Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138352e38332e3230322e302f32342d3234203d3e203136353039.roa
File: 3138352e38332e3230322e302f32342d3234203d3e203136353039.roa (raw, json)
Hash identifier: B7mtaG9xCiFIvvwkvrsrSdVmctfuPJRrfXOKG8MJruI=
Subject key identifier: 86:90:0A:40:4F:C8:F3:83:B9:88:48:5B:87:14:18:98:8D:D3:DE:E9
Certificate issuer: /CN=7374bc6d025135bed9539779a03fdd64abeba11f
Certificate serial: 4DFB41F93C670CEDE6B254F534DADB08098443C6
Authority key identifier: 73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138352e38332e3230322e302f32342d3234203d3e203136353039.roa
Signing time: Thu 26 Mar 2026 09:00:54 +0000
ROA not before: Thu 26 Mar 2026 08:55:54 +0000
ROA not after: Thu 25 Mar 2027 09:00:54 +0000
asID: 16509
IP address blocks: 185.83.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.mft
rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 12:59:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:fb:41:f9:3c:67:0c:ed:e6:b2:54:f5:34:da:db:08:09:84:43:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7374bc6d025135bed9539779a03fdd64abeba11f
Validity
Not Before: Mar 26 08:55:54 2026 GMT
Not After : Mar 25 09:00:54 2027 GMT
Subject: CN=86900A404FC8F383B988485B871418988DD3DEE9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:39:1a:c6:c4:84:e9:b9:b7:65:0d:7a:c8:6d:
0f:2d:c2:05:ee:de:06:88:c5:dc:06:c5:23:10:39:
78:df:84:b0:86:5c:d2:3c:4e:6f:84:8b:84:e0:f8:
32:74:c6:02:fd:d5:ce:62:3c:4a:26:4c:15:32:0f:
fd:f6:24:c1:37:8b:80:b6:81:4d:ef:ab:20:a3:f4:
dc:3a:58:db:08:a9:15:bb:f8:9a:58:be:d4:4a:97:
3b:cc:e3:74:dc:44:ea:85:bd:40:bf:55:04:f5:d7:
cd:f7:9e:09:6f:15:c1:3d:4e:b6:46:b5:d5:5d:b4:
ab:3e:d8:a3:3b:1d:9b:62:36:cb:6a:27:3c:b2:ae:
35:e7:07:74:ce:ad:59:1b:69:94:78:08:9b:5a:d2:
1e:ec:c8:7d:53:d7:29:f4:24:42:83:07:70:29:0b:
c8:6e:a4:74:39:2d:1c:ed:07:df:c6:1e:36:80:14:
9e:fe:01:86:8c:67:3b:8b:e4:9d:3b:84:86:b7:c7:
8f:da:24:95:32:c3:69:7e:e3:e6:5a:5f:94:e6:ac:
16:3b:65:2c:b9:6e:42:ef:50:fa:34:dd:73:85:04:
48:a1:e2:b6:66:04:72:4c:6d:ed:66:2f:f9:c0:9d:
54:3f:95:02:26:f4:44:d0:a6:1b:a1:30:b5:b6:d7:
dc:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:90:0A:40:4F:C8:F3:83:B9:88:48:5B:87:14:18:98:8D:D3:DE:E9
X509v3 Authority Key Identifier:
keyid:73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138352e38332e3230322e302f32342d3234203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.202.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:64:c5:d7:01:73:2e:e4:f3:68:4b:93:cc:b4:cf:a4:4c:ce:
87:9b:1e:7b:b8:f4:5a:d0:17:e4:c0:e0:fb:1b:35:5e:48:10:
50:e5:31:ba:dc:5d:46:33:a9:38:44:1f:08:17:32:fb:af:4b:
e2:b4:a1:ef:92:e9:b0:eb:e2:ad:da:b6:16:b1:3d:00:b5:a4:
c8:78:eb:7f:d3:c8:a0:e7:44:9a:dc:0f:f4:5f:dc:7a:23:fd:
b4:87:83:35:b0:4b:40:46:1c:e2:c8:d6:04:bc:cd:74:71:fe:
41:ce:3a:5a:77:68:73:83:ff:19:8b:c5:11:51:06:82:ce:d1:
df:6e:cb:35:24:ca:df:61:c8:78:fd:2e:da:6f:ab:c5:65:de:
d1:c6:b7:0f:d1:67:09:51:e5:be:98:f0:43:e6:ea:d3:40:8f:
b5:03:8e:ab:a9:e1:a7:a6:67:b4:b9:24:b7:99:cf:25:58:14:
30:48:67:7d:05:cd:0f:22:a2:8f:de:93:bd:90:4b:94:60:06:
89:f3:02:2a:c3:46:94:7a:43:74:2f:a7:7a:2d:d8:2e:98:8b:
ac:61:4c:1c:4a:4b:3d:65:eb:05:a1:67:c2:12:92:b7:0f:3f:
31:e8:d8:7a:b3:5f:b2:c9:77:68:51:f4:84:5e:88:ae:42:f3:
91:48:bc:18
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUTftB+TxnDO3mslT1NNrbCAmEQ8YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM3NGJjNmQwMjUxMzViZWQ5NTM5Nzc5YTAzZmRkNjRh
YmViYTExZjAeFw0yNjAzMjYwODU1NTRaFw0yNzAzMjUwOTAwNTRaMDMxMTAvBgNV
BAMTKDg2OTAwQTQwNEZDOEYzODNCOTg4NDg1Qjg3MTQxODk4OEREM0RFRTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9ORrGxITpubdlDXrIbQ8twgXu
3gaIxdwGxSMQOXjfhLCGXNI8Tm+Ei4Tg+DJ0xgL91c5iPEomTBUyD/32JME3i4C2
gU3vqyCj9Nw6WNsIqRW7+JpYvtRKlzvM43TcROqFvUC/VQT11833nglvFcE9TrZG
tdVdtKs+2KM7HZtiNstqJzyyrjXnB3TOrVkbaZR4CJta0h7syH1T1yn0JEKDB3Ap
C8hupHQ5LRztB9/GHjaAFJ7+AYaMZzuL5J07hIa3x4/aJJUyw2l+4+ZaX5TmrBY7
ZSy5bkLvUPo03XOFBEih4rZmBHJMbe1mL/nAnVQ/lQIm9ETQphuhMLW219zJAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUhpAKQE/I84O5iEhbhxQYmI3T3ukwHwYDVR0j
BBgwFoAUc3S8bQJRNb7ZU5d5oD/dZKvroR8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTQyNTg1ZjctYmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0
N2QyLzAvNzM3NEJDNkQwMjUxMzVCRUQ5NTM5Nzc5QTAzRkRENjRBQkVCQTExRi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MzUzhiUUpSTmI3WlU1ZDVvRF9kWkt2
cm9SOC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTQyNTg1Zjct
YmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0N2QyLzAvMzEzODM1MmUzODMzMmUzMjMw
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM2MzUzMDM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uVPKMA0GCSqGSIb3DQEBCwUAA4IBAQB+ZMXXAXMu5PNoS5PMtM+kTM6Hmx57uPRa
0BfkwOD7GzVeSBBQ5TG63F1GM6k4RB8IFzL7r0vitKHvkumw6+Kt2rYWsT0AtaTI
eOt/08ig50Sa3A/0X9x6I/20h4M1sEtARhziyNYEvM10cf5Bzjpad2hzg/8Zi8UR
UQaCztHfbss1JMrfYch4/S7ab6vFZd7RxrcP0WcJUeW+mPBD5urTQI+1A46rqeGn
pme0uSS3mc8lWBQwSGd9Bc0PIqKP3pO9kEuUYAaJ8wIqw0aUekN0L6d6LdgumIus
YUwcSks9ZesFoWfCEpK3Dz8x6Nh6s1+yyXdoUfSEXoiuQvORSLwY
-----END CERTIFICATE-----
Generated at Thu Mar 26 20:33:56 2026 by rpki-client