Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/3/3138352e3230302e3231312e302f32342d3234203d3e203136353039.roa
File: 3138352e3230302e3231312e302f32342d3234203d3e203136353039.roa (raw, json)
Hash identifier: gHl9NlfVjA+KTXiLSEpXJhNXImzXFqsKFvp5vKD6g+c=
Subject key identifier: 2A:8B:FD:E4:F8:77:E1:8D:0A:41:BF:EB:75:BD:D7:BB:BE:55:FF:B7
Certificate issuer: /CN=fddee908a9ad2dfbe32ff35b402a5ab2198dc907
Certificate serial: 1745ED58B24AC9515EBFD637C1F56D2273A0257F
Authority key identifier: FD:DE:E9:08:A9:AD:2D:FB:E3:2F:F3:5B:40:2A:5A:B2:19:8D:C9:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_d7pCKmtLfvjL_NbQCpashmNyQc.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/3/3138352e3230302e3231312e302f32342d3234203d3e203136353039.roa
Signing time: Wed 08 Apr 2026 11:43:35 +0000
ROA not before: Wed 08 Apr 2026 11:38:35 +0000
ROA not after: Wed 07 Apr 2027 11:43:35 +0000
asID: 16509
IP address blocks: 185.200.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/3/FDDEE908A9AD2DFBE32FF35B402A5AB2198DC907.crl
rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/3/FDDEE908A9AD2DFBE32FF35B402A5AB2198DC907.mft
rsync://rpki.ripe.net/repository/DEFAULT/_d7pCKmtLfvjL_NbQCpashmNyQc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:45:ed:58:b2:4a:c9:51:5e:bf:d6:37:c1:f5:6d:22:73:a0:25:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fddee908a9ad2dfbe32ff35b402a5ab2198dc907
Validity
Not Before: Apr 8 11:38:35 2026 GMT
Not After : Apr 7 11:43:35 2027 GMT
Subject: CN=2A8BFDE4F877E18D0A41BFEB75BDD7BBBE55FFB7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:28:e1:e7:4f:2a:65:87:f8:3c:55:50:1f:27:
51:86:e8:a7:b1:b4:38:62:ca:f4:38:fb:06:d1:bc:
ae:c1:04:cc:5b:61:f3:e2:fb:ff:3f:4f:27:9b:99:
4c:e4:ad:61:04:49:58:29:68:bc:42:08:8e:0a:90:
bd:f7:87:3b:c3:bc:0f:9d:75:0f:97:43:50:55:49:
8d:9f:c4:f4:5a:b3:07:03:de:e9:83:5f:86:6f:92:
7f:40:a6:66:c1:37:1c:27:94:74:43:da:24:17:34:
da:35:e8:5e:af:30:65:4a:a2:05:7a:c6:71:ad:5d:
5d:77:87:7b:5f:bf:71:1e:6a:dc:58:86:0a:6e:76:
7a:d9:b2:36:be:64:b8:10:ea:de:e6:9a:19:99:8d:
5b:15:7e:c0:b0:0f:e6:22:0d:0f:d9:9d:ee:47:45:
c0:0c:9f:fe:1d:a6:19:2b:8d:4c:81:7a:8f:f9:72:
88:2d:47:9e:73:12:95:f9:5d:fb:1c:c1:85:b4:6a:
3b:66:98:81:9d:3c:c4:a8:dd:d5:94:79:84:bf:13:
40:fb:e9:36:34:14:56:b3:90:70:d9:6c:cb:cb:9c:
34:c2:6d:4b:6f:9e:0e:b3:2b:39:32:58:a4:45:cc:
71:fa:45:df:3a:f2:89:4d:e7:7a:43:dd:29:ec:7b:
8b:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:8B:FD:E4:F8:77:E1:8D:0A:41:BF:EB:75:BD:D7:BB:BE:55:FF:B7
X509v3 Authority Key Identifier:
keyid:FD:DE:E9:08:A9:AD:2D:FB:E3:2F:F3:5B:40:2A:5A:B2:19:8D:C9:07
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/3/FDDEE908A9AD2DFBE32FF35B402A5AB2198DC907.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_d7pCKmtLfvjL_NbQCpashmNyQc.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/3/3138352e3230302e3231312e302f32342d3234203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.211.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:68:39:6a:b7:ba:d3:86:5d:0c:60:82:c2:14:50:3f:1b:96:
86:60:d6:c6:66:af:e2:0e:78:82:33:e4:f9:42:82:46:2f:2d:
05:95:a6:22:be:d6:10:3a:40:37:d2:15:6d:ab:2d:dc:f3:00:
f4:5c:e9:7f:59:b3:de:e4:3d:15:65:5b:f5:d4:b9:10:cc:3d:
37:53:c1:14:56:4f:81:d9:c2:3c:40:32:ed:38:c6:ee:69:bb:
9c:5d:31:ba:60:83:39:6c:61:3e:25:ac:43:80:9d:65:13:97:
b9:0a:69:14:1a:32:11:d5:73:d3:81:57:19:b8:3d:7a:a9:e9:
33:a7:eb:2a:f5:10:7c:32:e9:61:d5:3e:08:24:ec:61:02:14:
67:97:9e:6e:46:53:64:42:31:a9:97:94:f7:36:bf:6f:58:0f:
01:1f:c8:54:af:ae:38:88:ef:f5:41:7b:d6:0d:e7:62:da:d2:
97:ad:b8:02:b9:38:6b:ef:3b:73:87:de:44:6b:8f:01:ef:f1:
e2:47:4f:a3:b3:5e:be:05:f3:17:08:f2:04:55:3d:46:1f:99:
18:27:b0:e5:3c:5a:2b:44:a2:48:8b:87:e8:ec:1b:19:eb:07:
22:89:53:f8:ae:61:aa:bc:b7:16:80:fe:8c:e4:06:91:c2:6f:
f5:e8:63:5b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUF0XtWLJKyVFev9Y3wfVtInOgJX8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmRkZWU5MDhhOWFkMmRmYmUzMmZmMzViNDAyYTVhYjIx
OThkYzkwNzAeFw0yNjA0MDgxMTM4MzVaFw0yNzA0MDcxMTQzMzVaMDMxMTAvBgNV
BAMTKDJBOEJGREU0Rjg3N0UxOEQwQTQxQkZFQjc1QkREN0JCQkU1NUZGQjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPKOHnTyplh/g8VVAfJ1GG6Kex
tDhiyvQ4+wbRvK7BBMxbYfPi+/8/TyebmUzkrWEESVgpaLxCCI4KkL33hzvDvA+d
dQ+XQ1BVSY2fxPRaswcD3umDX4Zvkn9ApmbBNxwnlHRD2iQXNNo16F6vMGVKogV6
xnGtXV13h3tfv3EeatxYhgpudnrZsja+ZLgQ6t7mmhmZjVsVfsCwD+YiDQ/Zne5H
RcAMn/4dphkrjUyBeo/5cogtR55zEpX5XfscwYW0ajtmmIGdPMSo3dWUeYS/E0D7
6TY0FFazkHDZbMvLnDTCbUtvng6zKzkyWKRFzHH6Rd868olN53pD3Snse4tjAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUKov95Ph34Y0KQb/rdb3Xu75V/7cwHwYDVR0j
BBgwFoAU/d7pCKmtLfvjL/NbQCpashmNyQcwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYtNzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1
NmI2LzMvRkRERUU5MDhBOUFEMkRGQkUzMkZGMzVCNDAyQTVBQjIxOThEQzkwNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL19kN3BDS210TGZ2akxfTmJRQ3Bhc2ht
TnlRYy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYt
NzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1NmI2LzMvMzEzODM1MmUzMjMwMzAyZTMy
MzEzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzYzNTMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5yNMwDQYJKoZIhvcNAQELBQADggEBAE5oOWq3utOGXQxggsIUUD8bloZg1sZm
r+IOeIIz5PlCgkYvLQWVpiK+1hA6QDfSFW2rLdzzAPRc6X9Zs97kPRVlW/XUuRDM
PTdTwRRWT4HZwjxAMu04xu5pu5xdMbpggzlsYT4lrEOAnWUTl7kKaRQaMhHVc9OB
Vxm4PXqp6TOn6yr1EHwy6WHVPggk7GECFGeXnm5GU2RCMamXlPc2v29YDwEfyFSv
rjiI7/VBe9YN52La0petuAK5OGvvO3OH3kRrjwHv8eJHT6OzXr4F8xcI8gRVPUYf
mRgnsOU8WitEokiLh+jsGxnrByKJU/iuYaq8txaA/ozkBpHCb/XoY1s=
-----END CERTIFICATE-----
Generated at Fri Apr 17 03:37:41 2026 by rpki-client