Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/83e4757f-d37f-4fd6-a69b-d74bdd6b87dc/0/38332e3135302e3231362e302f32342d3234203d3e20343032313837.roa
File: 38332e3135302e3231362e302f32342d3234203d3e20343032313837.roa (raw, json)
Hash identifier: 6oURErocR+RBWBtjKCL5X7Q++2pWaiVnhpSM8lQTOTw=
Subject key identifier: 52:CF:28:7D:C8:DE:F8:DB:E9:33:79:20:EA:D0:C9:60:B3:1A:51:75
Certificate issuer: /CN=5e5179bb1757068d7028510feeb1177aa7cc8818
Certificate serial: 14866F6414AAC0EB435D17437B2692120D8F37D9
Authority key identifier: 5E:51:79:BB:17:57:06:8D:70:28:51:0F:EE:B1:17:7A:A7:CC:88:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XlF5uxdXBo1wKFEP7rEXeqfMiBg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/83e4757f-d37f-4fd6-a69b-d74bdd6b87dc/0/38332e3135302e3231362e302f32342d3234203d3e20343032313837.roa
Signing time: Tue 24 Mar 2026 04:43:49 +0000
ROA not before: Tue 24 Mar 2026 04:38:49 +0000
ROA not after: Tue 23 Mar 2027 04:43:49 +0000
asID: 402187
IP address blocks: 83.150.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/83e4757f-d37f-4fd6-a69b-d74bdd6b87dc/0/5E5179BB1757068D7028510FEEB1177AA7CC8818.crl
rsync://rsync.paas.rpki.ripe.net/repository/83e4757f-d37f-4fd6-a69b-d74bdd6b87dc/0/5E5179BB1757068D7028510FEEB1177AA7CC8818.mft
rsync://rpki.ripe.net/repository/DEFAULT/XlF5uxdXBo1wKFEP7rEXeqfMiBg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 16:30:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:86:6f:64:14:aa:c0:eb:43:5d:17:43:7b:26:92:12:0d:8f:37:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e5179bb1757068d7028510feeb1177aa7cc8818
Validity
Not Before: Mar 24 04:38:49 2026 GMT
Not After : Mar 23 04:43:49 2027 GMT
Subject: CN=52CF287DC8DEF8DBE9337920EAD0C960B31A5175
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:be:49:5d:5c:fa:49:3e:27:17:eb:0c:b5:fc:
84:19:61:0f:42:38:50:d6:72:42:fd:7f:3c:ec:92:
a6:c6:c9:da:90:b9:c5:62:7f:8b:c5:7f:ab:a6:c1:
5f:07:6b:03:d8:63:2a:6c:a5:10:50:1f:1c:ef:cc:
23:74:9c:06:57:c5:13:58:a2:6d:38:a1:f4:f0:94:
83:f9:37:3e:71:62:43:08:05:c2:da:70:f7:60:33:
a3:51:ea:d9:19:c6:0f:8b:05:6d:f9:75:16:92:0a:
15:81:c9:7c:54:21:72:ca:46:44:b3:2f:5c:ce:2b:
64:13:c4:33:57:6b:20:05:bf:0e:a9:73:9c:65:b0:
04:eb:aa:3c:16:c9:d5:9b:0f:53:e4:0f:83:f0:a8:
c7:a3:cf:a8:cd:50:59:7b:5b:7e:60:6e:10:60:46:
78:61:3b:55:a0:9b:ed:82:e5:83:76:51:24:7b:18:
89:83:0a:b9:3d:a7:35:78:14:23:c2:a1:0e:f2:ca:
7d:35:76:01:5b:a6:d1:84:93:df:ac:1d:98:2c:a1:
ed:c5:6b:5b:61:74:f5:73:84:8f:95:0d:d2:7f:e5:
b4:ab:1c:b3:20:03:00:ac:e1:c2:57:39:f3:96:b4:
a7:bc:df:20:98:a1:82:4b:05:57:f5:c5:0f:b4:f8:
99:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:CF:28:7D:C8:DE:F8:DB:E9:33:79:20:EA:D0:C9:60:B3:1A:51:75
X509v3 Authority Key Identifier:
keyid:5E:51:79:BB:17:57:06:8D:70:28:51:0F:EE:B1:17:7A:A7:CC:88:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/83e4757f-d37f-4fd6-a69b-d74bdd6b87dc/0/5E5179BB1757068D7028510FEEB1177AA7CC8818.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XlF5uxdXBo1wKFEP7rEXeqfMiBg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/83e4757f-d37f-4fd6-a69b-d74bdd6b87dc/0/38332e3135302e3231362e302f32342d3234203d3e20343032313837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.150.216.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:f4:f3:ca:dd:b8:53:c8:cf:6d:3e:05:47:d1:e1:3c:84:01:
16:45:f5:28:47:99:a2:3d:62:d7:fc:0a:50:99:ca:8f:15:25:
c7:33:55:3b:69:98:09:21:86:ba:5a:63:e9:6b:89:b6:69:f5:
41:25:98:40:5f:de:74:27:04:63:73:d7:96:34:9c:d0:21:57:
2d:32:75:79:48:3e:aa:bf:de:0c:bc:38:7f:1d:7e:7c:f6:e6:
7b:9a:d2:69:1f:4f:01:57:52:32:82:d3:df:cc:1c:f8:13:e3:
87:8f:80:4e:5c:6f:8d:f4:97:5a:d4:af:26:28:af:ba:6e:5c:
c7:02:44:7d:21:ee:15:37:7b:6a:68:5c:5e:98:58:31:70:16:
bd:0a:c6:a4:d6:37:72:df:a1:ba:d8:d0:5c:f5:e7:a9:0d:ae:
c2:f9:17:f0:79:b2:8b:86:2f:a7:0c:75:91:53:7c:91:bc:e0:
eb:89:ba:ff:6b:8c:88:c9:01:4b:3a:05:b0:ee:ad:33:96:10:
ae:ba:00:27:8a:fd:0a:fc:ea:9b:4a:96:b2:7b:bb:96:35:40:
4a:f2:51:2e:f5:51:89:41:1d:fc:05:2f:df:0d:b5:4a:04:90:
bf:b3:d6:a3:03:ad:cb:de:7d:08:d9:38:cc:71:f7:e5:90:6e:
91:a9:f9:b0
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUFIZvZBSqwOtDXRdDeyaSEg2PN9kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWU1MTc5YmIxNzU3MDY4ZDcwMjg1MTBmZWViMTE3N2Fh
N2NjODgxODAeFw0yNjAzMjQwNDM4NDlaFw0yNzAzMjMwNDQzNDlaMDMxMTAvBgNV
BAMTKDUyQ0YyODdEQzhERUY4REJFOTMzNzkyMEVBRDBDOTYwQjMxQTUxNzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuvkldXPpJPicX6wy1/IQZYQ9C
OFDWckL9fzzskqbGydqQucVif4vFf6umwV8HawPYYypspRBQHxzvzCN0nAZXxRNY
om04ofTwlIP5Nz5xYkMIBcLacPdgM6NR6tkZxg+LBW35dRaSChWByXxUIXLKRkSz
L1zOK2QTxDNXayAFvw6pc5xlsATrqjwWydWbD1PkD4PwqMejz6jNUFl7W35gbhBg
RnhhO1Wgm+2C5YN2USR7GImDCrk9pzV4FCPCoQ7yyn01dgFbptGEk9+sHZgsoe3F
a1thdPVzhI+VDdJ/5bSrHLMgAwCs4cJXOfOWtKe83yCYoYJLBVf1xQ+0+JkFAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUUs8ofcje+NvpM3kg6tDJYLMaUXUwHwYDVR0j
BBgwFoAUXlF5uxdXBo1wKFEP7rEXeqfMiBgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODNlNDc1N2YtZDM3Zi00ZmQ2LWE2OWItZDc0YmRkNmI4
N2RjLzAvNUU1MTc5QkIxNzU3MDY4RDcwMjg1MTBGRUVCMTE3N0FBN0NDODgxOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hsRjV1eGRYQm8xd0tGRVA3ckVYZXFm
TWlCZy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODNlNDc1N2Yt
ZDM3Zi00ZmQ2LWE2OWItZDc0YmRkNmI4N2RjLzAvMzgzMzJlMzEzNTMwMmUzMjMx
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMwMzIzMTM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABTltgwDQYJKoZIhvcNAQELBQADggEBAE/088rduFPIz20+BUfR4TyEARZF9ShH
maI9Ytf8ClCZyo8VJcczVTtpmAkhhrpaY+lribZp9UElmEBf3nQnBGNz15Y0nNAh
Vy0ydXlIPqq/3gy8OH8dfnz25nua0mkfTwFXUjKC09/MHPgT44ePgE5cb430l1rU
ryYor7puXMcCRH0h7hU3e2poXF6YWDFwFr0KxqTWN3LfobrY0Fz156kNrsL5F/B5
souGL6cMdZFTfJG84OuJuv9rjIjJAUs6BbDurTOWEK66ACeK/Qr86ptKlrJ7u5Y1
QEryUS71UYlBHfwFL98NtUoEkL+z1qMDrcvefQjZOMxx9+WQbpGp+bA=
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:11:57 2026 by rpki-client