Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/38372e3235342e32342e302f32342d3234203d3e20343032303437.roa
File: 38372e3235342e32342e302f32342d3234203d3e20343032303437.roa (raw, json)
Hash identifier: I6nMkOW16PyXMxFt9RQFe/GpDqFqzj3Mh9XigQN7utc=
Subject key identifier: 1C:2E:D9:9C:7A:41:F0:DC:6D:D7:E5:AC:F8:05:FD:D2:06:33:6D:D1
Certificate issuer: /CN=22bfd4e021547d030ac10b0213535d4c6968eede
Certificate serial: 45304D1D38F786BAA1296ACED1DAEAF1860C70B8
Authority key identifier: 22:BF:D4:E0:21:54:7D:03:0A:C1:0B:02:13:53:5D:4C:69:68:EE:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/38372e3235342e32342e302f32342d3234203d3e20343032303437.roa
Signing time: Fri 20 Mar 2026 11:05:34 +0000
ROA not before: Fri 20 Mar 2026 11:00:34 +0000
ROA not after: Fri 19 Mar 2027 11:05:34 +0000
asID: 402047
IP address blocks: 87.254.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.crl
rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 19:57:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:30:4d:1d:38:f7:86:ba:a1:29:6a:ce:d1:da:ea:f1:86:0c:70:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22bfd4e021547d030ac10b0213535d4c6968eede
Validity
Not Before: Mar 20 11:00:34 2026 GMT
Not After : Mar 19 11:05:34 2027 GMT
Subject: CN=1C2ED99C7A41F0DC6DD7E5ACF805FDD206336DD1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:c2:31:3e:78:47:59:6f:43:c1:53:90:b0:2b:
a7:b5:ce:50:ac:70:5e:e3:48:b8:64:20:ba:6b:a2:
77:79:b6:6c:d6:1f:7d:1b:5c:c0:75:18:ca:86:1f:
14:35:c1:a2:1d:07:1e:7a:e4:2e:ab:0f:a7:77:45:
15:01:b5:61:41:de:7e:25:16:9d:b6:36:a7:27:3e:
02:61:64:dc:d4:98:18:b0:b9:77:38:cc:d0:3b:5e:
d8:93:94:3b:92:94:5c:74:5e:e2:6d:fd:bd:1b:91:
c5:c2:cf:37:0f:64:2f:bb:2b:b8:11:10:b5:6f:8f:
07:72:31:6b:7b:da:8d:c2:b2:4e:13:92:79:e5:d2:
11:99:3b:67:c4:dd:0a:b2:cb:89:1a:16:3d:d5:26:
a9:4b:c9:bb:a8:c7:51:c3:67:49:8c:33:97:01:e9:
43:7f:33:6e:9b:09:45:3e:ae:bc:9c:c0:e6:52:b8:
04:10:54:2c:10:6a:dd:86:02:fd:20:26:4e:dc:a4:
18:08:f5:be:5e:c7:34:12:40:10:fc:d0:ca:f6:9b:
47:57:46:13:2f:32:68:0e:8d:91:17:f6:0e:cd:05:
e0:f7:03:58:07:98:a1:36:b3:e2:c3:d4:60:8d:4a:
f4:62:a9:16:08:07:9f:be:8c:51:95:25:e8:e9:d6:
dd:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:2E:D9:9C:7A:41:F0:DC:6D:D7:E5:AC:F8:05:FD:D2:06:33:6D:D1
X509v3 Authority Key Identifier:
keyid:22:BF:D4:E0:21:54:7D:03:0A:C1:0B:02:13:53:5D:4C:69:68:EE:DE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/38372e3235342e32342e302f32342d3234203d3e20343032303437.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.24.0/24
Signature Algorithm: sha256WithRSAEncryption
88:6c:9b:54:76:6f:5e:17:24:a2:77:0e:3b:7d:bd:9e:7f:7c:
5b:c3:d2:8e:47:2c:d3:69:a4:ac:03:8f:81:38:ca:01:d6:c0:
e7:24:7e:76:87:65:e4:3a:49:e8:70:7a:9a:12:5b:a7:08:bf:
35:d4:d1:1c:f8:f3:26:7a:73:39:03:1a:78:40:14:7d:67:e0:
b5:8b:ee:f2:6a:56:47:7b:10:e7:12:f6:fc:d7:be:7f:f5:7e:
9c:bd:d3:cb:c8:33:33:3b:b0:67:bc:53:0c:06:92:15:84:c7:
6b:69:11:80:03:b8:f5:1b:e5:de:17:97:a6:47:bd:8f:43:d4:
05:c0:ae:77:ca:5d:85:60:3e:61:8a:45:50:74:7c:9c:c5:a6:
16:9e:bf:2c:6e:1e:68:db:4e:b8:9a:78:0c:7f:cb:ae:e2:a3:
22:af:ee:c3:61:4b:be:18:4c:3f:d1:39:4c:2a:21:23:b5:34:
88:d5:fa:99:ad:1f:b6:55:8c:40:0d:86:c8:c1:46:31:07:bd:
ca:da:7e:ef:ce:93:48:ef:f9:ed:49:bf:76:52:d1:b6:1b:62:
66:03:04:2c:13:89:50:26:fe:e6:15:b4:c2:f9:97:da:c6:1c:
3f:12:6c:f7:07:50:48:3a:54:91:16:b9:c6:e1:ad:f3:b5:92:
55:b0:be:fb
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIURTBNHTj3hrqhKWrO0drq8YYMcLgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjJiZmQ0ZTAyMTU0N2QwMzBhYzEwYjAyMTM1MzVkNGM2
OTY4ZWVkZTAeFw0yNjAzMjAxMTAwMzRaFw0yNzAzMTkxMTA1MzRaMDMxMTAvBgNV
BAMTKDFDMkVEOTlDN0E0MUYwREM2REQ3RTVBQ0Y4MDVGREQyMDYzMzZERDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDwwjE+eEdZb0PBU5CwK6e1zlCs
cF7jSLhkILprond5tmzWH30bXMB1GMqGHxQ1waIdBx565C6rD6d3RRUBtWFB3n4l
Fp22NqcnPgJhZNzUmBiwuXc4zNA7XtiTlDuSlFx0XuJt/b0bkcXCzzcPZC+7K7gR
ELVvjwdyMWt72o3Csk4Tknnl0hGZO2fE3Qqyy4kaFj3VJqlLybuox1HDZ0mMM5cB
6UN/M26bCUU+rrycwOZSuAQQVCwQat2GAv0gJk7cpBgI9b5exzQSQBD80Mr2m0dX
RhMvMmgOjZEX9g7NBeD3A1gHmKE2s+LD1GCNSvRiqRYIB5++jFGVJejp1t1DAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUHC7ZnHpB8Nxt1+Ws+AX90gYzbdEwHwYDVR0j
BBgwFoAUIr/U4CFUfQMKwQsCE1NdTGlo7t4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNhYWNkMTctYmY5ZC00N2RiLTg2NGQtZjljN2MyYmUx
ODNhLzAvMjJCRkQ0RTAyMTU0N0QwMzBBQzEwQjAyMTM1MzVENEM2OTY4RUVERS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lyX1U0Q0ZVZlFNS3dRc0NFMU5kVEds
bzd0NC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjNhYWNkMTct
YmY5ZC00N2RiLTg2NGQtZjljN2MyYmUxODNhLzAvMzgzNzJlMzIzNTM0MmUzMjM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMDMyMzAzNDM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
V/4YMA0GCSqGSIb3DQEBCwUAA4IBAQCIbJtUdm9eFySidw47fb2ef3xbw9KORyzT
aaSsA4+BOMoB1sDnJH52h2XkOknocHqaElunCL811NEc+PMmenM5Axp4QBR9Z+C1
i+7yalZHexDnEvb8175/9X6cvdPLyDMzO7BnvFMMBpIVhMdraRGAA7j1G+XeF5em
R72PQ9QFwK53yl2FYD5hikVQdHycxaYWnr8sbh5o2064mngMf8uu4qMir+7DYUu+
GEw/0TlMKiEjtTSI1fqZrR+2VYxADYbIwUYxB73K2n7vzpNI7/ntSb92UtG2G2Jm
AwQsE4lQJv7mFbTC+Zfaxhw/Emz3B1BIOlSRFrnG4a3ztZJVsL77
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:06:50 2026 by rpki-client