Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/3138352e35382e3135372e302f32342d3234203d3e20343032323033.roa
File: 3138352e35382e3135372e302f32342d3234203d3e20343032323033.roa (raw, json)
Hash identifier: qEPkBJmJPnkCj+WUZhzItxLAbT+040qoDYW4iZJto64=
Subject key identifier: C5:1E:71:AC:A1:66:73:33:51:04:E4:1C:A5:8E:3E:24:76:B9:52:CA
Certificate issuer: /CN=38a93c81ecd308e6a7632717045b3d35150120f8
Certificate serial: 3264EE920F236AE8F9A22118E0D88FB4EEA78F75
Authority key identifier: 38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/3138352e35382e3135372e302f32342d3234203d3e20343032323033.roa
Signing time: Mon 23 Mar 2026 05:54:51 +0000
ROA not before: Mon 23 Mar 2026 05:49:51 +0000
ROA not after: Mon 22 Mar 2027 05:54:51 +0000
asID: 402203
IP address blocks: 185.58.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.mft
rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 14:08:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:64:ee:92:0f:23:6a:e8:f9:a2:21:18:e0:d8:8f:b4:ee:a7:8f:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a93c81ecd308e6a7632717045b3d35150120f8
Validity
Not Before: Mar 23 05:49:51 2026 GMT
Not After : Mar 22 05:54:51 2027 GMT
Subject: CN=C51E71ACA16673335104E41CA58E3E2476B952CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:eb:35:52:a9:e0:f7:38:1d:40:26:cb:06:f3:
b0:0e:c1:31:45:11:b8:2a:0b:15:9e:2c:7c:da:7a:
02:0e:29:51:7a:d8:2a:85:2c:1b:1c:f8:b9:94:54:
7b:5d:99:6a:38:2c:cb:ac:bf:76:82:20:b2:61:f3:
1f:04:00:87:b8:58:54:dc:c5:62:73:6d:99:0d:cb:
05:90:b6:8a:19:30:b1:3a:17:4b:cf:2b:58:dc:e9:
67:65:19:30:47:8b:25:cd:2a:b2:d6:8b:6f:5c:6b:
8d:7e:68:11:91:c2:7c:53:c3:b6:4b:d3:86:fc:51:
16:0e:8d:85:3b:fd:0b:5a:30:45:ef:a2:08:4a:de:
b7:28:ba:23:9b:da:97:66:1d:21:c1:ed:fa:4c:72:
12:72:af:bc:b0:ea:67:87:40:ea:6e:37:8e:eb:1c:
d2:9a:bc:6c:74:b1:d8:9c:6c:d4:8c:4a:d2:d4:0c:
68:49:d8:bd:54:98:e3:58:6c:60:aa:95:17:ec:27:
50:14:ce:11:12:e5:1a:cc:85:cb:7b:0a:91:43:6b:
33:df:17:bb:49:bd:dc:aa:73:e8:86:3d:db:2f:92:
9a:cb:f0:72:bd:af:e9:13:6c:58:ea:4e:2e:f6:ab:
65:b8:8d:12:fb:fa:d3:7a:81:91:03:49:7d:cd:e8:
b0:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:1E:71:AC:A1:66:73:33:51:04:E4:1C:A5:8E:3E:24:76:B9:52:CA
X509v3 Authority Key Identifier:
keyid:38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/3138352e35382e3135372e302f32342d3234203d3e20343032323033.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.58.157.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:80:24:dd:66:e7:1f:a9:ec:f0:42:48:ca:b6:7f:35:3b:9e:
2f:52:48:8d:63:92:c2:ba:55:25:47:08:d5:1f:ca:de:15:bc:
50:34:74:ff:58:46:53:49:8d:47:68:8a:67:72:56:e2:05:5b:
52:c7:1d:be:4c:3d:b8:00:e9:33:35:6e:e6:ee:f2:ea:6e:aa:
dc:43:86:4c:05:ab:eb:e8:4f:84:f8:cc:12:e7:e8:d1:3c:ba:
f5:8c:3f:19:30:c8:e0:83:2f:41:18:07:0e:e8:7a:14:1a:2e:
df:ef:7e:33:8e:14:b5:05:a3:a5:4e:1a:71:be:05:b1:81:63:
1f:a9:8f:25:14:a0:66:a9:5e:fa:1c:58:0a:b0:b2:2f:2e:50:
1e:20:13:19:96:c0:3f:02:ae:63:98:30:65:3c:90:0e:f2:74:
ed:e5:73:40:79:c4:48:f6:4a:6c:a1:55:39:2c:cf:e5:ea:bf:
9c:09:0a:c1:57:d2:8f:ba:85:14:49:f4:9d:8b:d5:1c:a2:e4:
32:f4:78:9d:53:27:4d:ad:ed:e6:c6:0b:86:41:5c:80:f5:93:
54:c4:f8:2a:16:8a:20:df:81:54:d4:37:e8:1e:5c:fe:7b:68:
2f:05:1f:87:a1:80:12:98:0a:f1:91:fa:84:fd:33:6a:40:08:
25:93:f0:9d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMmTukg8jauj5oiEY4NiPtO6nj3UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzhhOTNjODFlY2QzMDhlNmE3NjMyNzE3MDQ1YjNkMzUx
NTAxMjBmODAeFw0yNjAzMjMwNTQ5NTFaFw0yNzAzMjIwNTU0NTFaMDMxMTAvBgNV
BAMTKEM1MUU3MUFDQTE2NjczMzM1MTA0RTQxQ0E1OEUzRTI0NzZCOTUyQ0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZ6zVSqeD3OB1AJssG87AOwTFF
EbgqCxWeLHzaegIOKVF62CqFLBsc+LmUVHtdmWo4LMusv3aCILJh8x8EAIe4WFTc
xWJzbZkNywWQtooZMLE6F0vPK1jc6WdlGTBHiyXNKrLWi29ca41+aBGRwnxTw7ZL
04b8URYOjYU7/QtaMEXvoghK3rcouiOb2pdmHSHB7fpMchJyr7yw6meHQOpuN47r
HNKavGx0sdicbNSMStLUDGhJ2L1UmONYbGCqlRfsJ1AUzhES5RrMhct7CpFDazPf
F7tJvdyqc+iGPdsvkprL8HK9r+kTbFjqTi72q2W4jRL7+tN6gZEDSX3N6LDdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUxR5xrKFmczNRBOQcpY4+JHa5UsowHwYDVR0j
BBgwFoAUOKk8gezTCOanYycXBFs9NRUBIPgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTgyYzY1YjktNzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZm
OWI4LzAvMzhBOTNDODFFQ0QzMDhFNkE3NjMyNzE3MDQ1QjNEMzUxNTAxMjBGOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL09LazhnZXpUQ09hbll5Y1hCRnM5TlJV
QklQZy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTgyYzY1Yjkt
NzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZmOWI4LzAvMzEzODM1MmUzNTM4MmUzMTM1
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMwMzIzMjMwMzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5Op0wDQYJKoZIhvcNAQELBQADggEBALOAJN1m5x+p7PBCSMq2fzU7ni9SSI1j
ksK6VSVHCNUfyt4VvFA0dP9YRlNJjUdoimdyVuIFW1LHHb5MPbgA6TM1bubu8upu
qtxDhkwFq+voT4T4zBLn6NE8uvWMPxkwyOCDL0EYBw7oehQaLt/vfjOOFLUFo6VO
GnG+BbGBYx+pjyUUoGapXvocWAqwsi8uUB4gExmWwD8CrmOYMGU8kA7ydO3lc0B5
xEj2SmyhVTksz+Xqv5wJCsFX0o+6hRRJ9J2L1Ryi5DL0eJ1TJ02t7ebGC4ZBXID1
k1TE+CoWiiDfgVTUN+geXP57aC8FH4ehgBKYCvGR+oT9M2pACCWT8J0=
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:13:06 2026 by rpki-client