Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3132382e302f32342d3234203d3e203633303233.roa
File: 3138382e3230392e3132382e302f32342d3234203d3e203633303233.roa (raw, json)
Hash identifier: ZImgqwyAoRghxapxYcQce3KcfMYUbz4jsvF8cz4HHJA=
Subject key identifier: E9:9C:30:41:EB:E6:7A:0C:F3:6F:96:ED:07:9B:C0:FE:DF:75:F2:8A
Certificate issuer: /CN=7374bc6d025135bed9539779a03fdd64abeba11f
Certificate serial: 7B260C91BB34EA809AF09343B5E4917FF94099B3
Authority key identifier: 73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3132382e302f32342d3234203d3e203633303233.roa
Signing time: Thu 26 Mar 2026 09:00:55 +0000
ROA not before: Thu 26 Mar 2026 08:55:55 +0000
ROA not after: Thu 25 Mar 2027 09:00:55 +0000
asID: 63023
IP address blocks: 188.209.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.mft
rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 12:59:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:26:0c:91:bb:34:ea:80:9a:f0:93:43:b5:e4:91:7f:f9:40:99:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7374bc6d025135bed9539779a03fdd64abeba11f
Validity
Not Before: Mar 26 08:55:55 2026 GMT
Not After : Mar 25 09:00:55 2027 GMT
Subject: CN=E99C3041EBE67A0CF36F96ED079BC0FEDF75F28A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:7d:1f:fd:e8:49:ae:d7:6e:7c:6a:dc:15:56:
99:80:69:e8:a0:4e:e0:36:a5:87:ad:29:45:43:b8:
85:73:f7:e3:cd:28:b7:28:08:1c:0c:ad:c2:1f:83:
1e:8c:1a:a6:ee:74:19:9b:68:13:69:e7:d3:86:f4:
19:2a:d4:19:6e:b5:bd:00:e7:ff:58:d2:8a:ff:1d:
05:6c:6b:1c:57:89:14:1a:85:a9:21:76:fc:36:52:
db:de:fc:3d:d2:8b:72:5a:53:b7:93:56:7a:37:e9:
ed:a4:91:4a:11:72:c6:70:f5:65:7b:09:9b:64:8f:
c0:0e:62:e3:2a:ca:3e:03:85:bb:04:be:36:8a:ea:
65:89:79:bb:28:57:82:65:1b:40:87:bb:e6:62:da:
7d:bd:40:ea:c5:fc:00:a3:a8:e6:ec:07:1f:50:d6:
d4:f4:ce:fc:f3:b6:a8:ab:72:67:08:15:ef:22:98:
b5:c5:e2:2d:33:8a:36:d5:30:f5:e7:51:ff:32:bb:
5c:0f:0e:e3:cb:bd:d4:9d:e1:19:2b:ed:a2:6d:ba:
3c:92:82:43:8c:e6:1a:56:24:5f:a2:a0:3d:35:ff:
ba:51:b1:30:f7:ce:75:85:4e:ba:13:8a:8d:c4:1e:
d8:cb:3a:bc:34:cc:64:75:5e:cc:1d:11:6d:3e:85:
b3:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:9C:30:41:EB:E6:7A:0C:F3:6F:96:ED:07:9B:C0:FE:DF:75:F2:8A
X509v3 Authority Key Identifier:
keyid:73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3132382e302f32342d3234203d3e203633303233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.128.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:a2:97:57:96:05:c2:8d:38:9b:5f:77:49:58:5d:66:16:c3:
f4:f7:51:56:b4:ed:b0:e0:76:63:a4:25:ff:57:9e:9e:5e:47:
8e:aa:a1:2f:00:90:49:52:c7:d1:f1:b0:4d:a4:41:55:79:a4:
69:3d:26:6e:7c:48:1a:03:f2:13:93:2e:11:4c:6f:2a:7c:4d:
30:b9:c6:b8:c5:33:37:05:00:a7:b2:0a:b0:ac:b3:50:51:1d:
a5:70:2f:61:a0:ec:ed:c0:a2:2e:a9:dc:fb:95:1a:96:7b:f4:
ac:67:5a:0c:55:94:34:41:10:65:80:de:00:81:e7:5c:2f:4c:
c9:d7:a6:0e:05:7c:8d:e5:9f:c1:4d:23:50:aa:90:5e:0e:9c:
41:65:ca:71:1d:93:ec:82:29:a1:4c:8e:b7:d0:7e:80:7b:bf:
38:de:59:6a:04:97:10:7d:b8:e1:d0:3c:ea:79:42:15:9f:98:
06:f4:6b:4c:01:9f:d8:a0:5f:03:80:b7:d4:f0:8d:e1:75:06:
19:a2:42:30:b7:14:2b:20:9d:3c:55:f3:2a:54:ab:ca:90:37:
cf:e1:f8:0c:20:f9:a8:1e:0c:ff:a4:39:89:36:f8:ae:d0:32:
53:65:a9:73:61:99:f6:ec:69:f7:49:0f:ff:6e:6d:c6:be:75:
eb:47:d7:68
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUeyYMkbs06oCa8JNDteSRf/lAmbMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM3NGJjNmQwMjUxMzViZWQ5NTM5Nzc5YTAzZmRkNjRh
YmViYTExZjAeFw0yNjAzMjYwODU1NTVaFw0yNzAzMjUwOTAwNTVaMDMxMTAvBgNV
BAMTKEU5OUMzMDQxRUJFNjdBMENGMzZGOTZFRDA3OUJDMEZFREY3NUYyOEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBfR/96Emu1258atwVVpmAaeig
TuA2pYetKUVDuIVz9+PNKLcoCBwMrcIfgx6MGqbudBmbaBNp59OG9Bkq1Blutb0A
5/9Y0or/HQVsaxxXiRQahakhdvw2Utve/D3Si3JaU7eTVno36e2kkUoRcsZw9WV7
CZtkj8AOYuMqyj4DhbsEvjaK6mWJebsoV4JlG0CHu+Zi2n29QOrF/ACjqObsBx9Q
1tT0zvzztqircmcIFe8imLXF4i0zijbVMPXnUf8yu1wPDuPLvdSd4Rkr7aJtujyS
gkOM5hpWJF+ioD01/7pRsTD3znWFTroTio3EHtjLOrw0zGR1XswdEW0+hbMrAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU6ZwwQevmegzzb5btB5vA/t918oowHwYDVR0j
BBgwFoAUc3S8bQJRNb7ZU5d5oD/dZKvroR8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTQyNTg1ZjctYmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0
N2QyLzAvNzM3NEJDNkQwMjUxMzVCRUQ5NTM5Nzc5QTAzRkRENjRBQkVCQTExRi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MzUzhiUUpSTmI3WlU1ZDVvRF9kWkt2
cm9SOC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTQyNTg1Zjct
YmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0N2QyLzAvMzEzODM4MmUzMjMwMzkyZTMx
MzIzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzMzMDMyMzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC80YAwDQYJKoZIhvcNAQELBQADggEBAKyil1eWBcKNOJtfd0lYXWYWw/T3UVa0
7bDgdmOkJf9Xnp5eR46qoS8AkElSx9HxsE2kQVV5pGk9Jm58SBoD8hOTLhFMbyp8
TTC5xrjFMzcFAKeyCrCss1BRHaVwL2Gg7O3Aoi6p3PuVGpZ79KxnWgxVlDRBEGWA
3gCB51wvTMnXpg4FfI3ln8FNI1CqkF4OnEFlynEdk+yCKaFMjrfQfoB7vzjeWWoE
lxB9uOHQPOp5QhWfmAb0a0wBn9igXwOAt9TwjeF1BhmiQjC3FCsgnTxV8ypUq8qQ
N8/h+Awg+ageDP+kOYk2+K7QMlNlqXNhmfbsafdJD/9ubca+detH12g=
-----END CERTIFICATE-----
Generated at Thu Mar 26 20:33:38 2026 by rpki-client