Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/83e4757f-d37f-4fd6-a69b-d74bdd6b87dc/0/38332e3135302e3231372e302f32342d3234203d3e20323132353034.roa
File: 38332e3135302e3231372e302f32342d3234203d3e20323132353034.roa (raw, json)
Hash identifier: Pd+R9yVLcfRdrx4Fim+6HhTRdf/MErKLe240StSeSFQ=
Subject key identifier: 3A:9E:DC:00:93:67:ED:3C:9B:97:FE:68:21:BD:5A:74:A2:44:AC:94
Certificate issuer: /CN=5e5179bb1757068d7028510feeb1177aa7cc8818
Certificate serial: 030EC8238C50D4915125293C073C36748155F029
Authority key identifier: 5E:51:79:BB:17:57:06:8D:70:28:51:0F:EE:B1:17:7A:A7:CC:88:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XlF5uxdXBo1wKFEP7rEXeqfMiBg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/83e4757f-d37f-4fd6-a69b-d74bdd6b87dc/0/38332e3135302e3231372e302f32342d3234203d3e20323132353034.roa
Signing time: Mon 11 May 2026 19:47:11 +0000
ROA not before: Mon 11 May 2026 19:42:11 +0000
ROA not after: Mon 10 May 2027 19:47:11 +0000
asID: 212504
IP address blocks: 83.150.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/83e4757f-d37f-4fd6-a69b-d74bdd6b87dc/0/5E5179BB1757068D7028510FEEB1177AA7CC8818.crl
rsync://rsync.paas.rpki.ripe.net/repository/83e4757f-d37f-4fd6-a69b-d74bdd6b87dc/0/5E5179BB1757068D7028510FEEB1177AA7CC8818.mft
rsync://rpki.ripe.net/repository/DEFAULT/XlF5uxdXBo1wKFEP7rEXeqfMiBg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 16:55:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:0e:c8:23:8c:50:d4:91:51:25:29:3c:07:3c:36:74:81:55:f0:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e5179bb1757068d7028510feeb1177aa7cc8818
Validity
Not Before: May 11 19:42:11 2026 GMT
Not After : May 10 19:47:11 2027 GMT
Subject: CN=3A9EDC009367ED3C9B97FE6821BD5A74A244AC94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:19:8b:4d:d2:b0:c5:d7:02:23:cd:ef:0d:6f:
a1:eb:f7:c4:12:66:1a:e6:6d:9b:22:ed:ac:8c:53:
c6:1b:84:a3:7e:08:0a:bf:db:57:44:f1:95:c5:39:
36:4a:bb:bf:0e:90:6c:ce:65:b9:f8:ed:76:ea:d3:
85:11:d5:c7:05:ea:b5:f5:42:ec:35:b6:1b:83:f6:
a0:5a:6b:9b:60:1e:40:36:39:6b:a1:17:fa:5a:58:
39:f9:49:c6:ce:81:72:5a:4d:7f:e9:e2:18:bc:43:
0f:35:1a:ec:d6:38:3d:b1:e9:4f:dc:e3:44:ac:ab:
58:24:77:45:52:42:df:2a:c6:b7:f0:7c:c0:2f:b7:
2e:b5:05:09:78:06:ca:5e:bf:28:ef:f0:55:f3:3b:
2c:62:74:23:16:6a:48:4e:b5:ec:01:88:df:79:c1:
88:8d:0f:57:94:03:48:31:f2:22:fc:7d:46:86:99:
bb:85:05:cc:29:37:7f:75:43:8f:2e:48:d8:3b:73:
12:8f:3e:c7:08:b3:cd:d7:de:18:8c:81:b6:3d:4b:
fd:08:84:5c:cc:89:ae:a0:f8:6d:a4:f4:e9:d7:f2:
9a:36:fa:b2:0a:c6:db:c5:da:cb:9a:f2:5e:ed:07:
d2:a4:16:17:da:59:d2:d3:83:30:c5:68:18:f5:d4:
9e:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:9E:DC:00:93:67:ED:3C:9B:97:FE:68:21:BD:5A:74:A2:44:AC:94
X509v3 Authority Key Identifier:
keyid:5E:51:79:BB:17:57:06:8D:70:28:51:0F:EE:B1:17:7A:A7:CC:88:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/83e4757f-d37f-4fd6-a69b-d74bdd6b87dc/0/5E5179BB1757068D7028510FEEB1177AA7CC8818.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XlF5uxdXBo1wKFEP7rEXeqfMiBg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/83e4757f-d37f-4fd6-a69b-d74bdd6b87dc/0/38332e3135302e3231372e302f32342d3234203d3e20323132353034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.150.217.0/24
Signature Algorithm: sha256WithRSAEncryption
94:b4:a0:2c:a2:f9:4d:c5:52:ce:30:54:02:f6:a6:6d:5b:4f:
67:03:9c:39:18:84:51:a6:a5:ee:e9:96:9e:e0:8e:48:1a:0f:
57:18:8c:38:41:61:91:00:30:0a:a2:1f:87:eb:71:e9:8e:40:
12:42:85:be:63:e6:41:70:09:49:83:7b:8a:cf:06:2d:b6:01:
c3:9f:39:89:27:a1:3c:ad:76:97:58:50:75:5e:b9:fd:9d:91:
24:12:ec:90:6a:74:ad:9c:9f:a2:c2:be:45:81:8b:3b:af:79:
72:b6:ba:37:86:34:78:de:7f:df:1f:fa:51:90:01:b7:a3:98:
cf:1e:5f:5e:d7:a3:d7:0c:70:f2:75:9f:ba:20:20:2c:93:2c:
47:0d:96:c4:ac:96:26:ec:4a:ad:f3:4e:1a:4a:6f:9c:03:94:
62:e1:c6:92:7a:d3:9f:8d:02:00:f5:63:c5:a1:8d:c0:50:0b:
27:36:5a:e6:5f:6a:91:a8:e0:94:48:1a:95:17:65:44:6f:ad:
a2:9b:d8:de:b0:57:5e:76:cc:c7:4b:df:55:df:39:48:8c:5c:
e9:8e:ed:9a:6e:98:db:05:f9:1f:a2:8f:3a:7e:60:b3:0f:32:
25:4e:a1:4e:d0:16:6c:89:49:52:99:06:04:6d:9c:2a:53:dc:
5d:a9:1b:76
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUAw7II4xQ1JFRJSk8Bzw2dIFV8CkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWU1MTc5YmIxNzU3MDY4ZDcwMjg1MTBmZWViMTE3N2Fh
N2NjODgxODAeFw0yNjA1MTExOTQyMTFaFw0yNzA1MTAxOTQ3MTFaMDMxMTAvBgNV
BAMTKDNBOUVEQzAwOTM2N0VEM0M5Qjk3RkU2ODIxQkQ1QTc0QTI0NEFDOTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLGYtN0rDF1wIjze8Nb6Hr98QS
ZhrmbZsi7ayMU8YbhKN+CAq/21dE8ZXFOTZKu78OkGzOZbn47Xbq04UR1ccF6rX1
Quw1thuD9qBaa5tgHkA2OWuhF/paWDn5ScbOgXJaTX/p4hi8Qw81GuzWOD2x6U/c
40Ssq1gkd0VSQt8qxrfwfMAvty61BQl4Bspevyjv8FXzOyxidCMWakhOtewBiN95
wYiND1eUA0gx8iL8fUaGmbuFBcwpN391Q48uSNg7cxKPPscIs83X3hiMgbY9S/0I
hFzMia6g+G2k9OnX8po2+rIKxtvF2sua8l7tB9KkFhfaWdLTgzDFaBj11J7pAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUOp7cAJNn7Tybl/5oIb1adKJErJQwHwYDVR0j
BBgwFoAUXlF5uxdXBo1wKFEP7rEXeqfMiBgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODNlNDc1N2YtZDM3Zi00ZmQ2LWE2OWItZDc0YmRkNmI4
N2RjLzAvNUU1MTc5QkIxNzU3MDY4RDcwMjg1MTBGRUVCMTE3N0FBN0NDODgxOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hsRjV1eGRYQm8xd0tGRVA3ckVYZXFm
TWlCZy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODNlNDc1N2Yt
ZDM3Zi00ZmQ2LWE2OWItZDc0YmRkNmI4N2RjLzAvMzgzMzJlMzEzNTMwMmUzMjMx
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzNTMwMzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABTltkwDQYJKoZIhvcNAQELBQADggEBAJS0oCyi+U3FUs4wVAL2pm1bT2cDnDkY
hFGmpe7plp7gjkgaD1cYjDhBYZEAMAqiH4frcemOQBJChb5j5kFwCUmDe4rPBi22
AcOfOYknoTytdpdYUHVeuf2dkSQS7JBqdK2cn6LCvkWBizuveXK2ujeGNHjef98f
+lGQAbejmM8eX17Xo9cMcPJ1n7ogICyTLEcNlsSslibsSq3zThpKb5wDlGLhxpJ6
05+NAgD1Y8WhjcBQCyc2WuZfapGo4JRIGpUXZURvraKb2N6wV152zMdL31XfOUiM
XOmO7ZpumNsF+R+ijzp+YLMPMiVOoU7QFmyJSVKZBgRtnCpT3F2pG3Y=
-----END CERTIFICATE-----
Generated at Wed May 13 06:23:28 2026 by rpki-client