Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c8d08b30-64c7-404b-9873-2e04bd74c140/0/3138352e3131362e39312e302f32342d3234203d3e20323132393830.roa
File: 3138352e3131362e39312e302f32342d3234203d3e20323132393830.roa (raw, json)
Hash identifier: XeH083FL+VcMYfvZ9C2HKGeBt4yco/smeEfJMlgHoi8=
Subject key identifier: 00:C1:20:03:70:AA:21:D6:D0:11:68:13:05:3B:AD:AA:21:48:57:25
Certificate issuer: /CN=d455dec4f1ebc2a64f5ccc2ee9292731eb82113d
Certificate serial: 36D1BBF73FBAD6DAF8502CC614290D5CEA3D67CF
Authority key identifier: D4:55:DE:C4:F1:EB:C2:A6:4F:5C:CC:2E:E9:29:27:31:EB:82:11:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FXexPHrwqZPXMwu6SknMeuCET0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c8d08b30-64c7-404b-9873-2e04bd74c140/0/3138352e3131362e39312e302f32342d3234203d3e20323132393830.roa
Signing time: Fri 17 Apr 2026 08:08:04 +0000
ROA not before: Fri 17 Apr 2026 08:03:04 +0000
ROA not after: Fri 16 Apr 2027 08:08:04 +0000
asID: 212980
IP address blocks: 185.116.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c8d08b30-64c7-404b-9873-2e04bd74c140/0/D455DEC4F1EBC2A64F5CCC2EE9292731EB82113D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c8d08b30-64c7-404b-9873-2e04bd74c140/0/D455DEC4F1EBC2A64F5CCC2EE9292731EB82113D.mft
rsync://rpki.ripe.net/repository/DEFAULT/1FXexPHrwqZPXMwu6SknMeuCET0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:d1:bb:f7:3f:ba:d6:da:f8:50:2c:c6:14:29:0d:5c:ea:3d:67:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d455dec4f1ebc2a64f5ccc2ee9292731eb82113d
Validity
Not Before: Apr 17 08:03:04 2026 GMT
Not After : Apr 16 08:08:04 2027 GMT
Subject: CN=00C1200370AA21D6D0116813053BADAA21485725
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:10:d3:80:86:5e:71:e4:89:c7:e9:a1:c8:5d:
66:9d:1e:f0:d3:ad:21:78:da:b2:1b:99:ae:3c:64:
f2:c7:03:a1:c6:41:41:af:b4:f7:ee:c1:24:d4:75:
c1:63:00:e0:b6:3a:4c:fd:c7:ec:9d:73:e4:ed:d9:
d2:94:d6:be:57:4d:d6:3e:dd:b3:c0:57:5b:09:a0:
4a:c1:7c:a4:32:27:be:fd:a3:a9:f6:2f:60:b3:2e:
85:0b:56:a0:94:30:64:89:4e:b6:a4:a0:3a:12:c6:
ea:ba:73:04:6b:1a:85:00:c1:76:c5:21:f0:80:01:
63:1d:e7:52:84:9e:df:29:dc:43:5f:ac:10:95:7d:
7c:ea:18:ae:4b:f5:f1:bd:e0:70:ac:f5:a2:6b:cc:
df:d3:60:14:f7:da:48:d0:6d:f7:41:ce:5b:2a:43:
a7:c2:7a:05:af:9e:42:ac:6a:8a:9d:93:d6:57:ba:
30:1b:f5:48:4d:c5:74:40:03:24:d3:34:df:e6:cd:
a4:9e:d1:b0:14:fb:35:40:22:a4:94:98:7b:03:42:
d0:2c:7e:eb:03:83:fc:a0:4d:ba:be:d3:c8:45:8e:
49:af:32:9f:89:92:ba:97:bf:f0:00:e9:40:74:fb:
70:8a:34:2e:f3:e1:ec:65:1e:af:57:66:c7:45:02:
74:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:C1:20:03:70:AA:21:D6:D0:11:68:13:05:3B:AD:AA:21:48:57:25
X509v3 Authority Key Identifier:
keyid:D4:55:DE:C4:F1:EB:C2:A6:4F:5C:CC:2E:E9:29:27:31:EB:82:11:3D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c8d08b30-64c7-404b-9873-2e04bd74c140/0/D455DEC4F1EBC2A64F5CCC2EE9292731EB82113D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FXexPHrwqZPXMwu6SknMeuCET0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c8d08b30-64c7-404b-9873-2e04bd74c140/0/3138352e3131362e39312e302f32342d3234203d3e20323132393830.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.116.91.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:62:85:bf:cf:f4:59:3c:f7:6c:46:07:30:70:5e:ca:a2:6e:
63:61:a6:61:8b:04:0b:78:21:07:80:0b:5e:ab:ce:c3:2f:6a:
80:5b:59:a8:22:75:93:24:27:e7:25:7c:2a:e6:25:73:ea:bf:
c6:4e:1a:d4:6d:76:ac:1d:03:c5:91:51:e3:f1:f2:86:12:9e:
cd:c2:c2:f3:9a:20:15:0c:28:d3:07:49:c3:99:37:e4:26:68:
bd:70:92:e0:d8:fd:3a:82:6d:c6:b6:e4:e6:67:10:b9:04:b2:
54:1c:2e:7f:4b:ab:ad:5b:35:a8:fd:4b:a1:7f:c6:f7:74:78:
42:a1:a0:c4:a3:53:75:f4:4d:43:e4:7a:ae:12:04:d7:5e:ca:
33:a1:d6:72:60:5e:b2:45:e3:05:fd:cf:2a:a9:9e:be:73:5b:
46:84:8e:f9:4f:68:fb:6e:5d:59:30:14:69:c6:87:89:fe:ae:
85:4b:a6:ac:9a:f6:12:a1:ed:e3:71:b3:5f:5e:d5:69:23:b2:
66:1b:b4:84:86:1c:82:4f:c6:cd:7c:2c:71:d4:b1:7f:1e:13:
63:8e:7c:0b:9a:6a:12:40:95:27:68:18:62:06:84:fc:bb:c9:
6f:a4:df:44:fc:ef:5f:1f:63:15:a3:a6:c8:57:4d:08:44:3d:
64:3a:fa:9e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUNtG79z+61tr4UCzGFCkNXOo9Z88wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDQ1NWRlYzRmMWViYzJhNjRmNWNjYzJlZTkyOTI3MzFl
YjgyMTEzZDAeFw0yNjA0MTcwODAzMDRaFw0yNzA0MTYwODA4MDRaMDMxMTAvBgNV
BAMTKDAwQzEyMDAzNzBBQTIxRDZEMDExNjgxMzA1M0JBREFBMjE0ODU3MjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYENOAhl5x5InH6aHIXWadHvDT
rSF42rIbma48ZPLHA6HGQUGvtPfuwSTUdcFjAOC2Okz9x+ydc+Tt2dKU1r5XTdY+
3bPAV1sJoErBfKQyJ779o6n2L2CzLoULVqCUMGSJTrakoDoSxuq6cwRrGoUAwXbF
IfCAAWMd51KEnt8p3ENfrBCVfXzqGK5L9fG94HCs9aJrzN/TYBT32kjQbfdBzlsq
Q6fCegWvnkKsaoqdk9ZXujAb9UhNxXRAAyTTNN/mzaSe0bAU+zVAIqSUmHsDQtAs
fusDg/ygTbq+08hFjkmvMp+JkrqXv/AA6UB0+3CKNC7z4exlHq9XZsdFAnQjAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUAMEgA3CqIdbQEWgTBTutqiFIVyUwHwYDVR0j
BBgwFoAU1FXexPHrwqZPXMwu6SknMeuCET0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzhkMDhiMzAtNjRjNy00MDRiLTk4NzMtMmUwNGJkNzRj
MTQwLzAvRDQ1NURFQzRGMUVCQzJBNjRGNUNDQzJFRTkyOTI3MzFFQjgyMTEzRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFGWGV4UEhyd3FaUFhNd3U2U2tuTWV1
Q0VUMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzhkMDhiMzAt
NjRjNy00MDRiLTk4NzMtMmUwNGJkNzRjMTQwLzAvMzEzODM1MmUzMTMxMzYyZTM5
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzOTM4MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5dFswDQYJKoZIhvcNAQELBQADggEBAHpihb/P9Fk892xGBzBwXsqibmNhpmGL
BAt4IQeAC16rzsMvaoBbWagidZMkJ+clfCrmJXPqv8ZOGtRtdqwdA8WRUePx8oYS
ns3CwvOaIBUMKNMHScOZN+QmaL1wkuDY/TqCbca25OZnELkEslQcLn9Lq61bNaj9
S6F/xvd0eEKhoMSjU3X0TUPkeq4SBNdeyjOh1nJgXrJF4wX9zyqpnr5zW0aEjvlP
aPtuXVkwFGnGh4n+roVLpqya9hKh7eNxs19e1WkjsmYbtISGHIJPxs18LHHUsX8e
E2OOfAuaahJAlSdoGGIGhPy7yW+k30T8718fYxWjpshXTQhEPWQ6+p4=
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:07:42 2026 by rpki-client