Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138352e38332e3230322e302f32342d3234203d3e203134363138.roa
File: 3138352e38332e3230322e302f32342d3234203d3e203134363138.roa (raw, json)
Hash identifier: hH75C362GxjBZLEd72lZJgQDpk1enQcBK6wnlSISMss=
Subject key identifier: F6:71:BC:94:6B:0B:06:57:D4:7B:B7:2E:AA:28:9B:1A:72:CF:D9:AE
Certificate issuer: /CN=7374bc6d025135bed9539779a03fdd64abeba11f
Certificate serial: 56B2FBBF71F2D2254DAAFEAF66CDEA3E81A7860C
Authority key identifier: 73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138352e38332e3230322e302f32342d3234203d3e203134363138.roa
Signing time: Thu 26 Mar 2026 09:00:56 +0000
ROA not before: Thu 26 Mar 2026 08:55:56 +0000
ROA not after: Thu 25 Mar 2027 09:00:56 +0000
asID: 14618
IP address blocks: 185.83.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.mft
rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 12:59:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:b2:fb:bf:71:f2:d2:25:4d:aa:fe:af:66:cd:ea:3e:81:a7:86:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7374bc6d025135bed9539779a03fdd64abeba11f
Validity
Not Before: Mar 26 08:55:56 2026 GMT
Not After : Mar 25 09:00:56 2027 GMT
Subject: CN=F671BC946B0B0657D47BB72EAA289B1A72CFD9AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a8:2d:0e:72:24:a4:c8:3b:fe:89:c9:3a:0d:
c4:69:3d:ac:e0:7d:d3:e8:bb:83:1d:13:56:ff:51:
c9:72:80:c1:47:09:10:14:be:98:94:49:a1:ed:c6:
23:8f:13:b9:37:6a:44:39:ec:ac:5d:75:40:b7:e3:
a4:db:d8:17:8b:62:6b:78:2c:8d:8c:91:40:c6:ff:
d5:bd:88:8b:b5:84:7a:50:d9:69:b6:d0:ad:63:4e:
39:f2:cb:eb:b9:65:e6:f0:81:68:e3:8c:52:a5:90:
2d:f5:58:7b:f7:b4:7d:5c:7c:69:61:0a:9c:47:da:
27:3e:06:15:51:dc:7a:5e:b1:79:e8:f7:18:1b:59:
83:9c:a8:23:c0:b8:87:e2:00:3b:45:9b:6d:38:09:
36:e3:c2:97:11:5d:0f:ce:52:32:39:02:c8:c3:e8:
85:f7:88:39:bc:03:6e:9a:ef:0b:cb:7d:5b:ef:89:
c9:8b:53:f7:9a:80:ad:cd:7d:5d:db:2f:6b:6f:0b:
ae:26:c3:b3:23:65:64:72:09:b1:bd:3e:2d:b3:0f:
40:c6:0f:77:47:b9:a9:81:77:11:e1:10:3c:3b:72:
45:1b:b2:81:33:ac:73:8e:a9:13:1c:2b:61:27:fe:
e2:28:ef:1f:23:2e:d8:16:02:db:e7:b1:57:1c:92:
8f:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:71:BC:94:6B:0B:06:57:D4:7B:B7:2E:AA:28:9B:1A:72:CF:D9:AE
X509v3 Authority Key Identifier:
keyid:73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138352e38332e3230322e302f32342d3234203d3e203134363138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.202.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:c2:64:87:6a:bb:b0:4b:7f:1b:77:50:97:67:bd:0d:e9:5e:
5e:ea:2d:d1:7c:28:56:92:00:18:c1:a9:60:62:78:db:47:cb:
c4:45:d5:19:62:d9:84:07:44:0b:f0:61:04:80:8c:20:e4:bd:
e2:b9:d3:5a:8d:33:65:59:23:e7:e4:13:81:12:ef:f7:09:70:
7e:d9:3c:84:7e:39:bb:5e:1d:fd:79:66:1a:76:09:96:54:3d:
78:6a:e8:8b:30:c6:ed:44:e7:bb:6d:e9:88:e6:42:c1:c2:8c:
61:0c:e1:ba:64:2b:b0:bc:78:23:33:33:6f:be:f7:bd:73:05:
d0:b4:61:db:39:ce:c0:88:ea:65:8c:c5:18:6e:b9:4d:03:8c:
61:68:16:e8:01:8a:93:73:27:d8:51:c5:0a:d6:45:a9:cb:5c:
f9:12:7f:82:3c:43:11:9b:99:e0:01:2f:a1:34:6d:1a:3e:ec:
47:66:c0:8f:04:c3:96:6d:0e:17:33:0a:c3:f3:c5:69:b2:c5:
1b:9f:0b:ab:58:05:ff:82:32:f0:21:ac:fc:44:72:8f:15:d2:
1c:f9:f2:ff:ba:14:34:95:ed:e5:31:de:54:a3:0a:c7:ef:a8:
75:ac:60:5d:30:05:d3:d2:cb:71:86:7c:d9:4d:b2:c7:30:bb:
e3:b6:21:d6
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUVrL7v3Hy0iVNqv6vZs3qPoGnhgwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM3NGJjNmQwMjUxMzViZWQ5NTM5Nzc5YTAzZmRkNjRh
YmViYTExZjAeFw0yNjAzMjYwODU1NTZaFw0yNzAzMjUwOTAwNTZaMDMxMTAvBgNV
BAMTKEY2NzFCQzk0NkIwQjA2NTdENDdCQjcyRUFBMjg5QjFBNzJDRkQ5QUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUqC0OciSkyDv+ick6DcRpPazg
fdPou4MdE1b/UclygMFHCRAUvpiUSaHtxiOPE7k3akQ57KxddUC346Tb2BeLYmt4
LI2MkUDG/9W9iIu1hHpQ2Wm20K1jTjnyy+u5ZebwgWjjjFKlkC31WHv3tH1cfGlh
CpxH2ic+BhVR3HpesXno9xgbWYOcqCPAuIfiADtFm204CTbjwpcRXQ/OUjI5AsjD
6IX3iDm8A26a7wvLfVvvicmLU/eagK3NfV3bL2tvC64mw7MjZWRyCbG9Pi2zD0DG
D3dHuamBdxHhEDw7ckUbsoEzrHOOqRMcK2En/uIo7x8jLtgWAtvnsVccko+/AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU9nG8lGsLBlfUe7cuqiibGnLP2a4wHwYDVR0j
BBgwFoAUc3S8bQJRNb7ZU5d5oD/dZKvroR8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTQyNTg1ZjctYmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0
N2QyLzAvNzM3NEJDNkQwMjUxMzVCRUQ5NTM5Nzc5QTAzRkRENjRBQkVCQTExRi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MzUzhiUUpSTmI3WlU1ZDVvRF9kWkt2
cm9SOC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTQyNTg1Zjct
YmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0N2QyLzAvMzEzODM1MmUzODMzMmUzMjMw
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM0MzYzMTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uVPKMA0GCSqGSIb3DQEBCwUAA4IBAQC0wmSHaruwS38bd1CXZ70N6V5e6i3RfChW
kgAYwalgYnjbR8vERdUZYtmEB0QL8GEEgIwg5L3iudNajTNlWSPn5BOBEu/3CXB+
2TyEfjm7Xh39eWYadgmWVD14auiLMMbtROe7bemI5kLBwoxhDOG6ZCuwvHgjMzNv
vve9cwXQtGHbOc7AiOpljMUYbrlNA4xhaBboAYqTcyfYUcUK1kWpy1z5En+CPEMR
m5ngAS+hNG0aPuxHZsCPBMOWbQ4XMwrD88VpssUbnwurWAX/gjLwIaz8RHKPFdIc
+fL/uhQ0le3lMd5UowrH76h1rGBdMAXT0stxhnzZTbLHMLvjtiHW
-----END CERTIFICATE-----
Generated at Thu Mar 26 20:33:52 2026 by rpki-client