Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/37382e3130352e3234302e302f32312d3234203d3e20383334.roa
File: 37382e3130352e3234302e302f32312d3234203d3e20383334.roa (raw, json)
Hash identifier: nNgUcJXm9LkRFWd1wS32PBIntR3J1hYWDEzDgZyxjfI=
Subject key identifier: 88:A2:2E:E9:D5:AB:CD:1C:6F:46:2A:93:4E:42:CE:91:06:1A:86:03
Certificate issuer: /CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Certificate serial: 1B76A0792A8CF747986284D2AFF8AEEA5E28F156
Authority key identifier: 0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/37382e3130352e3234302e302f32312d3234203d3e20383334.roa
Signing time: Tue 24 Mar 2026 13:02:02 +0000
ROA not before: Tue 24 Mar 2026 12:57:02 +0000
ROA not after: Tue 23 Mar 2027 13:02:02 +0000
asID: 834
IP address blocks: 78.105.240.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.mft
rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 11:13:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:76:a0:79:2a:8c:f7:47:98:62:84:d2:af:f8:ae:ea:5e:28:f1:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Validity
Not Before: Mar 24 12:57:02 2026 GMT
Not After : Mar 23 13:02:02 2027 GMT
Subject: CN=88A22EE9D5ABCD1C6F462A934E42CE91061A8603
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:01:56:05:a4:20:05:3e:00:ee:15:c9:54:37:
56:71:33:19:7c:c6:49:12:6a:01:ed:f9:c1:a9:a7:
5d:56:93:bf:96:f8:67:f5:b7:b3:86:bd:3f:51:d6:
52:0c:e6:0d:6e:f8:4f:60:cd:3d:b9:79:29:1e:2c:
ba:b9:ad:9e:83:d7:6c:dc:13:51:ce:8e:09:4a:b2:
64:27:44:14:81:4b:34:80:41:e3:be:93:cc:30:c6:
36:a1:a6:bb:ad:42:f3:b6:f8:34:97:a2:07:72:b6:
bb:3c:77:51:d0:34:ae:1b:32:8e:8e:16:e9:85:3f:
4d:fd:06:ac:cb:b9:ef:bd:f2:a3:04:d8:bb:5d:fd:
5f:b5:c1:27:6a:56:b3:97:2c:8d:c6:9e:63:86:47:
bd:b7:e6:e7:e0:76:ee:43:f8:01:98:26:4a:d6:35:
0c:55:49:05:62:e9:82:1f:15:fa:11:75:36:c4:67:
b6:e4:88:19:42:09:b3:42:33:fb:5f:ae:88:c3:62:
de:ca:a0:91:51:b4:4d:a1:af:3e:d5:51:05:cb:25:
50:be:47:3e:e1:ee:0d:2b:fa:fe:d1:46:1f:a7:02:
77:56:a1:f8:db:d6:d2:7d:92:38:0d:bf:82:6f:2c:
1f:6d:8b:09:3f:54:ed:d6:04:20:93:e8:e3:01:2b:
39:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:A2:2E:E9:D5:AB:CD:1C:6F:46:2A:93:4E:42:CE:91:06:1A:86:03
X509v3 Authority Key Identifier:
keyid:0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/37382e3130352e3234302e302f32312d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.105.240.0/21
Signature Algorithm: sha256WithRSAEncryption
21:92:df:be:19:0c:85:6f:5a:8f:68:bd:7e:ef:1a:45:8d:b7:
45:3d:43:d6:69:ed:08:de:cf:a6:d8:02:b5:48:d7:6e:a0:dc:
c0:cd:d3:7f:aa:8a:fc:93:d4:fe:1a:a1:89:a4:40:16:c1:fc:
da:77:b3:5c:76:b1:92:bd:d1:9d:6f:a4:65:81:3e:fb:f3:77:
e9:a2:b6:2b:6b:5d:1a:dc:11:60:66:a8:5f:2e:d9:ba:3e:9c:
be:70:6c:c4:f8:f9:af:9c:63:00:38:f0:df:77:27:e3:c2:1d:
14:b2:41:b3:01:0f:45:2b:41:ab:60:98:4e:eb:41:f9:ae:ad:
68:7f:e4:b7:ec:07:f2:8a:0e:2f:de:b7:fd:84:e8:34:96:a1:
8e:73:5a:31:e6:db:26:a8:bd:d0:09:60:18:86:b3:67:e7:e8:
db:a1:07:74:43:20:f4:c9:58:ce:40:d7:b2:73:9e:09:3e:ae:
82:a3:4b:d0:b7:4d:ce:9c:7b:e8:9d:8f:e9:9a:43:30:8f:d3:
35:eb:d7:9f:81:48:97:61:71:c1:ea:b7:67:14:7e:fb:49:6d:
21:17:ea:4c:8a:7f:07:7f:b3:eb:61:fe:96:67:43:b7:55:89:
d4:13:b2:c2:98:b3:97:b5:02:3d:8c:4c:ff:30:7f:08:97:94:
09:16:92:c4
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUG3ageSqM90eYYoTSr/iu6l4o8VYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGUyMGNjZjUwODNhNjNiOWY1ODg3ZTNlYTM5ZDA0ZTJk
NjJiM2RhNTAeFw0yNjAzMjQxMjU3MDJaFw0yNzAzMjMxMzAyMDJaMDMxMTAvBgNV
BAMTKDg4QTIyRUU5RDVBQkNEMUM2RjQ2MkE5MzRFNDJDRTkxMDYxQTg2MDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCOAVYFpCAFPgDuFclUN1ZxMxl8
xkkSagHt+cGpp11Wk7+W+Gf1t7OGvT9R1lIM5g1u+E9gzT25eSkeLLq5rZ6D12zc
E1HOjglKsmQnRBSBSzSAQeO+k8wwxjahprutQvO2+DSXogdytrs8d1HQNK4bMo6O
FumFP039BqzLue+98qME2Ltd/V+1wSdqVrOXLI3GnmOGR7235ufgdu5D+AGYJkrW
NQxVSQVi6YIfFfoRdTbEZ7bkiBlCCbNCM/tfrojDYt7KoJFRtE2hrz7VUQXLJVC+
Rz7h7g0r+v7RRh+nAndWofjb1tJ9kjgNv4JvLB9tiwk/VO3WBCCT6OMBKzlnAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUiKIu6dWrzRxvRiqTTkLOkQYahgMwHwYDVR0j
BBgwFoAUDiDM9Qg6Y7n1iH4+o50E4tYrPaUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTZlNGFjODYtMTgwMy00OTRkLThhN2ItYzA1MWE2MzEw
NzUyLzAvMEUyMENDRjUwODNBNjNCOUY1ODg3RTNFQTM5RDA0RTJENjJCM0RBNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RpRE05UWc2WTduMWlINC1vNTBFNHRZ
clBhVS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTZlNGFjODYt
MTgwMy00OTRkLThhN2ItYzA1MWE2MzEwNzUyLzAvMzczODJlMzEzMDM1MmUzMjM0
MzAyZTMwMmYzMjMxMmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBANOafAw
DQYJKoZIhvcNAQELBQADggEBACGS374ZDIVvWo9ovX7vGkWNt0U9Q9Zp7Qjez6bY
ArVI126g3MDN03+qivyT1P4aoYmkQBbB/Np3s1x2sZK90Z1vpGWBPvvzd+mititr
XRrcEWBmqF8u2bo+nL5wbMT4+a+cYwA48N93J+PCHRSyQbMBD0UrQatgmE7rQfmu
rWh/5LfsB/KKDi/et/2E6DSWoY5zWjHm2yaovdAJYBiGs2fn6NuhB3RDIPTJWM5A
17Jzngk+roKjS9C3Tc6ce+idj+maQzCP0zXr15+BSJdhccHqt2cUfvtJbSEX6kyK
fwd/s+th/pZnQ7dVidQTssKYs5e1Aj2MTP8wfwiXlAkWksQ=
-----END CERTIFICATE-----
Generated at Thu Mar 26 03:22:49 2026 by rpki-client