Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3231312e33322e302f32342d3234203d3e20323132323338.roa
File: 3138352e3231312e33322e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: MEdDLmplTj56w3m9A29qjc++VQ+01HG0DJPvpctoPzA=
Subject key identifier: 38:57:B9:FD:03:F1:38:AB:FA:EC:58:90:BD:90:7A:17:23:87:64:27
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 1975C44ECA61E1BB154E445748821B0F24E284AB
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3231312e33322e302f32342d3234203d3e20323132323338.roa
Signing time: Mon 25 May 2026 12:24:33 +0000
ROA not before: Mon 25 May 2026 12:19:33 +0000
ROA not after: Mon 24 May 2027 12:24:33 +0000
asID: 212238
IP address blocks: 185.211.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 20:26:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:75:c4:4e:ca:61:e1:bb:15:4e:44:57:48:82:1b:0f:24:e2:84:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: May 25 12:19:33 2026 GMT
Not After : May 24 12:24:33 2027 GMT
Subject: CN=3857B9FD03F138ABFAEC5890BD907A1723876427
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:c2:ce:32:f5:51:59:48:85:5d:b4:ba:c3:11:
4b:f3:7e:15:5c:f8:3a:b5:ba:44:93:11:bb:79:f3:
1d:41:43:a4:bf:a6:10:45:9a:7b:49:b3:eb:3c:39:
c8:04:f3:de:43:d5:40:80:1f:fc:f9:3c:a1:30:19:
cb:5e:4d:c1:12:f6:17:14:3f:4c:89:4d:47:e1:c1:
e2:77:02:aa:ab:1e:4e:6e:0c:71:96:28:bc:02:82:
b1:e1:ea:3d:4a:60:e0:99:59:dd:89:51:83:9d:f5:
b6:5d:dd:70:1b:f1:4a:ad:74:85:a9:d2:70:44:a3:
23:ba:de:8f:8a:81:b4:ab:cf:25:d8:54:19:2f:54:
eb:4c:7b:38:11:d9:7b:ed:41:3e:b2:45:a2:a9:52:
ab:99:e2:15:6c:78:26:b7:6f:16:a9:90:85:60:69:
bf:fb:af:55:92:ad:92:7c:1a:d8:19:b0:19:ff:a5:
81:04:01:5d:ed:99:14:92:5e:a7:f3:b8:47:3b:6a:
cb:55:18:b1:25:9f:7b:8e:e2:82:dc:e1:89:4d:db:
05:48:ae:76:d3:88:2b:88:a5:52:a4:22:57:e5:30:
1a:87:b2:1b:c2:6b:24:a3:d2:3e:c9:76:87:4a:f0:
73:d1:92:19:c6:45:5f:ba:bd:68:76:aa:bd:83:6a:
2e:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:57:B9:FD:03:F1:38:AB:FA:EC:58:90:BD:90:7A:17:23:87:64:27
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3231312e33322e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.32.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:6d:eb:3d:19:cb:e3:8f:7d:e1:bf:4c:44:99:d3:9f:c0:43:
86:4b:a8:15:98:59:09:64:ec:6e:8b:92:de:4c:e1:71:ba:5a:
a9:51:4b:fc:ca:9e:73:c7:e3:a4:19:20:0c:ac:91:3d:9f:c4:
fd:b0:97:96:de:48:42:15:e9:08:af:28:c3:9d:d6:36:24:5c:
3f:9b:be:d7:99:d4:2e:5d:28:19:e9:ce:82:81:23:b9:18:8c:
dc:f6:08:4c:2d:32:4b:0a:d1:ca:58:ca:22:aa:36:20:2f:91:
94:d0:66:a6:89:30:df:55:df:39:2d:8d:17:5f:a7:90:ca:67:
8f:f6:47:e9:64:e6:45:03:0a:7c:ff:c6:e8:6c:95:62:4e:54:
9d:7d:54:79:48:2b:e3:ad:34:47:a8:ca:33:51:28:87:dd:47:
5c:c2:a7:bf:73:4a:0f:fd:21:bc:8d:0b:c4:fb:60:17:47:cb:
63:05:0b:c5:e0:5c:65:db:ce:c3:02:45:50:b4:2e:f1:9c:d9:
49:50:64:32:6d:3f:37:ec:4d:24:15:cd:73:22:57:59:f1:59:
fd:71:1b:2f:a6:65:4a:c5:62:b7:ed:d8:f4:3c:58:b1:79:c9:
cc:ef:f3:9b:ef:30:b1:8c:0f:db:e5:31:34:46:52:7f:b0:f6:
ac:2e:5d:c6
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUGXXETsph4bsVTkRXSIIbDyTihKswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNjA1MjUxMjE5MzNaFw0yNzA1MjQxMjI0MzNaMDMxMTAvBgNV
BAMTKDM4NTdCOUZEMDNGMTM4QUJGQUVDNTg5MEJEOTA3QTE3MjM4NzY0MjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJws4y9VFZSIVdtLrDEUvzfhVc
+Dq1ukSTEbt58x1BQ6S/phBFmntJs+s8OcgE895D1UCAH/z5PKEwGcteTcES9hcU
P0yJTUfhweJ3AqqrHk5uDHGWKLwCgrHh6j1KYOCZWd2JUYOd9bZd3XAb8UqtdIWp
0nBEoyO63o+KgbSrzyXYVBkvVOtMezgR2XvtQT6yRaKpUquZ4hVseCa3bxapkIVg
ab/7r1WSrZJ8GtgZsBn/pYEEAV3tmRSSXqfzuEc7astVGLEln3uO4oLc4YlN2wVI
rnbTiCuIpVKkIlflMBqHshvCaySj0j7JdodK8HPRkhnGRV+6vWh2qr2Dai7jAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUOFe5/QPxOKv67FiQvZB6FyOHZCcwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzODM1MmUzMjMxMzEyZTMz
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMjMzMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC50yAwDQYJKoZIhvcNAQELBQADggEBAItt6z0Zy+OPfeG/TESZ05/AQ4ZLqBWY
WQlk7G6Lkt5M4XG6WqlRS/zKnnPH46QZIAyskT2fxP2wl5beSEIV6QivKMOd1jYk
XD+bvteZ1C5dKBnpzoKBI7kYjNz2CEwtMksK0cpYyiKqNiAvkZTQZqaJMN9V3zkt
jRdfp5DKZ4/2R+lk5kUDCnz/xuhslWJOVJ19VHlIK+OtNEeoyjNRKIfdR1zCp79z
Sg/9IbyNC8T7YBdHy2MFC8XgXGXbzsMCRVC0LvGc2UlQZDJtPzfsTSQVzXMiV1nx
Wf1xGy+mZUrFYrft2PQ8WLF5yczv85vvMLGMD9vlMTRGUn+w9qwuXcY=
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:24:31 2026 by rpki-client