Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3234342e39352e302f32342d3234203d3e20323039313034.roa
File: 3138352e3234342e39352e302f32342d3234203d3e20323039313034.roa (raw, json)
Hash identifier: PNy8kHfErJW4J8db5MQNciyd0WzMVWGxz0WDCg6nr0Y=
Subject key identifier: B0:62:BD:F4:51:0A:82:EC:96:AB:14:AE:9C:37:9C:2A:0E:3D:D6:E1
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 7B68E66602256C6122B2F184438C19C9580A7A75
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3234342e39352e302f32342d3234203d3e20323039313034.roa
Signing time: Mon 13 Apr 2026 07:08:41 +0000
ROA not before: Mon 13 Apr 2026 07:03:41 +0000
ROA not after: Mon 12 Apr 2027 07:08:41 +0000
asID: 209104
IP address blocks: 185.244.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 03:38:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:68:e6:66:02:25:6c:61:22:b2:f1:84:43:8c:19:c9:58:0a:7a:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Apr 13 07:03:41 2026 GMT
Not After : Apr 12 07:08:41 2027 GMT
Subject: CN=B062BDF4510A82EC96AB14AE9C379C2A0E3DD6E1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ba:7f:43:9b:a3:14:03:90:3a:d7:b7:90:58:
00:ac:1e:e7:a1:cf:e5:de:ba:44:09:36:ba:f5:79:
d9:c3:91:b1:90:ed:42:09:d3:e5:78:2f:38:b0:a7:
69:6b:09:9e:76:6a:b1:70:77:c9:88:b6:54:ff:03:
dd:37:ea:95:67:37:64:81:87:57:97:a2:40:b7:66:
bd:1e:8d:21:5a:aa:f3:09:21:a9:cc:1d:16:99:d9:
e4:21:bc:0c:98:2b:b0:72:81:5a:18:09:59:53:f8:
7e:f4:0a:1b:e7:54:08:4e:92:dd:eb:91:ee:b9:b2:
79:d3:78:c3:23:c6:36:59:b3:02:5d:12:f3:82:3e:
b9:10:84:01:b2:df:38:f2:0a:8c:5e:f5:5c:02:f2:
de:2f:e8:af:12:2d:30:ee:c9:67:32:69:81:e2:8c:
c6:4e:cc:59:2f:fd:93:88:13:ed:ce:b2:90:5d:0c:
06:bc:ec:cc:8b:ba:c8:e7:21:06:15:fa:5d:b4:b0:
f7:bf:14:63:96:20:c0:25:fd:e2:b7:37:19:9e:d4:
92:62:32:0c:21:f1:6e:0b:cc:c3:db:a5:a5:f6:ba:
10:b4:bb:28:45:f7:3d:40:d7:12:b2:e6:1d:9e:78:
00:61:4c:23:03:ff:35:ec:aa:b6:ca:65:f4:72:d6:
ba:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:62:BD:F4:51:0A:82:EC:96:AB:14:AE:9C:37:9C:2A:0E:3D:D6:E1
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3234342e39352e302f32342d3234203d3e20323039313034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.244.95.0/24
Signature Algorithm: sha256WithRSAEncryption
15:81:4c:7e:00:02:5c:4d:eb:9f:bc:6f:f8:b9:f3:e9:77:a3:
b6:0f:f2:92:d7:47:24:86:b4:5e:e1:13:83:0f:13:6b:f2:47:
4c:91:d2:bd:73:90:cd:c2:57:ec:c5:98:40:89:5a:1b:57:d9:
77:c2:8a:9c:50:ca:4f:a9:3d:eb:79:cc:75:5f:f3:1c:b5:88:
ef:c5:cb:28:f0:e1:7c:50:e1:75:9a:b9:b4:99:fc:71:3c:a7:
31:78:85:55:72:cd:d3:cd:cc:0a:11:73:bf:0e:89:29:67:7b:
59:b9:91:58:8a:a0:29:3f:61:31:5e:f1:8e:c0:4d:ab:21:a7:
7b:00:40:90:a5:bd:88:ca:a9:95:17:49:68:30:36:5a:cc:51:
be:c7:52:ce:eb:80:94:b6:19:37:4d:bd:80:50:62:7b:03:27:
60:84:c1:ca:0e:6e:a6:6f:ce:3e:af:ed:e9:b7:a9:25:9e:f2:
65:31:59:ca:ea:a3:96:76:07:eb:70:e0:a9:cb:a4:4a:5d:9f:
15:f8:ab:01:5c:5f:f5:94:0e:ec:72:dc:5d:ed:b5:88:d8:0c:
45:d5:10:e0:6e:67:ca:8d:23:b2:db:64:af:83:6c:6d:d2:45:
a1:8f:ff:50:a7:b6:a4:bd:21:4e:86:9c:82:3f:53:aa:16:10:
0a:3a:b2:a2
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUe2jmZgIlbGEisvGEQ4wZyVgKenUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNjA0MTMwNzAzNDFaFw0yNzA0MTIwNzA4NDFaMDMxMTAvBgNV
BAMTKEIwNjJCREY0NTEwQTgyRUM5NkFCMTRBRTlDMzc5QzJBMEUzREQ2RTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzun9Dm6MUA5A617eQWACsHueh
z+XeukQJNrr1ednDkbGQ7UIJ0+V4Lziwp2lrCZ52arFwd8mItlT/A9036pVnN2SB
h1eXokC3Zr0ejSFaqvMJIanMHRaZ2eQhvAyYK7BygVoYCVlT+H70ChvnVAhOkt3r
ke65snnTeMMjxjZZswJdEvOCPrkQhAGy3zjyCoxe9VwC8t4v6K8SLTDuyWcyaYHi
jMZOzFkv/ZOIE+3OspBdDAa87MyLusjnIQYV+l20sPe/FGOWIMAl/eK3Nxme1JJi
Mgwh8W4LzMPbpaX2uhC0uyhF9z1A1xKy5h2eeABhTCMD/zXsqrbKZfRy1rrjAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUsGK99FEKguyWqxSunDecKg491uEwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjM0MzQyZTM5
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzkzMTMwMzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC59F8wDQYJKoZIhvcNAQELBQADggEBABWBTH4AAlxN65+8b/i58+l3o7YP8pLX
RySGtF7hE4MPE2vyR0yR0r1zkM3CV+zFmECJWhtX2XfCipxQyk+pPet5zHVf8xy1
iO/Fyyjw4XxQ4XWaubSZ/HE8pzF4hVVyzdPNzAoRc78OiSlne1m5kViKoCk/YTFe
8Y7ATashp3sAQJClvYjKqZUXSWgwNlrMUb7HUs7rgJS2GTdNvYBQYnsDJ2CEwcoO
bqZvzj6v7em3qSWe8mUxWcrqo5Z2B+tw4KnLpEpdnxX4qwFcX/WUDuxy3F3ttYjY
DEXVEOBuZ8qNI7LbZK+DbG3SRaGP/1CntqS9IU6GnII/U6oWEAo6sqI=
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:11:49 2026 by rpki-client