Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3139362e32332e302f32342d3234203d3e203439393831.roa
File: 3138352e3139362e32332e302f32342d3234203d3e203439393831.roa (raw, json)
Hash identifier: 7DcWQing90K7JAy/YBjS5sGYJd4qr+dlXoP1HQbKSos=
Subject key identifier: 24:F4:39:1A:55:F9:47:A0:EB:4D:73:BA:96:63:08:AA:BF:74:12:0B
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 6F019A0951F34473B02BC47B492481B24B0963C5
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3139362e32332e302f32342d3234203d3e203439393831.roa
Signing time: Tue 31 Mar 2026 14:20:48 +0000
ROA not before: Tue 31 Mar 2026 14:15:48 +0000
ROA not after: Tue 30 Mar 2027 14:20:48 +0000
asID: 49981
IP address blocks: 185.196.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:01:9a:09:51:f3:44:73:b0:2b:c4:7b:49:24:81:b2:4b:09:63:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Mar 31 14:15:48 2026 GMT
Not After : Mar 30 14:20:48 2027 GMT
Subject: CN=24F4391A55F947A0EB4D73BA966308AABF74120B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:81:7e:59:3f:6b:c9:46:fa:e7:bf:ae:e3:be:
91:31:69:08:d9:28:fc:dc:c8:3c:eb:95:ea:48:a3:
6f:f6:37:f3:99:ef:22:5a:b8:dd:43:5c:6f:7b:d6:
d5:46:d3:1a:0c:a7:ad:1c:a3:72:fa:5f:e8:4c:76:
49:09:cc:00:cc:88:0a:09:16:e9:25:ff:40:34:c4:
24:10:6d:a4:47:7a:80:8e:9a:fa:8f:15:38:44:2b:
62:18:c0:2e:46:70:04:f0:5f:27:dd:b5:35:1f:bb:
16:c6:71:59:1d:b7:25:65:fb:ff:2f:5d:d3:63:d3:
9d:26:5e:d2:ad:c8:a8:42:ac:fc:6f:75:46:db:7f:
b7:c0:89:09:5b:ec:3f:2f:70:d8:39:a7:16:6a:c3:
63:2f:e5:20:40:61:58:6f:8a:26:70:e8:f2:9a:54:
14:64:1c:25:c7:25:0b:75:5c:06:59:f6:a6:af:4e:
b7:83:5e:9d:f5:77:d2:8f:3e:c8:76:da:1d:fc:96:
4e:ed:58:93:c6:12:ef:b8:95:78:5d:76:86:fe:d3:
44:b6:c6:ab:c1:d9:cf:a9:28:47:61:fb:96:f8:29:
56:77:56:ba:2e:15:04:25:6c:b2:b7:e2:4b:8e:97:
95:10:08:35:71:ab:c9:32:bc:29:ad:fb:6c:85:5b:
e1:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:F4:39:1A:55:F9:47:A0:EB:4D:73:BA:96:63:08:AA:BF:74:12:0B
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3139362e32332e302f32342d3234203d3e203439393831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.196.23.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:17:13:71:c1:eb:aa:a7:1f:19:81:cf:c1:84:33:1e:9e:9a:
d4:cc:aa:65:17:50:ae:e5:c5:38:e6:ca:8c:c6:dc:16:66:11:
f8:2d:ce:11:ef:44:2d:35:b0:7b:c4:ba:07:99:d4:75:ca:ba:
0d:51:ba:db:01:aa:c1:e5:79:2e:fa:ff:72:3a:d5:2b:e7:ca:
d4:db:aa:e0:a2:d2:c2:7e:a5:c9:0d:c3:04:c0:a6:4a:eb:da:
14:a8:ee:d3:61:b8:a6:31:d5:cc:bf:d1:08:ea:bd:5f:8b:d8:
42:c0:84:9d:26:14:63:b9:05:8c:31:64:25:f0:a5:93:5e:90:
49:b3:97:4e:9d:9b:7a:17:ca:8d:05:c8:1b:d7:54:5c:7b:70:
a2:44:f2:ca:5d:cf:26:e2:7a:1b:a0:c0:f5:57:55:6e:ba:ae:
24:7a:2d:01:75:be:58:6c:c9:49:8d:f7:ab:ed:99:10:71:62:
10:32:36:86:51:73:00:ed:f2:e3:e9:79:54:74:f6:be:c7:9a:
e4:83:58:9e:07:81:7e:d6:aa:d5:51:89:0d:9f:a6:51:ba:32:
51:78:6a:17:c8:34:64:69:30:5b:e2:1d:4e:63:b6:a2:85:ae:
ff:3e:66:64:84:b3:0c:d0:e3:19:c1:02:16:8d:58:8d:1e:4d:
3d:dd:55:4a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUbwGaCVHzRHOwK8R7SSSBsksJY8UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNjAzMzExNDE1NDhaFw0yNzAzMzAxNDIwNDhaMDMxMTAvBgNV
BAMTKDI0RjQzOTFBNTVGOTQ3QTBFQjRENzNCQTk2NjMwOEFBQkY3NDEyMEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6gX5ZP2vJRvrnv67jvpExaQjZ
KPzcyDzrlepIo2/2N/OZ7yJauN1DXG971tVG0xoMp60co3L6X+hMdkkJzADMiAoJ
Fukl/0A0xCQQbaRHeoCOmvqPFThEK2IYwC5GcATwXyfdtTUfuxbGcVkdtyVl+/8v
XdNj050mXtKtyKhCrPxvdUbbf7fAiQlb7D8vcNg5pxZqw2Mv5SBAYVhviiZw6PKa
VBRkHCXHJQt1XAZZ9qavTreDXp31d9KPPsh22h38lk7tWJPGEu+4lXhddob+00S2
xqvB2c+pKEdh+5b4KVZ3VrouFQQlbLK34kuOl5UQCDVxq8kyvCmt+2yFW+H9AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUJPQ5GlX5R6DrTXO6lmMIqr90EgswHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzODM1MmUzMTM5MzYyZTMy
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM5MzkzODMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ucQXMA0GCSqGSIb3DQEBCwUAA4IBAQCKFxNxweuqpx8Zgc/BhDMenprUzKplF1Cu
5cU45sqMxtwWZhH4Lc4R70QtNbB7xLoHmdR1yroNUbrbAarB5Xku+v9yOtUr58rU
26rgotLCfqXJDcMEwKZK69oUqO7TYbimMdXMv9EI6r1fi9hCwISdJhRjuQWMMWQl
8KWTXpBJs5dOnZt6F8qNBcgb11Rce3CiRPLKXc8m4noboMD1V1Vuuq4kei0Bdb5Y
bMlJjfer7ZkQcWIQMjaGUXMA7fLj6XlUdPa+x5rkg1ieB4F+1qrVUYkNn6ZRujJR
eGoXyDRkaTBb4h1OY7aiha7/PmZkhLMM0OMZwQIWjViNHk093VVK
-----END CERTIFICATE-----
Generated at Fri Apr 17 10:18:14 2026 by rpki-client