Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230312e302f32342d3234203d3e20323030303137.roa
File: 3138352e3232392e3230312e302f32342d3234203d3e20323030303137.roa (raw, json)
Hash identifier: PCz6aeIUTtC34FXSr6irNuWXyhZRMV7yjZ9OeA9cKuk=
Subject key identifier: 26:8F:68:1D:E4:6E:53:F9:FE:80:D9:F5:B3:41:17:BC:C8:D7:8C:B5
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 38CA8ADB83C922174EBE32D21FD67FE59C88DE84
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230312e302f32342d3234203d3e20323030303137.roa
Signing time: Wed 04 Feb 2026 15:55:36 +0000
ROA not before: Wed 04 Feb 2026 15:50:36 +0000
ROA not after: Wed 03 Feb 2027 15:55:36 +0000
asID: 200017
IP address blocks: 185.229.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 20:25:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:ca:8a:db:83:c9:22:17:4e:be:32:d2:1f:d6:7f:e5:9c:88:de:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Feb 4 15:50:36 2026 GMT
Not After : Feb 3 15:55:36 2027 GMT
Subject: CN=268F681DE46E53F9FE80D9F5B34117BCC8D78CB5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:20:c2:0d:39:2f:80:50:f9:9e:1f:64:17:83:
f4:36:ee:6c:31:f2:0a:33:25:df:b3:9a:ee:11:24:
85:e1:28:6a:ce:5e:e8:4f:1c:96:e4:d8:99:29:0f:
dd:6d:f6:ee:88:0b:f7:14:95:04:20:08:08:cd:fc:
d3:e0:52:dc:d5:72:b6:93:16:be:15:45:73:3b:cd:
7d:f9:7f:b8:63:0a:58:4b:94:ff:25:6a:50:d7:52:
8a:f5:47:b4:cb:f1:ea:da:be:96:dd:85:98:25:b6:
3a:7d:4a:de:1c:83:db:f9:76:bd:ee:74:47:da:a3:
5a:5a:7d:bf:b1:0f:99:f8:20:5c:05:89:59:98:b8:
e8:62:9b:3a:5e:ef:2e:89:23:ca:0d:03:bb:ba:c8:
6c:ad:d8:1a:73:6b:ee:d0:2b:29:80:a7:41:93:b8:
53:7d:61:60:2b:84:24:4b:e5:70:69:5b:28:1c:15:
d8:a7:18:87:01:09:6d:30:b5:86:cb:9a:37:c1:27:
c2:3c:05:1e:3d:e1:53:f4:53:4b:90:9c:0a:10:28:
d8:b2:95:82:0b:c5:ac:4b:7c:3d:df:c1:cf:bd:5d:
5f:8c:7f:4c:56:39:95:27:00:54:5f:36:83:f1:d9:
2c:0d:f1:41:33:57:67:e0:de:3d:f5:55:85:32:9b:
5e:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:8F:68:1D:E4:6E:53:F9:FE:80:D9:F5:B3:41:17:BC:C8:D7:8C:B5
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230312e302f32342d3234203d3e20323030303137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.201.0/24
Signature Algorithm: sha256WithRSAEncryption
12:b0:26:3f:e4:3f:a2:61:44:58:74:89:19:e8:cf:50:7a:7d:
42:e5:35:6c:19:3a:4f:7f:ed:64:96:22:1e:cd:12:f4:d4:7e:
b3:e5:61:87:d7:81:62:0a:9a:46:f8:a5:89:58:59:49:a0:c3:
05:52:bd:55:66:17:23:2d:df:26:43:b0:91:52:13:d0:8e:07:
e1:8e:36:01:7d:dd:3a:3d:5f:40:a6:46:cd:bd:b7:8c:7a:57:
93:04:49:f8:3b:a4:4f:51:7f:e3:ec:a9:58:fe:5d:89:ab:99:
7c:22:ec:88:a7:eb:85:ee:de:6b:b7:d5:1b:f1:ef:c5:92:db:
e9:4c:bb:72:43:5c:8c:98:69:71:d5:2f:a2:b2:a7:33:7b:50:
2c:f6:e7:86:14:d7:e6:b6:d5:2f:72:3e:03:a1:a0:13:9a:dd:
51:c3:01:79:ea:9e:50:d2:3b:fa:78:75:4f:ab:ce:bf:ec:b5:
e8:c0:7c:1a:90:5f:df:69:77:85:f4:8b:80:6e:90:36:8c:e7:
81:67:0e:74:e6:64:98:d5:ba:08:19:b8:b7:12:71:96:41:4b:
95:20:66:02:97:09:6b:e2:a6:45:c4:ee:d7:9e:9a:7c:9d:69:
9a:05:c1:4c:fc:70:f8:d4:94:00:29:55:2e:70:bc:5b:af:7e:
a8:3f:fa:ba
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUOMqK24PJIhdOvjLSH9Z/5ZyI3oQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNjAyMDQxNTUwMzZaFw0yNzAyMDMxNTU1MzZaMDMxMTAvBgNV
BAMTKDI2OEY2ODFERTQ2RTUzRjlGRTgwRDlGNUIzNDExN0JDQzhENzhDQjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpIMINOS+AUPmeH2QXg/Q27mwx
8gozJd+zmu4RJIXhKGrOXuhPHJbk2JkpD91t9u6IC/cUlQQgCAjN/NPgUtzVcraT
Fr4VRXM7zX35f7hjClhLlP8lalDXUor1R7TL8eravpbdhZgltjp9St4cg9v5dr3u
dEfao1pafb+xD5n4IFwFiVmYuOhimzpe7y6JI8oNA7u6yGyt2Bpza+7QKymAp0GT
uFN9YWArhCRL5XBpWygcFdinGIcBCW0wtYbLmjfBJ8I8BR494VP0U0uQnAoQKNiy
lYILxaxLfD3fwc+9XV+Mf0xWOZUnAFRfNoPx2SwN8UEzV2fg3j31VYUym14nAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUJo9oHeRuU/n+gNn1s0EXvMjXjLUwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjMyMzkyZTMy
MzAzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMDMwMzEzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnlyTANBgkqhkiG9w0BAQsFAAOCAQEAErAmP+Q/omFEWHSJGejPUHp9QuU1
bBk6T3/tZJYiHs0S9NR+s+Vhh9eBYgqaRviliVhZSaDDBVK9VWYXIy3fJkOwkVIT
0I4H4Y42AX3dOj1fQKZGzb23jHpXkwRJ+DukT1F/4+ypWP5diauZfCLsiKfrhe7e
a7fVG/HvxZLb6Uy7ckNcjJhpcdUvorKnM3tQLPbnhhTX5rbVL3I+A6GgE5rdUcMB
eeqeUNI7+nh1T6vOv+y16MB8GpBf32l3hfSLgG6QNozngWcOdOZkmNW6CBm4txJx
lkFLlSBmApcJa+KmRcTu156afJ1pmgXBTPxw+NSUAClVLnC8W69+qD/6ug==
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:21:05 2026 by rpki-client