQYJKoZIhvcNAQELBQADggEBAArN9SKkbBBAFwNujk/WDa3w82AKP5Lm
Vb8Z4LbC+r8dbQ1p0PxnJTUnW5epjCZOe5V37/O1b9TJFI5VJNDaTFB1ONm+ziGP
uKRikQdEa7jIXbhnBngPMaiIylD6ks+tY3x0oDlt/oj9M0zcez6ukaC97k7hn1IE
fbuQQ2TApO+6WvJP6r30CND+Ebev9UW3luUIcKo3Q8PQWijS67BJ5W8PVr8vIXm5
yim1el9ExyEm3Qea7SqdpoQMJtfbv9vftGcMxMv/boB34qTdThWlSGpVrPq9OD/+
tLgj3TLIPW96OqeckHN+7aST3VrrSW5jKoZK5EGUCRggbDjIc/+O8d8=
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:01:36 2026 by rpki-client