Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/38372e3235342e32362e302f32342d3234203d3e20343031373736.roa
File: 38372e3235342e32362e302f32342d3234203d3e20343031373736.roa (raw, json)
Hash identifier: BMzIjggccQKi1DAUr681/0Z4HW5dSuTz1uXhMPATlfU=
Subject key identifier: 6F:79:91:3A:95:77:3E:3F:A3:D3:38:EF:69:C1:07:B2:4A:2A:F9:0F
Certificate issuer: /CN=22bfd4e021547d030ac10b0213535d4c6968eede
Certificate serial: 7F578BF04C70F9F3B2E58266E222EBA12F48072F
Authority key identifier: 22:BF:D4:E0:21:54:7D:03:0A:C1:0B:02:13:53:5D:4C:69:68:EE:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/38372e3235342e32362e302f32342d3234203d3e20343031373736.roa
Signing time: Mon 16 Mar 2026 09:46:15 +0000
ROA not before: Mon 16 Mar 2026 09:41:15 +0000
ROA not after: Mon 15 Mar 2027 09:46:15 +0000
asID: 401776
IP address blocks: 87.254.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.crl
rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:57:8b:f0:4c:70:f9:f3:b2:e5:82:66:e2:22:eb:a1:2f:48:07:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22bfd4e021547d030ac10b0213535d4c6968eede
Validity
Not Before: Mar 16 09:41:15 2026 GMT
Not After : Mar 15 09:46:15 2027 GMT
Subject: CN=6F79913A95773E3FA3D338EF69C107B24A2AF90F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:32:73:85:e6:db:d6:e0:0c:e0:ac:1d:75:ad:
cc:36:97:fb:fa:a3:c4:4a:66:64:f2:1e:56:45:6f:
c9:b7:c6:3d:d0:1c:42:29:8f:f2:6f:fc:0e:74:14:
45:76:cd:7f:60:22:45:6a:6f:8f:70:84:4c:e1:c3:
0e:23:4e:fe:92:3a:8e:f8:eb:3b:3e:fe:73:ce:05:
bb:75:18:6f:33:98:e5:34:3a:d6:ed:29:ac:f8:fc:
38:1c:61:ab:33:ba:e5:e7:89:7c:c0:4f:40:c0:bd:
95:81:cc:59:4a:8d:6c:1c:1f:5e:e5:13:95:30:6b:
5e:18:f1:76:a4:9d:76:27:fd:ad:e4:4e:dd:65:47:
73:45:a4:05:65:4e:1e:c2:6d:59:6f:bd:f2:90:dc:
82:ee:5a:15:04:60:03:8e:89:cf:c4:47:8e:5b:63:
49:1f:98:a6:09:58:ef:7f:d1:92:6a:1d:27:d5:41:
50:a6:f5:2f:9e:36:ec:68:99:93:38:4b:8f:e4:89:
22:2a:0b:bc:e4:29:91:c1:b4:a9:54:f8:8d:da:3e:
48:b2:3a:2d:9b:25:6b:7d:43:9a:c3:1f:01:d6:5d:
1b:fc:4f:f5:0b:b7:87:8e:32:08:93:84:14:d5:84:
43:b9:db:9c:93:bb:fb:4f:bc:d9:3e:35:67:fa:9e:
0d:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:79:91:3A:95:77:3E:3F:A3:D3:38:EF:69:C1:07:B2:4A:2A:F9:0F
X509v3 Authority Key Identifier:
keyid:22:BF:D4:E0:21:54:7D:03:0A:C1:0B:02:13:53:5D:4C:69:68:EE:DE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/38372e3235342e32362e302f32342d3234203d3e20343031373736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.26.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:b1:1b:e1:ca:f9:e2:bc:e6:9f:d9:67:79:9b:f0:64:4a:fb:
91:d3:48:07:3e:cb:ee:35:5f:ef:20:7e:1d:78:02:37:e7:79:
92:bc:01:db:26:d2:6e:ee:f2:76:a7:9a:62:04:86:10:88:d7:
f4:a0:6f:f5:68:e2:32:ff:dc:c3:80:0b:fe:58:df:5b:af:57:
c0:66:87:2f:b3:6c:7c:20:1e:f7:db:a2:64:4f:c7:e6:b0:9a:
b6:00:ee:91:55:1c:f7:b6:be:fe:c4:61:ec:98:ee:77:38:d3:
95:f9:86:fc:c7:98:12:15:ef:15:36:18:98:20:cb:0e:58:68:
ca:7c:d4:5c:94:65:cc:1e:65:6c:f0:b9:45:6d:23:34:c9:72:
26:cd:94:ea:35:af:82:c8:e4:99:b3:02:cb:58:29:09:e1:54:
50:80:bd:df:74:42:0e:0f:2d:1d:0c:de:83:70:fa:02:67:49:
fe:90:74:34:09:71:0f:e8:0d:d9:1c:72:e7:fa:64:76:37:74:
84:32:0d:00:6e:3d:70:52:fb:58:e6:49:45:65:f9:bd:e7:f9:
90:31:f3:73:0a:65:31:06:06:98:13:02:91:ba:2e:d1:0f:cd:
73:31:71:ca:74:e6:1f:da:e4:47:80:0f:ee:fe:3e:38:fe:ff:
52:6f:e0:af
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUf1eL8Exw+fOy5YJm4iLroS9IBy8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjJiZmQ0ZTAyMTU0N2QwMzBhYzEwYjAyMTM1MzVkNGM2
OTY4ZWVkZTAeFw0yNjAzMTYwOTQxMTVaFw0yNzAzMTUwOTQ2MTVaMDMxMTAvBgNV
BAMTKDZGNzk5MTNBOTU3NzNFM0ZBM0QzMzhFRjY5QzEwN0IyNEEyQUY5MEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMMnOF5tvW4AzgrB11rcw2l/v6
o8RKZmTyHlZFb8m3xj3QHEIpj/Jv/A50FEV2zX9gIkVqb49whEzhww4jTv6SOo74
6zs+/nPOBbt1GG8zmOU0OtbtKaz4/DgcYaszuuXniXzAT0DAvZWBzFlKjWwcH17l
E5Uwa14Y8XaknXYn/a3kTt1lR3NFpAVlTh7CbVlvvfKQ3ILuWhUEYAOOic/ER45b
Y0kfmKYJWO9/0ZJqHSfVQVCm9S+eNuxomZM4S4/kiSIqC7zkKZHBtKlU+I3aPkiy
Oi2bJWt9Q5rDHwHWXRv8T/ULt4eOMgiThBTVhEO525yTu/tPvNk+NWf6ng1pAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUb3mROpV3Pj+j0zjvacEHskoq+Q8wHwYDVR0j
BBgwFoAUIr/U4CFUfQMKwQsCE1NdTGlo7t4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNhYWNkMTctYmY5ZC00N2RiLTg2NGQtZjljN2MyYmUx
ODNhLzAvMjJCRkQ0RTAyMTU0N0QwMzBBQzEwQjAyMTM1MzVENEM2OTY4RUVERS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lyX1U0Q0ZVZlFNS3dRc0NFMU5kVEds
bzd0NC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjNhYWNkMTct
YmY5ZC00N2RiLTg2NGQtZjljN2MyYmUxODNhLzAvMzgzNzJlMzIzNTM0MmUzMjM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMDMxMzczNzM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
V/4aMA0GCSqGSIb3DQEBCwUAA4IBAQAvsRvhyvnivOaf2Wd5m/BkSvuR00gHPsvu
NV/vIH4deAI353mSvAHbJtJu7vJ2p5piBIYQiNf0oG/1aOIy/9zDgAv+WN9br1fA
Zocvs2x8IB7326JkT8fmsJq2AO6RVRz3tr7+xGHsmO53ONOV+Yb8x5gSFe8VNhiY
IMsOWGjKfNRclGXMHmVs8LlFbSM0yXImzZTqNa+CyOSZswLLWCkJ4VRQgL3fdEIO
Dy0dDN6DcPoCZ0n+kHQ0CXEP6A3ZHHLn+mR2N3SEMg0Abj1wUvtY5klFZfm95/mQ
MfNzCmUxBgaYEwKRui7RD81zMXHKdOYf2uRHgA/u/j44/v9Sb+Cv
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:25:04 2026 by rpki-client