Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138352e38332e3230302e302f32332d3234203d3e20323734303234.roa
File: 3138352e38332e3230302e302f32332d3234203d3e20323734303234.roa (raw, json)
Hash identifier: zpZ+WnAWB3azqQBIOUOydae0qgrUZEc6MmR0NrO7so8=
Subject key identifier: 55:5A:2C:13:6B:A7:5A:7E:71:56:F9:2C:EF:59:1F:01:EB:B2:C5:E8
Certificate issuer: /CN=7374bc6d025135bed9539779a03fdd64abeba11f
Certificate serial: 625DA788531C37AD2953CF40BD5BCAA270CC04D2
Authority key identifier: 73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138352e38332e3230302e302f32332d3234203d3e20323734303234.roa
Signing time: Thu 26 Mar 2026 09:00:57 +0000
ROA not before: Thu 26 Mar 2026 08:55:57 +0000
ROA not after: Thu 25 Mar 2027 09:00:57 +0000
asID: 274024
IP address blocks: 185.83.200.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.mft
rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 12:59:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:5d:a7:88:53:1c:37:ad:29:53:cf:40:bd:5b:ca:a2:70:cc:04:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7374bc6d025135bed9539779a03fdd64abeba11f
Validity
Not Before: Mar 26 08:55:57 2026 GMT
Not After : Mar 25 09:00:57 2027 GMT
Subject: CN=555A2C136BA75A7E7156F92CEF591F01EBB2C5E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:e5:85:ed:b1:66:f4:d6:f0:47:69:b4:ab:03:
29:e0:5a:79:99:06:1e:3f:89:c4:13:17:df:55:0a:
b6:52:9b:8a:fc:bd:17:b1:ca:ad:18:a5:ae:2e:ce:
8d:ac:ce:ba:21:f1:c6:24:a7:d1:28:85:5d:62:7c:
9b:d1:7c:00:b0:a2:9f:3b:24:a6:de:01:9b:d1:2f:
e1:cb:51:3c:92:33:df:e1:2f:7e:c2:f8:a6:90:74:
29:c0:30:7a:40:27:34:9d:66:79:87:fd:27:ef:8c:
ca:81:24:d6:b5:fb:41:94:8e:8e:c0:92:b7:75:65:
9e:fd:b1:08:82:84:8f:83:9a:65:2a:f9:64:d3:ef:
9a:d4:71:ee:09:f2:f3:1f:aa:f2:06:7d:fc:5c:c9:
24:b9:cc:c5:af:4c:39:11:a8:95:d1:7c:f5:a7:e2:
fa:e4:7a:e0:5a:a3:d3:cc:8d:f7:1f:af:96:4c:3d:
e9:b5:e3:cc:6b:6d:35:fb:b1:82:b4:3f:a4:dc:23:
4f:55:75:41:d9:d8:71:53:23:f2:58:de:2a:bd:a9:
c3:9e:ce:78:17:54:67:d3:be:48:4b:17:f2:92:e1:
d6:0f:83:55:e0:7c:9c:6c:1b:09:8d:f2:7b:f2:90:
c1:11:0f:d7:7a:a8:f0:8b:12:84:f4:a3:36:77:28:
35:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:5A:2C:13:6B:A7:5A:7E:71:56:F9:2C:EF:59:1F:01:EB:B2:C5:E8
X509v3 Authority Key Identifier:
keyid:73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138352e38332e3230302e302f32332d3234203d3e20323734303234.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.200.0/23
Signature Algorithm: sha256WithRSAEncryption
47:ea:2c:df:21:9d:00:44:a5:3f:d4:b5:85:59:cc:be:c0:54:
98:dd:53:16:fd:42:46:cd:35:aa:e1:41:0c:17:64:30:58:d6:
8e:ae:6f:91:ee:e5:80:88:f8:86:da:e6:94:58:4a:d9:0f:b1:
c3:50:a6:c8:a2:8c:42:97:a0:1f:2b:1c:88:77:3d:41:92:ee:
0a:2e:0b:8f:b9:2b:69:6b:0b:fa:19:d0:8a:9f:97:b6:0e:ac:
d0:74:09:e9:ec:63:c2:f2:1f:3c:a8:5b:3d:e3:53:04:d8:2a:
12:01:f4:63:72:2a:44:51:b2:f5:67:32:e7:81:4f:fc:78:2f:
0d:59:ce:4e:c0:ad:50:91:8f:00:a8:3b:3a:81:56:5c:70:42:
1b:78:d7:09:1b:21:03:81:af:bc:15:64:ac:cb:76:57:31:59:
ab:c0:0a:07:54:b6:be:f9:b1:ed:80:78:10:d0:64:26:61:db:
a8:42:25:f6:c7:fb:2a:f9:e3:da:03:97:c0:6c:9e:94:83:29:
a5:ef:06:dd:cf:db:f7:58:e2:d4:81:c5:4f:50:59:c4:0d:4d:
0f:10:9a:58:93:ae:d2:76:0c:93:1d:56:ed:3f:04:36:ba:30:
99:b4:74:de:e1:55:63:9c:ad:6c:3a:41:04:d6:1f:63:b7:ad:
2a:3e:11:2a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUYl2niFMcN60pU89AvVvKonDMBNIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM3NGJjNmQwMjUxMzViZWQ5NTM5Nzc5YTAzZmRkNjRh
YmViYTExZjAeFw0yNjAzMjYwODU1NTdaFw0yNzAzMjUwOTAwNTdaMDMxMTAvBgNV
BAMTKDU1NUEyQzEzNkJBNzVBN0U3MTU2RjkyQ0VGNTkxRjAxRUJCMkM1RTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDT5YXtsWb01vBHabSrAyngWnmZ
Bh4/icQTF99VCrZSm4r8vRexyq0Ypa4uzo2szroh8cYkp9EohV1ifJvRfACwop87
JKbeAZvRL+HLUTySM9/hL37C+KaQdCnAMHpAJzSdZnmH/SfvjMqBJNa1+0GUjo7A
krd1ZZ79sQiChI+DmmUq+WTT75rUce4J8vMfqvIGffxcySS5zMWvTDkRqJXRfPWn
4vrkeuBao9PMjfcfr5ZMPem148xrbTX7sYK0P6TcI09VdUHZ2HFTI/JY3iq9qcOe
zngXVGfTvkhLF/KS4dYPg1XgfJxsGwmN8nvykMERD9d6qPCLEoT0ozZ3KDUjAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUVVosE2unWn5xVvks71kfAeuyxegwHwYDVR0j
BBgwFoAUc3S8bQJRNb7ZU5d5oD/dZKvroR8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTQyNTg1ZjctYmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0
N2QyLzAvNzM3NEJDNkQwMjUxMzVCRUQ5NTM5Nzc5QTAzRkRENjRBQkVCQTExRi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MzUzhiUUpSTmI3WlU1ZDVvRF9kWkt2
cm9SOC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTQyNTg1Zjct
YmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0N2QyLzAvMzEzODM1MmUzODMzMmUzMjMw
MzAyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzMjM3MzQzMDMyMzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG5U8gwDQYJKoZIhvcNAQELBQADggEBAEfqLN8hnQBEpT/UtYVZzL7AVJjdUxb9
QkbNNarhQQwXZDBY1o6ub5Hu5YCI+Iba5pRYStkPscNQpsiijEKXoB8rHIh3PUGS
7gouC4+5K2lrC/oZ0Iqfl7YOrNB0CensY8LyHzyoWz3jUwTYKhIB9GNyKkRRsvVn
MueBT/x4Lw1Zzk7ArVCRjwCoOzqBVlxwQht41wkbIQOBr7wVZKzLdlcxWavACgdU
tr75se2AeBDQZCZh26hCJfbH+yr549oDl8BsnpSDKaXvBt3P2/dY4tSBxU9QWcQN
TQ8QmliTrtJ2DJMdVu0/BDa6MJm0dN7hVWOcrWw6QQTWH2O3rSo+ESo=
-----END CERTIFICATE-----
Generated at Thu Mar 26 20:33:56 2026 by rpki-client